Analysis Overview
SHA256
9742689a50e96ddc04d80ceff046b28da2beefd617be18166f8c5e715ec60c59
Threat Level: Shows suspicious behavior
The file vlc-3.0.21-win64 (1).exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: [email protected]
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
Loads dropped DLL
Unsigned PE
Browser Information Discovery
Enumerates physical storage devices
Command and Scripting Interpreter: JavaScript
System Location Discovery: System Language Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Suspicious behavior: AddClipboardFormatListener
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious behavior: GetForegroundWindowSpam
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-14 03:35
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
88s
Max time network
97s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\lua\http\custom.js
Network
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
146s
Max time network
153s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\mosaic_window.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffdafa53cb8,0x7ffdafa53cc8,0x7ffdafa53cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1916 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2820 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4660 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5024 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1824,14554634199945154801,6575101354442463383,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4660 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d91478312beae099b8ed57e547611ba2 |
| SHA1 | 4b927559aedbde267a6193e3e480fb18e75c43d7 |
| SHA256 | df43cd7779d9fc91fd0416155d6771bc81565e98be38689cb17caece256bf043 |
| SHA512 | 4086c4ebe410a37d0124fc8bd00c58775e70ab2b7b5a39b4e49b332ce5b4866c6775707436395467aff9596507c96fb4896f3bf0249c5b9c99a927f31dcc1a96 |
\??\pipe\LOCAL\crashpad_2976_XLTQWOASCXWABVCB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d7145ec3fa29a4f2df900d1418974538 |
| SHA1 | 1368d579635ba1a53d7af0ed89bf0b001f149f9d |
| SHA256 | efc56eb46cf3352bf706c0309d5d740bca6ac06142f9bdc5e8344b81d4d83d59 |
| SHA512 | 5bb663ede88f8b7c96b09c1214aac68eda99bc09525ac383baa96914ff7d553ea1aed09e3c9d16893d791c81ddb164c682dfbb4759ac0bc751221f3e36558a91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 04697c4b6c6fe99418f8db35e67d18c8 |
| SHA1 | 98182485db7d5342e7a88d0c2fa7417efe600153 |
| SHA256 | 3ab60f82839968168ade29ba4038b0468d2d9797fcf7315ef034326ee31678a5 |
| SHA512 | 1d31cc172933c2ab18e5df6c3fba86d33d94deac4edb7bcae6317a714e86c9aab05e1e4e474611e98177a29d5a52221c76b16d3d30efa30510805aa2ca7d0cbb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 86384ac23372a4a05245c59d312f9d3a |
| SHA1 | 4368f0c22c50ad4d72981ed85a4abbef2074b265 |
| SHA256 | 87d947a22db0bf49f04b195a83f86264f93e1e055aa31020c55db9b2306227b2 |
| SHA512 | f7b244399257888875630727facc13502938b4dc962de5bbdad619d9893d4f184f10640880e7efd5ced4621190d718ea34f1fdc34fed9f633daa4b4f84e962d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0d30a26a9b40c5f0e0fe64890f010e2b |
| SHA1 | 7205186ac5d3b9a04591b454bf4dd2c08e1cc29b |
| SHA256 | cdc56da7dfcf317d9e679f935e99a9f7c60b1e89e920cafb6d164bc0a17f0ea1 |
| SHA512 | eebd9cd798ac38e3c4b35baee206c988a12a165c1551dd39cdec99edb5f6c4212220c7ac3b081e40ed58ed532ca5e9fdf89683dcbdb78903b2673f270df4db54 |
Analysis: behavioral17
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
146s
Max time network
154s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\mobile.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff95b33cb8,0x7fff95b33cc8,0x7fff95b33cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5424 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1876,16507008511206663756,13065309601172521865,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4788 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| BE | 18.239.208.32:443 | releases.flowplayer.org | tcp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c03d23a8155753f5a936bd7195e475bc |
| SHA1 | cdf47f410a3ec000e84be83a3216b54331679d63 |
| SHA256 | 6f5f7996d9b0e131dc2fec84859b7a8597c11a67dd41bdb5a5ef21a46e1ae0ca |
| SHA512 | 6ea9a631b454d7e795ec6161e08dbe388699012dbbc9c8cfdf73175a0ecd51204d45cf28a6f1706c8d5f1780666d95e46e4bc27752da9a9d289304f1d97c2f41 |
\??\pipe\LOCAL\crashpad_4140_FRXBPNKWHHQNUJEH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3d68c7edc2a288ee58e6629398bb9f7c |
| SHA1 | 6c1909dea9321c55cae38b8f16bd9d67822e2e51 |
| SHA256 | dfd733ed3cf4fb59f2041f82fdf676973783ffa75b9acca095609c7d4f73587b |
| SHA512 | 0eda66a07ec4cdb46b0f27d6c8cc157415d803af610b7430adac19547e121f380b9c6a2840f90fe49eaea9b48fa16079d93833c2bcf4b85e3c401d90d464ad2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4ebe71cc66b322c52560f24831888e43 |
| SHA1 | c4830fb9c841b6fc391483f4c171a8fb7bc91b8e |
| SHA256 | 29d31e9e0f57872db6fbc114a67c5510eb8c8cd9be8a1ab6bd55fa5b1bd96662 |
| SHA512 | 52ee74a7e11b1bc706f7f2e1124ac7b91e0905d93764a672390087245c224a693d3320a44e332140f8c6d96adb134b0a6022e3f43260f0e64ead9089c8965b25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0d82dbc06fb9190357f1560339ad0867 |
| SHA1 | b9c523163d4f64b6f4f6258592ca78cbeafbb9f9 |
| SHA256 | 4c2265479d62dec728827bdf0488a428a9c0232a60b4df12e7ad895ee43a2797 |
| SHA512 | 43bba0666e3a77d724e629aab8bc4b09216cf608764f150b7bdf9fca6068507b9614a55024bf81ab2ef1ac4ec12532c741133183837f81c0d797f63d9610ac69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 22b37f23af69456f63c2c3f3d79131b2 |
| SHA1 | db9279055675ccf7ce3190b90cda56207ca0b1af |
| SHA256 | fae0f1d6d4cff5295db732cf09314affc8cef25f545ae7a3b3d0a66fddf51434 |
| SHA512 | 02f1d0afa5af7ed8a7b1839595688bdafc23602c073023007f223126be9d618e853220348c2caa75eee270549c46fcbfc751d071b4eedbbab1696226b05f2df7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 586efaafe569af00f509d6c4a9936d68 |
| SHA1 | ae3efe435e2e226eec54b6927081aa4069008aca |
| SHA256 | 3b3de44e5200c902f1cf82b6dbbc83efe5b2276a6b9bee768e501eb8eb3818f4 |
| SHA512 | 87671b2794e99706ac975a777b3457f55a43712b89bbc0e1625aeaacd377d4f6cea4bb8ab05a99652afd11a3e9bc4b3ee56f7b2912171f95de02d3763eeecad4 |
Analysis: behavioral32
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
141s
Max time network
95s
Command Line
Signatures
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\vlc.exe
"C:\Users\Admin\AppData\Local\Temp\vlc.exe"
Network
Files
memory/4244-1-0x00007FFD12290000-0x00007FFD122C4000-memory.dmp
memory/4244-0-0x00007FF6DDD60000-0x00007FF6DDE58000-memory.dmp
memory/4244-2-0x00007FFD0D2C0000-0x00007FFD0D576000-memory.dmp
memory/4244-7-0x00007FFD09680000-0x00007FFD09A10000-memory.dmp
memory/4244-16-0x00007FFD12270000-0x00007FFD12288000-memory.dmp
memory/4244-15-0x00007FFD0DF40000-0x00007FFD0DF6F000-memory.dmp
memory/4244-25-0x00007FFD037E0000-0x00007FFD03805000-memory.dmp
memory/4244-24-0x00007FFD02560000-0x00007FFD025AF000-memory.dmp
memory/4244-23-0x00007FFCFC620000-0x00007FFCFC6B9000-memory.dmp
memory/4244-22-0x00007FFCFC6C0000-0x00007FFCFC8CB000-memory.dmp
memory/4244-21-0x00007FFD0DC20000-0x00007FFD0DC31000-memory.dmp
memory/4244-20-0x00007FFD0E170000-0x00007FFD0E181000-memory.dmp
memory/4244-19-0x00007FFD12060000-0x00007FFD1207A000-memory.dmp
memory/4244-18-0x00007FFD03810000-0x00007FFD0383D000-memory.dmp
memory/4244-17-0x00007FFD0CB40000-0x00007FFD0CB66000-memory.dmp
memory/4244-14-0x00007FFD0D020000-0x00007FFD0D061000-memory.dmp
memory/4244-13-0x00007FFCFC8D0000-0x00007FFCFC9B3000-memory.dmp
memory/4244-12-0x00007FFD0D070000-0x00007FFD0D158000-memory.dmp
memory/4244-11-0x00007FFD093E0000-0x00007FFD09676000-memory.dmp
memory/4244-9-0x00007FFD12880000-0x00007FFD12891000-memory.dmp
memory/4244-8-0x00007FFD12940000-0x00007FFD12954000-memory.dmp
memory/4244-6-0x00007FFD10C50000-0x00007FFD10C7B000-memory.dmp
memory/4244-5-0x00007FFD16FC0000-0x00007FFD16FE2000-memory.dmp
memory/4244-4-0x00007FFD17010000-0x00007FFD17029000-memory.dmp
memory/4244-3-0x00007FFD17070000-0x00007FFD17081000-memory.dmp
memory/4244-10-0x00007FFD0D160000-0x00007FFD0D232000-memory.dmp
memory/4244-29-0x00007FFCFCAE0000-0x00007FFCFCAF1000-memory.dmp
memory/4244-28-0x00007FFCFCB00000-0x00007FFCFCB12000-memory.dmp
memory/4244-27-0x00007FFD0CF00000-0x00007FFD0CF1B000-memory.dmp
memory/4244-26-0x00007FFCFC570000-0x00007FFCFC61B000-memory.dmp
memory/4244-31-0x00007FFCF5490000-0x00007FFCF56D5000-memory.dmp
memory/4244-30-0x000001FB1A9D0000-0x000001FB1C23F000-memory.dmp
Analysis: behavioral22
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
146s
Max time network
159s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\view.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffbc443cb8,0x7fffbc443cc8,0x7fffbc443cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2444 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2536 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5196 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1908,7786034059745813721,1980788950134727138,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2964 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.178.10:443 | ajax.googleapis.com | tcp |
| GB | 142.250.178.10:443 | ajax.googleapis.com | tcp |
| FR | 18.164.52.64:443 | releases.flowplayer.org | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.201.222.52.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e11c77d0fa99af6b1b282a22dcb1cf4a |
| SHA1 | 2593a41a6a63143d837700d01aa27b1817d17a4d |
| SHA256 | d96f9bfcc81ba66db49a3385266a631899a919ed802835e6fb6b9f7759476ea0 |
| SHA512 | c8f69f503ab070a758e8e3ae57945c0172ead1894fdbfa2d853e5bb976ed3817ecc8f188eefd5092481effd4ef650788c8ff9a8d9a5ee4526f090952d7c859f3 |
\??\pipe\LOCAL\crashpad_4508_ELRTLWLPTMYTQFKU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c0a1774f8079fe496e694f35dfdcf8bc |
| SHA1 | da3b4b9fca9a3f81b6be5b0cd6dd700603d448d3 |
| SHA256 | c041da0b90a5343ede7364ccf0428852103832c4efa8065a0cd1e8ce1ff181cb |
| SHA512 | 60d9e87f8383fe3afa2c8935f0e5a842624bb24b03b2d8057e0da342b08df18cf70bf55e41fa3ae54f73bc40a274cf6393d79ae01f6a1784273a25fa2761728b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 97064fe7fe1b6cd6af67d6811c81db3c |
| SHA1 | 311a33e4588ede15e3d57d451baf92e605cb0d66 |
| SHA256 | 2ebb69762bf8febb44fbc33c46a2105ff6ff30e04e6b746903256873fcbd358d |
| SHA512 | 1877bc6412ce708eaa498b238fb8e9198f1b65b0d50e2f93fa6a509f0168840c842d0715599ff4828986e8f5deb8ead8898af1c8b3751bb78306c9d8f1665cb4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e80d2e1bd03bde5c1487e687b843792d |
| SHA1 | 5a4569fcf139abcc9dbd684cf0de210c76a59311 |
| SHA256 | e867451f6af0dd1ad5e6de5e11b6860e096db52e93432ad50044bfa6b8f3e774 |
| SHA512 | 8328afdc4e7658351410369ea8795e5032f27543dad7f2bdee4352b48223b345b9ad6978c807997a3d393bcb5a1af781a735968d9a9391ab1bb9628e24a728fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 14aa7140e48e8e46798eec2f0d73c1a4 |
| SHA1 | 778f5f453ae272ada0456d15593f1a20b9427616 |
| SHA256 | 88ab3424ee0aa983c134e7c3330daf929859469a7d2b113f83834d999c6c801c |
| SHA512 | 3e2a9bbb5248d12ce00782f06f7c01ff216b141ec9455435518460bf39c3f636803943391ccb37ee8667cf76d23533c53619ee66275269e754b06364812b6ef8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e478946a61b59c2f1c73e25e127ea826 |
| SHA1 | e547371b9469fc1d6025c145adbb8fb9ae003abb |
| SHA256 | a0a7b62dadac0917d190647963f5b0b36e3f78c14455952c3fdbc52f5a82aef0 |
| SHA512 | 00e8b5ef2b041469792a2c8b46c076f73e17528a305334dcebbca2ae52a5c5219799838136be5ea2492511b290578b20ab3b42fa0242cccf181b2ad33031e0eb |
Analysis: behavioral25
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
84s
Max time network
95s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\lua\playlist\youtube.js
Network
Files
Analysis: behavioral26
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
147s
Max time network
157s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\npvlc.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
Files
memory/2356-1-0x00007FFA401F0000-0x00007FFA40224000-memory.dmp
memory/2356-0-0x00007FFA3C3A0000-0x00007FFA3C4BE000-memory.dmp
memory/2356-2-0x00007FFA3BF20000-0x00007FFA3C1D6000-memory.dmp
Analysis: behavioral30
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
88s
Max time network
97s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\plugins\access\libaccess_realrtsp_plugin.dll,#1
Network
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:45
Platform
win11-20241023-en
Max time kernel
570s
Max time network
575s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc-3.0.21-win64 (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc-3.0.21-win64 (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\vlc-3.0.21-win64 (1).exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\vlc-3.0.21-win64 (1).exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133760289534655280" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4248760313-3670024077-2384670640-1000\{51DF28E1-0EC0-4668-AD96-56E06470BB14} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\vlc-3.0.21-win64 (1).exe
"C:\Users\Admin\AppData\Local\Temp\vlc-3.0.21-win64 (1).exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xdc,0xe0,0x104,0xd8,0x108,0x7ffb3377cc40,0x7ffb3377cc4c,0x7ffb3377cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1824,i,13318306862604484337,3726101814431076527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1820 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2052,i,13318306862604484337,3726101814431076527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2108 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2188,i,13318306862604484337,3726101814431076527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2172 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,13318306862604484337,3726101814431076527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,13318306862604484337,3726101814431076527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3280 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3516,i,13318306862604484337,3726101814431076527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3556 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3692,i,13318306862604484337,3726101814431076527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4728 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4796,i,13318306862604484337,3726101814431076527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4808 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4720,i,13318306862604484337,3726101814431076527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb35f53cb8,0x7ffb35f53cc8,0x7ffb35f53cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1896 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2504 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5280 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4504 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004CC
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13032 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=212,i,13318306862604484337,3726101814431076527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3280 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=10736 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=13264 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,18024275909971702670,4038982366167769902,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12548 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 100.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| GB | 216.58.204.78:443 | clients2.google.com | udp |
| GB | 216.58.204.78:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.202:443 | content-autofill.googleapis.com | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| GB | 88.221.135.33:443 | www.bing.com | tcp |
| GB | 88.221.135.33:443 | www.bing.com | tcp |
| GB | 88.221.135.42:443 | www.bing.com | tcp |
| GB | 88.221.135.42:443 | www.bing.com | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| GB | 88.221.135.42:443 | www.bing.com | tcp |
| US | 13.107.21.200:443 | bing.com | tcp |
| US | 151.101.193.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.193.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 151.101.129.91:443 | perfect-dark.en.softonic.com | tcp |
| US | 151.101.1.91:443 | perfect-dark.en.softonic.com | tcp |
| US | 151.101.1.91:443 | perfect-dark.en.softonic.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| BE | 18.239.208.120:443 | sdk.privacy-center.org | tcp |
| FR | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| US | 151.101.129.91:443 | perfect-dark.en.softonic.com | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.208.239.18.in-addr.arpa | udp |
| US | 151.101.129.91:443 | perfect-dark.en.softonic.com | udp |
| GB | 142.250.179.238:443 | syndicatedsearch.goog | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.193.91:443 | perfect-dark.en.softonic.com | udp |
| FR | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| FR | 52.84.174.60:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 142.250.187.251:443 | storage.googleapis.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| GB | 172.217.169.2:443 | googleads.g.doubleclick.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.6.141:443 | api.btmessage.com | tcp |
| BE | 18.239.208.53:443 | api.privacy-center.org | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 251.187.250.142.in-addr.arpa | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 151.101.129.91:443 | perfect-dark.en.softonic.com | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| GB | 142.250.179.238:443 | syndicatedsearch.goog | udp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 142.250.200.1:443 | 3240ec1ee23c16994850c43f63c15ebc.safeframe.googlesyndication.com | tcp |
| FR | 18.245.175.156:443 | aax.amazon-adsystem.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 104.18.27.193:443 | ssum-sec.casalemedia.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| IE | 54.171.88.154:443 | ad.360yield.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 88.99.208.233:443 | shb.richaudience.com | tcp |
| DE | 88.99.208.233:443 | shb.richaudience.com | tcp |
| DE | 88.99.208.233:443 | shb.richaudience.com | tcp |
| IE | 34.252.246.23:443 | ap.lijit.com | tcp |
| IE | 52.48.130.160:443 | id.crwdcntrl.net | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | tcp |
| FR | 18.155.129.21:443 | tags.crwdcntrl.net | tcp |
| GB | 142.250.200.34:443 | partner.googleadservices.com | tcp |
| US | 104.18.28.101:443 | cdn-ima.33across.com | tcp |
| FR | 3.164.163.90:80 | crt.rootg2.amazontrust.com | tcp |
| FR | 3.164.163.90:80 | crt.rootg2.amazontrust.com | tcp |
| FR | 3.164.163.90:80 | crt.rootg2.amazontrust.com | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 104.26.6.141:443 | cdn.btmessage.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.187.250.142.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | ampcid.google.com | tcp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.179.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.179.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.179.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.179.225:443 | cdn.ampproject.org | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| IE | 67.220.224.144:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 172.217.169.2:443 | googleads.g.doubleclick.net | udp |
| US | 104.18.24.18:443 | cdn.indexww.com | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| DE | 148.251.20.249:443 | sync.richaudience.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| GB | 23.73.139.80:443 | player.aniview.com | tcp |
| US | 52.4.238.190:443 | cs-server-s2s.yellowblue.io | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| NL | 89.149.193.84:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 185.89.210.20:443 | secure.adnxs.com | tcp |
| US | 34.192.178.163:443 | api-2-0.spot.im | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 52.55.55.106:443 | sync.srv.stackadapt.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| IE | 54.171.224.40:443 | jadserve.postrelease.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| CH | 157.240.17.15:443 | connect.facebook.net | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| DE | 148.251.20.249:443 | sync.richaudience.com | tcp |
| IE | 52.214.174.232:443 | ce.lijit.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 52.55.55.106:443 | sync.srv.stackadapt.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| FR | 18.245.175.26:443 | js.adscale.de | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 3.68.147.135:443 | ih.adscale.de | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 104.26.3.63:443 | wct.softonic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| US | 104.26.3.63:443 | wct.softonic.com | tcp |
| US | 151.101.65.91:443 | prs.sftcdn.net | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 52.55.55.106:443 | sync.srv.stackadapt.com | tcp |
| NL | 63.215.202.169:443 | equativ-match.dotomi.com | tcp |
| FR | 18.164.52.116:443 | s.ad.smaato.net | tcp |
| GB | 2.19.252.154:443 | qsearch-a.akamaihd.net | tcp |
| DE | 178.63.241.79:443 | s.richaudience.com | tcp |
| DE | 23.88.8.123:443 | push-sdk.com | tcp |
| DE | 157.90.33.121:443 | push-sdk.com | tcp |
| DE | 157.90.33.121:443 | push-sdk.com | tcp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| US | 98.82.156.107:443 | s.amazon-adsystem.com | tcp |
| DK | 37.157.5.141:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | 141.5.157.37.in-addr.arpa | udp |
| US | 151.101.129.91:443 | prs.sftcdn.net | udp |
| FR | 217.182.178.233:443 | rtb-csync.smartadserver.com | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| FR | 18.245.175.156:443 | aax.amazon-adsystem.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 104.18.41.104:443 | cd.connatix.com | tcp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| NL | 89.149.193.84:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| N/A | 127.0.0.1:27060 | tcp | |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| FR | 217.182.178.233:443 | rtb-csync.smartadserver.com | tcp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| IE | 52.16.53.198:443 | match.prod.bidr.io | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| IE | 52.49.108.45:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 52.55.55.106:443 | sync.srv.stackadapt.com | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| N/A | 127.0.0.1:27060 | tcp | |
| DE | 142.250.185.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| IE | 52.213.90.221:443 | ad.360yield.com | tcp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | tcp |
| DE | 178.63.241.79:443 | s.richaudience.com | tcp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| US | 50.31.176.119:443 | reviewed.app | tcp |
| US | 50.31.176.119:443 | reviewed.app | tcp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| US | 50.31.176.119:443 | reviewed.app | udp |
| GB | 172.217.169.2:443 | googleads.g.doubleclick.net | udp |
| US | 104.17.246.203:443 | unpkg.com | tcp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 151.101.1.91:443 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 151.101.1.91:443 | images.sftcdn.net | udp |
| BE | 18.239.212.129:443 | c.amazon-adsystem.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| CH | 157.240.17.15:443 | connect.facebook.net | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 172.217.169.2:443 | googleads.g.doubleclick.net | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| DE | 88.99.208.233:443 | shb.richaudience.com | tcp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| IE | 52.95.126.160:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| US | 151.101.193.91:443 | images.sftcdn.net | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| DE | 148.251.20.249:443 | sync.richaudience.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | bc-sync.com | udp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| NL | 89.149.193.84:443 | ssbsync.smartadserver.com | tcp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| IE | 54.171.224.40:443 | jadserve.postrelease.com | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 34.234.109.98:443 | sync.srv.stackadapt.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| FR | 91.134.110.137:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | 137.110.134.91.in-addr.arpa | udp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 34.1.230.247:443 | ads.creative-serving.com | tcp |
| US | 52.44.40.191:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 52.44.40.191:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 34.1.230.247:443 | ads.creative-serving.com | udp |
| US | 8.8.8.8:53 | 191.40.44.52.in-addr.arpa | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | udp |
| US | 151.101.193.91:443 | call-of-duty.en.softonic.com | udp |
| GB | 142.250.179.238:443 | syndicatedsearch.goog | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 148.251.20.249:443 | sync.richaudience.com | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| NL | 89.149.193.84:443 | ssbsync.smartadserver.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 34.234.109.98:443 | sync.srv.stackadapt.com | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| FR | 91.134.110.137:443 | rtb-csync.smartadserver.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| IE | 52.16.65.27:443 | match.prod.bidr.io | tcp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | call-of-duty.en.softonic.com | udp |
| GB | 142.250.179.225:443 | 61607e72c18afc5c39d1aa46edb4b344.safeframe.googlesyndication.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 152.199.21.117:443 | ssl.cdne.cpmstar.com | tcp |
| US | 198.24.167.212:443 | server.cpmstar.com | tcp |
| US | 8.8.8.8:53 | 212.167.24.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 34.234.109.98:443 | sync.srv.stackadapt.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 172.67.30.209:443 | www.eneba.com | tcp |
| US | 172.67.30.209:443 | www.eneba.com | tcp |
| US | 151.101.1.91:443 | en.softonic.com | udp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| GB | 143.244.38.1:443 | products.eneba.games | tcp |
| US | 8.8.8.8:53 | assets.eneba.games | udp |
| US | 104.26.11.134:443 | assets.eneba.games | tcp |
| US | 8.8.8.8:53 | 134.11.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ih.adscale.de | udp |
| DE | 18.198.78.89:443 | ih.adscale.de | tcp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| BE | 18.239.208.69:443 | widget.trustpilot.com | tcp |
| US | 151.101.193.91:443 | articles-img.sftcdn.net | udp |
| US | 8.8.8.8:53 | sdk.nsureapi.com | udp |
| BE | 18.239.208.24:443 | sdk.nsureapi.com | tcp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 178.63.248.56:443 | uidsync.net | tcp |
| GB | 143.244.38.1:443 | avatars.eneba.games | udp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| US | 104.22.57.159:443 | sentry.eneba.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 34.234.109.98:443 | sync.srv.stackadapt.com | tcp |
| FR | 91.134.110.137:443 | rtb-csync.smartadserver.com | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| BE | 18.239.208.24:443 | sdk.nsureapi.com | tcp |
| US | 8.8.8.8:53 | fpnpmcdn.net | udp |
| US | 8.8.8.8:53 | device.maxmind.com | udp |
| US | 162.159.134.22:443 | device.maxmind.com | tcp |
| BE | 18.239.208.19:443 | fpnpmcdn.net | tcp |
| DE | 3.126.44.227:443 | sdk-service.nsureapi.com | tcp |
| DE | 3.126.44.227:443 | sdk-service.nsureapi.com | tcp |
| US | 35.71.187.51:443 | metrics.nsureapi.com | tcp |
| DE | 18.196.235.131:3478 | use1-turn.fpjs.io | tcp |
| US | 8.8.8.8:53 | 19.208.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.187.71.35.in-addr.arpa | udp |
| N/A | 10.127.0.27:52604 | udp | |
| US | 35.71.187.51:443 | metrics.nsureapi.com | tcp |
| US | 172.64.153.78:443 | d-ipv6.mmapiws.com | tcp |
| DE | 3.126.44.227:443 | sdk-service.nsureapi.com | tcp |
| GB | 92.123.26.186:443 | static.malavida.com | tcp |
| GB | 92.123.26.186:443 | static.malavida.com | tcp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | udp |
| GB | 92.123.26.168:443 | static.malavida.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 92.123.26.168:443 | static.malavida.com | tcp |
| GB | 92.123.26.168:443 | static.malavida.com | tcp |
| GB | 92.123.26.168:443 | static.malavida.com | tcp |
| GB | 92.123.26.168:443 | static.malavida.com | tcp |
| GB | 92.123.26.168:443 | static.malavida.com | tcp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | 4.1.250.178.in-addr.arpa | udp |
| GB | 142.250.179.225:443 | 32f242b949d9ba24f3b419f2b75e13d3.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 58af1669e1d08db918a0b4593a3ee8ca.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| NL | 178.250.1.57:443 | ssp-sync.criteo.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | 57.1.250.178.in-addr.arpa | udp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | p4-gu4cfpu4ajahg-kqkbx7z52x7ejms5-813557-i2-v6exp3.ds.metric.gstatic.com | udp |
| GB | 142.250.187.242:443 | p4-gu4cfpu4ajahg-kqkbx7z52x7ejms5-813557-i2-v6exp3.ds.metric.gstatic.com | tcp |
| GB | 216.58.204.82:443 | p4-gu4cfpu4ajahg-kqkbx7z52x7ejms5-813557-i1-v6exp3.v4.metric.gstatic.com | tcp |
| US | 8.8.8.8:53 | 82.204.58.216.in-addr.arpa | udp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| US | 151.101.65.91:443 | en.softonic.com | udp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | assets.sftcdn.net | udp |
| BE | 18.239.212.129:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 151.101.129.91:443 | images.sftcdn.net | tcp |
| US | 151.101.129.91:443 | images.sftcdn.net | tcp |
| US | 151.101.129.91:443 | images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | images.sftcdn.net | udp |
| GB | 142.250.179.238:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| BE | 18.239.208.90:443 | config.aps.amazon-adsystem.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| DE | 178.63.248.56:443 | uidsync.net | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| GB | 142.250.179.227:443 | www.google.co.uk | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| DE | 178.63.241.79:443 | s.richaudience.com | tcp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| US | 151.101.65.91:443 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| DE | 148.251.20.249:443 | sync.richaudience.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| NL | 89.149.193.84:443 | ssbsync.smartadserver.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 52.207.122.183:443 | sync.srv.stackadapt.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| DK | 37.157.5.141:443 | c1.adform.net | tcp |
| US | 151.101.194.49:443 | sync-tm.everesttech.net | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| US | 34.160.236.64:443 | odr.mookie1.com | tcp |
| US | 8.8.8.8:53 | 49.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.236.160.34.in-addr.arpa | udp |
| US | 98.82.157.137:443 | s.amazon-adsystem.com | tcp |
| US | 98.82.157.137:443 | s.amazon-adsystem.com | tcp |
| CH | 157.240.17.15:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | b3b276aeedb62b0baa9f964d42cadaa4.safeframe.googlesyndication.com | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 88.99.208.233:443 | shb.richaudience.com | tcp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| CH | 157.240.17.35:443 | www.facebook.com | tcp |
| DE | 88.99.208.233:443 | shb.richaudience.com | tcp |
| DE | 88.99.208.233:443 | shb.richaudience.com | tcp |
| DE | 88.99.208.233:443 | shb.richaudience.com | tcp |
| CH | 157.240.17.35:443 | www.facebook.com | tcp |
| CH | 157.240.17.35:443 | www.facebook.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 35.17.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 172.217.18.99:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 99.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| NL | 89.149.193.84:443 | ssbsync.smartadserver.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 52.207.122.183:443 | sync.srv.stackadapt.com | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| IE | 52.49.108.45:443 | pr-bh.ybp.yahoo.com | tcp |
| IE | 52.49.108.45:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 151.101.1.91:443 | pes-2019.en.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | www.konami.com | udp |
| GB | 142.250.179.238:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | 7cfb9c2f698861e4d985aecc5e0d6373.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ih.adscale.de | udp |
| DE | 3.68.147.135:443 | ih.adscale.de | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | pes-2019.en.softonic.com | udp |
| GB | 23.208.251.3:443 | www.konami.com | tcp |
| GB | 23.208.251.3:443 | www.konami.com | tcp |
| US | 8.8.8.8:53 | 3.251.208.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| DE | 157.90.33.122:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | cdn.fonts.net | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.16.40.28:443 | cdn.fonts.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| GB | 23.62.196.169:443 | img.konami.com | tcp |
| GB | 23.62.196.169:443 | img.konami.com | tcp |
| GB | 23.62.196.169:443 | img.konami.com | tcp |
| GB | 23.62.196.169:443 | img.konami.com | tcp |
| GB | 23.62.196.169:443 | img.konami.com | tcp |
| GB | 23.62.196.169:443 | img.konami.com | tcp |
| GB | 23.62.196.169:443 | img.konami.com | tcp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.196.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | efootball-point.konami.net | udp |
| US | 8.8.8.8:53 | e-football.konami.net | udp |
| US | 8.8.8.8:53 | esrb.org | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| GB | 216.58.213.14:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 8.8.8.8:53 | itunes.apple.com | udp |
| US | 8.8.8.8:53 | legal.konami.com | udp |
| US | 8.8.8.8:53 | microsoft.com | udp |
| GB | 2.19.252.197:443 | use.typekit.net | tcp |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| US | 8.8.8.8:53 | www.youtube-nocookie.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 197.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 52.207.122.183:443 | sync.srv.stackadapt.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 157.90.33.122:443 | uidsync.net | tcp |
| GB | 2.19.252.197:443 | use.typekit.net | tcp |
| GB | 2.19.252.218:443 | p.typekit.net | tcp |
| GB | 2.19.252.218:443 | p.typekit.net | tcp |
| GB | 2.19.252.197:443 | use.typekit.net | tcp |
| GB | 2.19.252.197:443 | use.typekit.net | tcp |
| GB | 2.19.252.197:443 | use.typekit.net | tcp |
| US | 8.8.8.8:53 | 218.252.19.2.in-addr.arpa | udp |
| US | 52.207.122.183:443 | sync.srv.stackadapt.com | tcp |
| US | 172.64.155.119:443 | cdn-apac.onetrust.com | tcp |
| US | 172.64.155.119:443 | cdn-apac.onetrust.com | tcp |
| US | 172.64.155.119:443 | cdn-apac.onetrust.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | www.onetrust.com | udp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 89.207.16.201:443 | equativ-match.dotomi.com | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 2.19.252.218:443 | p.typekit.net | tcp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 20.112.250.133:443 | xbox.com | tcp |
| US | 20.112.250.133:443 | xbox.com | tcp |
| GB | 95.100.245.144:443 | www.microsoft.com | tcp |
| AU | 20.70.246.20:443 | xbox.com | tcp |
| US | 8.8.8.8:53 | 144.245.100.95.in-addr.arpa | udp |
| AU | 20.70.246.20:443 | xbox.com | tcp |
| GB | 2.23.160.47:80 | assets-www.xbox.com | tcp |
| GB | 2.23.160.47:443 | assets-www.xbox.com | tcp |
| GB | 2.23.160.47:443 | assets-www.xbox.com | tcp |
| GB | 2.23.160.47:443 | assets-www.xbox.com | tcp |
| GB | 2.23.160.47:443 | assets-www.xbox.com | tcp |
| GB | 2.23.160.47:443 | assets-www.xbox.com | tcp |
| GB | 2.23.160.47:443 | assets-www.xbox.com | tcp |
| GB | 2.23.160.47:443 | assets-www.xbox.com | tcp |
| GB | 2.18.108.226:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | 112.245.100.95.in-addr.arpa | udp |
| IE | 20.190.159.4:443 | login.microsoftonline.com | tcp |
| IE | 20.190.159.4:443 | login.microsoftonline.com | tcp |
| US | 13.107.246.64:443 | js.monitor.azure.com | tcp |
| GB | 51.104.15.252:443 | browser.events.data.microsoft.com | tcp |
| GB | 51.104.15.252:443 | browser.events.data.microsoft.com | tcp |
| US | 13.107.246.64:443 | js.monitor.azure.com | tcp |
| US | 13.107.246.64:443 | js.monitor.azure.com | tcp |
| GB | 51.104.15.252:443 | browser.events.data.microsoft.com | tcp |
| US | 13.107.246.64:443 | js.monitor.azure.com | tcp |
| US | 13.107.246.64:443 | js.monitor.azure.com | tcp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 13.107.246.64:443 | mem.gfx.ms | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| IE | 99.81.205.179:443 | ad.360yield.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| NL | 20.50.88.238:443 | dc.services.visualstudio.com | tcp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | udp |
| DE | 157.90.0.38:443 | s.richaudience.com | tcp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\nssB26A.tmp\System.dll
| MD5 | 4a82832a6209cdc3a2447ab2de137542 |
| SHA1 | 21f334bf90566e3a94a712b68f2cbc32746711d4 |
| SHA256 | b07a12c5ced6a1ece5e7dc4103f8b3e15bf77f5edb70daef115b9a77bcf55885 |
| SHA512 | 6bceff4d3eba26a84029d09f6e403f3fc0c95a744f4d6bfde22accf480a724a0f38960d848a5255258a6a57d3ec9b384847acf167b485ff67f7161aac04300f0 |
C:\Users\Admin\AppData\Local\Temp\nssB26A.tmp\LangDLL.dll
| MD5 | 6a4ce8d10efd06369f368898462546e0 |
| SHA1 | 79b9c182afcfddb4687663f287327fb968731c1b |
| SHA256 | 42c46cde21b03935314697ef444b01d85e319fc443519bde35fec90c8b21fc98 |
| SHA512 | 8a5f1d1bf6fef5ed5b51f41129715bdad0ebabb539c0260b080e567a101db7acdba722a9df5e55527ccdd2bf05a009bfee3c4a3745825c953f3348ef55e61918 |
C:\Users\Admin\AppData\Local\Temp\nssB26A.tmp\nsDialogs.dll
| MD5 | 8b11196dc49c4df98c6f97457c97e590 |
| SHA1 | 7ee6c21506ac68a1ecf36be5d632ee339311d51a |
| SHA256 | 47a1976b7736371b9b2e073ef0dd49db3bdbe604ec9ee77e50621e5f19d9ae7b |
| SHA512 | 4c77005b35f9c9c3cd64d5dba178f45ed250974848086e9da283d539add6aa70bb9ec44782f69f115ab87d1d1d723a63698f9b9db817710b52ab836a87e654b7 |
memory/4088-14-0x0000000000400000-0x0000000000486000-memory.dmp
memory/4088-16-0x0000000074500000-0x000000007450C000-memory.dmp
memory/4088-15-0x0000000074510000-0x000000007451F000-memory.dmp
memory/4088-17-0x0000000000400000-0x0000000000486000-memory.dmp
memory/4088-19-0x0000000074500000-0x000000007450C000-memory.dmp
memory/4088-18-0x0000000074510000-0x000000007451F000-memory.dmp
\??\pipe\crashpad_5000_CHDMUQIOCFMXUDGZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 72dfac5be19cf6ea034f8cf20be1da5b |
| SHA1 | 938d41f012f1b165c73e9752fbeea58e007936d0 |
| SHA256 | adc4a537121b26b838a7c37ac53787b02d6c2e913ac14d29b64bedf0ceac6102 |
| SHA512 | aa221c9847cc080f0a9ac01904d95c48c5df35ce1d08fe7d61f15a1af6f372f7d66a1053a716f71335cfac3863cbd9d1bab70b28d773d75946263bd8eaf15e94 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1f238e5c040308444093a00b17bdfcb7 |
| SHA1 | f15f44597634334b5f3a614506b858bc3be76034 |
| SHA256 | dcfdb8b39e52a693e69a9612cebda2eebb6cfe081b505d2596f22440b9845301 |
| SHA512 | 80bf9a0c67696bc5894dbf38aee968e07b44c5276ecddfc3fdcd183841c34598a8901b9a181fd7c6ac1d2c25e34e153cbe0125246c228516a9c4d64605126080 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48afef98ef54fa1150cc69584e9cc43f |
| SHA1 | 5703961e2825a5578fff3b4643ed90a05a651b88 |
| SHA256 | 217ecb10d73a38d1b8e7882c133f6be6b5258e297317578b1e7fc609cb1b4cdb |
| SHA512 | 51951e415f4a48a4c371e9133bf44c6b4775fc440da20c7bd484ec875af5b5f8e4272441e96769b0e8496c1bef066fae38d6e98323c78f6b4825e066a55b759c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2ab1239c2e2f58e8380312801b76f966 |
| SHA1 | a1edaa1a5a9a2b2f8b8dbc194325a8bd7c31446f |
| SHA256 | 37ddcd5bd9de52cd6bc0abcdfc8e93901c2500ee9cf72e029d7c98fd44ad1d34 |
| SHA512 | 8c03bdda8bbfd86be12418f84079d0965ef8ff53cc95ccd978f336296540d0183d2c0a1aacf63d021659cc8f0394904fea60c227978f494f89273e450b8e12ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 4f98e01ebb913160b9d7ad54ace21961 |
| SHA1 | 3ff08d53b43236df8bca03c9685baf6fa1affe6a |
| SHA256 | 7a2fb5dcaa42e686022fe427a74139cef66c219da80849f4315a31828cebbaac |
| SHA512 | 6176bee9883ea35b3234638aee994a53195260f83582fea82d635d9b448c1edc0ed11de21f2f3427d6801af284cdd9f58d9ca6a5335ac7002763d2a06e818476 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 80733d52f1c42591a6e7d1264e1c6e81 |
| SHA1 | f8e4fbe5f89e076845df635e51e04eff2c42e54b |
| SHA256 | eac2f90c4a4c309f4a728d87ecff45029e1168254db95d807e6ba8471119a7dc |
| SHA512 | baf5f3b2913805bc5620e49443ed3c403a80294e4bb97edbb98f92cc4e41f00c6e83456305f38053f8c525e8cc7ce2d35d7a05184e4a500a930a5a76aaa6a96d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7bed1eca5620a49f52232fd55246d09a |
| SHA1 | e429d9d401099a1917a6fb31ab2cf65fcee22030 |
| SHA256 | 49c484f08c5e22ee6bec6d23681b26b0426ee37b54020f823a2908ab7d0d805e |
| SHA512 | afc8f0b5b95d593f863ad32186d1af4ca333710bcfba86416800e79528616e7b15f8813a20c2cfa9d13688c151bf8c85db454a9eb5c956d6e49db84b4b222ee8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5431d6602455a6db6e087223dd47f600 |
| SHA1 | 27255756dfecd4e0afe4f1185e7708a3d07dea6e |
| SHA256 | 7502d9453168c86631fb40ec90567bf80404615d387afc7ec2beb7a075bcc763 |
| SHA512 | 868f6dcf32ef80459f3ea122b0d2c79191193b5885c86934a97bfec7e64250e10c23e4d00f34c6c2387a04a15f3f266af96e571bbe37077fb374d6d30f35b829 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dc086b8d5306c8a9adfaabb9399ba33f |
| SHA1 | 9d8a6ffefc1e017bf81babe9a7921f53da467641 |
| SHA256 | 64a313f6c8e3cd2581a042acd86b59654d7f2fdc7c43844e00c041cddfea33be |
| SHA512 | 286cb7f2b3adfa5dde7ad5df986eb2324ae2445b9ba09f9444aabfae5e1a48eb4cda7f164ed8a5271b2c404a107bc01a18bec5582e2ff8fa3fdd7b265f09dec0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c585c2eef43ec86f4b9cbbfbd2132ebc |
| SHA1 | db8f7bcd0bf78ab21f1d0d16bb8b175eec6592c2 |
| SHA256 | b848bc092fd89b4b5a5fdb256f63cb7aabc39d6396eec5fefad0f6e578b6da2c |
| SHA512 | 130edeca94833cb59ae4df26fa35acbc8459832e509571a05dbd3cc07679fb7faa0d83c6b1a748ab1f25e0fa5fcd0cf5ab229f7b0bd5312318b634a61d86951e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 52afd3895decdb4380f5f8510e0ede59 |
| SHA1 | c85c25c663e854043ef0ea9d9885dcbd405efb1b |
| SHA256 | fac9566ac850d46fb22c67346ddf1c4d713d35d476ccf7d7850e359b2d85d8c2 |
| SHA512 | ea672e04bd08172c3d00aa4063dbf6805be1f3b65b2e57c6b4f57062977df53c6b7b9f7ae6f6f6b34c4b7fe1dcc333a4861e214944916025349acfd62854f232 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fb68bedd7483e65c5be5f52ec6f1657e |
| SHA1 | 4cabbd4866428f1f6a7527d01423bdf358c9fe72 |
| SHA256 | 1bd2d174f840154194cb6c054d6b6f86cfa99e6e25956e6f7bcf2fe632870c38 |
| SHA512 | 03c7228b5c7c37d40a760b75ce3a4571ef053efe4857dc76dd8408eb5bb702d9b1d6f6e2f488c8396a6692ad93f967ed23af8236c38e15a0a7292c09fa97fc1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e77523b2214d50751bd2563edc4813e3 |
| SHA1 | 756e2574e7748db7197e0b129f76f507b52a0435 |
| SHA256 | 37ec29b075250822b74921ffda7685de21ac536d12eb5c62b29eacad84f443a3 |
| SHA512 | edc633dc93ed6e6c5a4c622c2a456a6946ad5bcb7b03aadf18a4fac5242fd83f2101a4d07465575bcfe60d14672d730e2ed5d1dc4c64ad849e3ffe39e4a94644 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a6182cfaa6d30cb6574368f223fb0328 |
| SHA1 | 47a46c408d03de88a63c637b55512c2c93856f9d |
| SHA256 | 8e6121e7ec498bae8aac1c3ee6f6468c8277f3412c06d2c181b8c3ce222c3c9c |
| SHA512 | daf585b8b6d27964d79a9bdf9a88c53283dd13da4017322df109bd26991961534f36295dc3d2b64157fc5355742e0b1338e773eda35d7884f430556fdca8934c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fac0ba51260aff3291ad0d2a0adb7af8 |
| SHA1 | 6b0a773c5042926e32fae4363da878b9efa93762 |
| SHA256 | d3800c30da6a12f2bc01101b3bfb0a391492644d655e2a8244db107ea45b8944 |
| SHA512 | a123e595aa5a988627c10aa54070d1b6f90915fba5c56e29e9452396197ac51e2acf2488a579899435848a7e7690d98c309bb15bb8e166ef3e6a5094fe3e1289 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 038f98b9e032f29833049d3c733e8693 |
| SHA1 | d3c5d5d1c74feb2e76a2374c35bb61353cacb887 |
| SHA256 | 64dae7bfddeab805e0b368a983c8fdeced1f98455472e5f438079041d94a961f |
| SHA512 | 464b0701dde472e5418434f9164b30f99fdd75f73faab38cfd6580dde766466e5a864d0f75976a48073bd313f9137f7341fbb72778a3a086d6e00e161d2c5e1f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7ac5d6e68e66f71850bdc11e89d6bd8e |
| SHA1 | 8bc6944fff1b0be41ac0ad82c7580c92e27a8743 |
| SHA256 | 606269c48f0c90ad035f6b4dc6d5c2c37e6a175ce49816b87f614747a395de9b |
| SHA512 | adc85b8f0263db700b450668b5015b5ef33b1bbe97fc1cfe0f5e9f86a229412b1bcf9140b5d943070dbcda5bb90a87611bd729a5e2b49627671fc7531174b69f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | fb2f02c107cee2b4f2286d528d23b94e |
| SHA1 | d76d6b684b7cfbe340e61734a7c197cc672b1af3 |
| SHA256 | 925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a |
| SHA512 | be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 83a2cdb1f31a970da6a4fd260af00fa7 |
| SHA1 | 95c6915267013a1ed5f4bd34afa53138aeedeb30 |
| SHA256 | b97c8b43719f29f9b1ef8e1aa6e62e2d48c5f3c51be18af0e5872c0522d5a9d1 |
| SHA512 | aca93910d596d626196b99768d37932bbe78741d08093c1d14e567b692019df94c6635c888425d1fc64aa6d6d1908975f20bde25fe2ed848823422f4f402132e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe590b51.TMP
| MD5 | f6429e203b1924a13ac3fb8334dd7003 |
| SHA1 | 34a48725c01f7fc15576d3bac630da927cae12fb |
| SHA256 | 8aadf8f87541da632e783882d839c45f9e8bbcadffe24ea15960321421d42b14 |
| SHA512 | 02d17ce57bed4b2ff16595f72964698b54eee316da4199913ddea94de1130a8ae3fc2010ad1b2b5f403c24c4d2f03439784258ab230431f2c6cc896f2b4f6255 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 768c1bf87a39f47c4f9d9045dab8f6b7 |
| SHA1 | cc1175d209064cfca42b52b4c1a3a796bc3a0063 |
| SHA256 | c2db811feea90ea5737bf0d737b0ebbdc5903a33cd619bd0b2e7ad1b40d1f014 |
| SHA512 | 9031b6e941f0068470625e23085eb8d7013347ac2b686594e9893af2202d35cc3b5785c9913df44b6b669aea0880b41ec2951f29e5b6097c0dd4f41a004ac64e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 503766d5e5838b4fcadf8c3f72e43605 |
| SHA1 | 6c8b2fa17150d77929b7dc183d8363f12ff81f59 |
| SHA256 | c53b8a39416067f4d70c21be02ca9c84724b1c525d34e7910482b64d8e301cf9 |
| SHA512 | 5ead599ae1410a5c0e09ee73d0fdf8e8a75864ab6ce12f0777b2938fd54df62993767249f5121af97aa629d8f7c5eae182214b6f67117476e1e2b9a72f34e0b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 99b4a99835913acd5dbfaff8675c9289 |
| SHA1 | 40ced2e361c711003662a087ccb4686bba66e4bf |
| SHA256 | 50f5d2bcb1dbba6f112bca409338c8bbc0442da1cca71e6961c6d92820f847e7 |
| SHA512 | 70ca3f8df3e9c09a3cca6c096e66de618f984b0690b930f60b372d2c2a6dcfb075744d88292aa31276e7855a82ecd46a023030d7e5cfb14fcddf004f8e265ab5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 645af8f13524ee6d214d10ee2c4af1ec |
| SHA1 | 79d127c7f2cabda14276547b36d28aa0989716c1 |
| SHA256 | c9ecd6e705a7ffc8a6142dd8d7c3c4dabb258948d67b174c3b0d0760c434c0a7 |
| SHA512 | a2ece9d1345704dbeefab1048741006f3ccb2d8494ca7d07c18a1e142127db6feb35d1dfcf648aec4b6f6add311195728b2d6919288caddcd9296e3a6396a0b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b7f968b3b454694e5ac2ad776d0c2fa4 |
| SHA1 | 0a039c631cec2da3c0d6bff0d7ee9d12753ef252 |
| SHA256 | fbe1a2194680c0dc439a5807186e065284ee87497d06f3dc07c5f89dfb169159 |
| SHA512 | b7d0aaf3f65a013d2ba7cc184aef4269a2135f36d91d327d3897c31740c2d38e1b6d8db145a624979d24aad4a879608f3141456bcd41f909b41d47e7c96288a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dfe08c06fc0a2ff133c6ff73229438b7 |
| SHA1 | cde34de6fa730d00e12a01565b013d84d437ad34 |
| SHA256 | 9dd0eaf6ecba7e6ea1f4994458ee89ac790d275a6657671ddc1f60a93957ec9f |
| SHA512 | c7fc60162a10953f741d21fdb201619ffc921be8a978b07765fcccd8f66f375a1aba0b7e6b36abacd8c22091b1974f5a38e9ae18f882de3f4cc3e5a22e05b7d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\279bfbac38372be9_0
| MD5 | 091d43e0691239042ecf7b21c7c269b4 |
| SHA1 | 3f77421fce1e05443f062e77deffd34aa018028e |
| SHA256 | 89a87d34b40513e9a4f2df94db3df884d60ef8123d07c1e40dffd9dfcdce6a3c |
| SHA512 | 848bfebf7a65a62601cdc04b88eb8f4b9da99d44d82a91f5a5ab6e966fa7b5ac68ece8faf0d6bda159eb54e8eb2ea14970763093e985dccff5faa740a3547ca1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\18612e061e2f61fc_0
| MD5 | 5df01b626714722cdd173d74d4dc461b |
| SHA1 | 31230a97c0a0130aeb687ee19eb48bac66453cf4 |
| SHA256 | fbdd23a0c5e1789baf0832bfb21c3bfb83cd85aced572160fbd416bb69ba2c33 |
| SHA512 | c4e8e6a3a3060006ec2feae28a2beb30af5cd85760cd7f1b889eb61534a396b3db8b5c40efa697d4c8a756d603e12c44263b56cc97c7812d4273be23c7f93d49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0ccede3da2fbb81d_0
| MD5 | ee04b2109f2c37b72f7debee1b33fbf3 |
| SHA1 | 13bde92b2950ab63ba5364438afd4fe60fa00b1f |
| SHA256 | 850f0f96f9b1a6f4687ef8273b1da894606980e01bf5f462d95de98530b97af6 |
| SHA512 | 3fa20e5d9fde24538a808560e7c4318da47f4b0e1cc8f0f092022676cb8a302979b747682cd3aef03d4e30430dd3d3ebed7049b631a40997ea1bcdc87d13124e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\880227ac27ebc632_0
| MD5 | ee11d5313d48f9f6a4c9f96fa7263ac4 |
| SHA1 | 53d6aba2a1eb1d22fb311d4c09aca6d53f3f7b2c |
| SHA256 | 4c294f060c3420a22b28ce6d9385a8066abd2ea0372d1437afda58c62ae57690 |
| SHA512 | 5de49229fe1f5815352273a6ba19b9c4eb533e14722c16c2d008005b72b35bf8f7064ed8a9eb0a8b342409ffa783d7ff8f4957b673cb7d0a53d6b4eeb770d505 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 9f2385157e4637a0426a9bf25312627a |
| SHA1 | 395b7c1428ee59ebd152d6917494ae39edc460ad |
| SHA256 | 6b20ede33b01a5b351c42913c5478fd87bda02c26c07782ba22a1112e16b896b |
| SHA512 | e220fc5181801c0f02bfae8784057f0800ff31ff05e1233bea9d6f95f94b501c2f1215e38590bec76ba00d3ddee29ef41158d60d3bca0613dcc73ea7b58c5e4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | b415ff5e476eade718790e7df1217051 |
| SHA1 | f64de3a6a3ba08e80951dc665146affa23c41ad7 |
| SHA256 | 218ec6939d5844eb2e318d1ed470af91721cfbaa5d14f1ddf99129e3ea8f45a1 |
| SHA512 | d51e696e64adb661543b0237fce158e04a50bd76a60d824fdd97ccc3186e6cceeb76f7f39a295cb9c96863f0ec0ee28bbabcbdbde6485d1e4b0bae04edb5f681 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | e36dcb7ab40d519ec54c7264b1c7bb66 |
| SHA1 | f93408cca78b2f5c54422ff25bd13096a8973081 |
| SHA256 | ab2603efd40360ad96050494348b78b6bd6a96f0fbdff78130b39dd3000055c7 |
| SHA512 | 938056e7dc532307416a1e0bf04d8136bd762f7672f10c8a706e14b3f93e8789fae85db73682a1365bee3dcbe64e12c76698e83f791f687705db2461c76b564c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 4f09c1cf6ad801c742df950166aafe3a |
| SHA1 | 845bc88560f403fce4e9756f65399f998cad1a03 |
| SHA256 | d7e0c4a3d6a2cecef74057d4f4c5e86d6b069c62a708f5375e4106f94b840772 |
| SHA512 | 3ed3b0991f9221d5ea5c26669e009612a2fc95298771c896f37bd67a3303077115daadc446ea86b8f2606f21c3d9f633139019c58b5f6b8f94acb28e02c251ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | b55c7bd177e2f943ec9103cea09c57b1 |
| SHA1 | 1e8b80092667c9b91b7e825a05c4badb6efb003b |
| SHA256 | 0d23b28b0ff94cf1cb761f86a0c3399280eaf84455d2c9545027c1ba945cca5a |
| SHA512 | e969f24fa27ec4dbec85ef2a54303f07d6f5af9526815b5df550d83b1759b639f0ca9c584d653692b801106eb3a8dc0561deba6feb2fb864d8125f5b6c10d504 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | c12602b8ebdfd5ea5113f42ee978d526 |
| SHA1 | 1159db5c354e5c9a73b2e072b3c0c5d02f3ff07b |
| SHA256 | 412aad14e7b55e51c4c56a88949c8f5ac81e06bd1d9b23da4378b1d9711a0794 |
| SHA512 | 00ba76a1f0f08c969a96f4418c158d482eba611fa5984cec234ded9c7a1aa2e9e4dc2a69816c2940783289767212ac729cb7b3ae4cd002f772a5dc5d45bce3db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | 115df5cfce7797cfd5bf9816d1c3ab58 |
| SHA1 | 567a65f3bb544da0f3dc077e48b7766883891515 |
| SHA256 | bedc0d682ed90197d0757f9a6f3eb01932ceb79570f1b8d4fd01d5efba4fedca |
| SHA512 | 91587196e7db939aec8a68c14a74a0824725fe45113706df5f016c01013385e95f75cd7b11bb2656fe026d9ecc99d431bd596c4477bcc43da0fcfafdfd9bb259 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | 4c2f5b1e50474945dcf74b531313aa0b |
| SHA1 | 02ec1d47c8017f5b0b9c8fa5d92e123fc0143f39 |
| SHA256 | d35122bb36ce51962978e0a61abf5518c1dc16fec49efec4f8536b71a000ed65 |
| SHA512 | 88969a184e2d7c30419323f2f4c47b39eafa1e885b4569f0586134177afcabfbcdf029546c20bd1dd65dc6838e27e50050a40b6f6cbaf3aab34376e442270f99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | 9c1f12c94aceab8f09c9553785e6bfdd |
| SHA1 | 13e38dee12290d2266b470e1264dce82465d5de5 |
| SHA256 | c91e2b20dc22c39226d8da5a818368f64cdf08595bf03bf845ce70401a802424 |
| SHA512 | 766415451d1e8d8d41fed2c71763ac8216351f812461ec6003a0dd77a481b92eb6049877326c7035f722cc5e03b6319afe3e8c607a22fad2f16a4cd4b8491b63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | 708c1ca909c6cfc00a7094ed36e568fc |
| SHA1 | d681a1a2ada7b72a9e81beff030209ba05fe88cd |
| SHA256 | f28d10fabcaa7cd96971fceca621d268700b9ac9516a851eace1b7f27002a2c9 |
| SHA512 | a0ee17ed6348449fb956a87ce7c2d19abc51994e9e39edff7b48ae0441916e910f4ce90a57299702a7f4468d2a6ce8d696d77d9514ac8c5a3bf5dcd9da7e1371 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | 8cc3f8d70e3dbe97cde74b6c8b85beef |
| SHA1 | 7e86e9971ed93eca0ee805bc84c45ff645319db7 |
| SHA256 | abca1fc8965f9d6bb8e2b58d2bad865a5a52f3f7ffde6937486c91b72a23278c |
| SHA512 | 2d478e1852b2d9e43a65ab71de213417850e34ce4d810d4e893cfb178e7e02711bc931ff7d92a4931938cf3420ca38df612cae995ccf65dfc8a3d58b412c3204 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | 23009779170e35ad82863c19712d4b01 |
| SHA1 | 04b5a5d2efd6b1097103893c19a36dd34460add6 |
| SHA256 | 77df1282cab8d58d13db828075fb21e4c53a6b037c002d0348f0dd18867c2ab1 |
| SHA512 | c18a5334788fdb2c3fb465e3caf0a41948c23ffba77475ce6c8176f85305b25af5eca8cab59ba7c1c3d13aaf1556d7feaefc025dcb339f8efc6370b1a5582c20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | bdbca6cd39a21b94af5e37a7d95cd7b1 |
| SHA1 | 3bbd7a9c40294b9f26a7fda297a07cf68f4274a8 |
| SHA256 | fa016fd584f843b1373b82746add6f4ecc0bd88711e9e85546dd9270e77cac50 |
| SHA512 | 930121da974124d737bfd6971014a2127dd1e5c383eeb643d7eabc822c867068c261f7d978a2c86f2237a98053ae3dd26a00624d8f0233ed04b4d2c0f8ead102 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 86fdbfa7c154632450cf69103d390df4 |
| SHA1 | d680742866555395b87308bd7de0f0ce5df0c31d |
| SHA256 | 7608069b59fd6d355964ab53e2ac200da6a5ab54bad94b206a798199b2790cea |
| SHA512 | c9434abf699143f2072b72b38ab316ef47e1c2dabaf8a7a009455ba8fd15823c1b39a29d24b316ec5e7e40615aec9b5e74540670f5392bce76b8b60721bdc637 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59501a.TMP
| MD5 | 211bbc0a3378467b02910693edbff82b |
| SHA1 | 7e206dce0ecdf974250af9ccf0a70add811149be |
| SHA256 | facfbe5c60957faa59c2cecfda31fe87e8ccc9a412a1dd1b34d09d4f3449a8fd |
| SHA512 | 810ef34576bcc6ecb764746db9938d76e6fef6811e64fc9ed49fb09c81d2ed5c2acd8a7c021e90992773ac4d650b97657ff45e6e865f6d9df9083c1217fa4af8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | bb22bec3cdaee1af415b9f8fc0104c1b |
| SHA1 | 4bed6f2a472ed240f50a383328d013bb3c93ae03 |
| SHA256 | 5612a748fb2771f3bf86150b764396811c8539eb34b80a3c502076d64fa2a179 |
| SHA512 | f2fda5dbe2d9cfd817342a88160e8c022916d9ed338a73e248cc2b3527a3c2200e65512e4fb65aa92305c9c64dc0899cf20e0ac012444d4e4108a7c018bee94b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | 5337681d1dff81a4f4f5dca65cbce5ae |
| SHA1 | a271a1ce63cf89555fbee60a4eb8f84b8f12e4f1 |
| SHA256 | dc42a734c12a6629ee9e9dad0e12bdbd5c8d2183a9c92d173ea7bc44a5f28b44 |
| SHA512 | 7bf3b1d76c96434357a94979b470bf5909e70112f119211ee94d2adb8ae27a9f2e0d1d1cfec48d4c985405b9650b05b95971fb4d9e406bca8a3a8ccecd988df5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6ee520253ec04912766eff21c3a55b66 |
| SHA1 | 97870307f81e3e94290925bf74d223a42fcefbf8 |
| SHA256 | 71b1bdb5accfbeac00d8afdee0b82b6a2cc959d05277fcce1de7a434ca422171 |
| SHA512 | 8e7390b20ba018c67076542ca0b8a1684a3a6c552565163a5d5b9cccf3d09891d1884a99ccdfd0ed8fd5872b479c1b122197f1b995dd92fd2c1caab79ce38c31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e894927d16a333bed22b836c495c371b |
| SHA1 | 2adcf1c1f045833def73cd80f08082fd8777be6e |
| SHA256 | ed7678daba227c2748da8d4c693024d6c3214e95d75f7f4f14c2402edca6ff0c |
| SHA512 | b550db05e2926d8053e79bf7ef8de9036a2d636143af6e7fe80c41c8fdd01c90d08b87e3649fedf6d3de1c2d541bfe52362a87e5d6e7326670ddfe87c24bc5dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | 05cb4b9f101e025994f9686f3999fd43 |
| SHA1 | 7450f129ea39792645b56de215eaab1d91182fbe |
| SHA256 | 07fba84e209fffc2a8eea1a88ec8c77cc92644c9050b7669b212bf1db30663b3 |
| SHA512 | 9fbf0e99a1f19b362d9e7e31dc0b6f0d49177cea922d9d6acbc1b5a84d1bfce40c3a07e123b5b47ed9a531befc9a2372be3393502b5f00221d74ae23fe80efeb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034
| MD5 | 3364ac7f22ef73edce16584e11a16b7a |
| SHA1 | ca35043974bdfe925d335722fbefad5cf83d1691 |
| SHA256 | 31839ad3e251d43a458fd51145bc7ea1101e52143d8e32ca39b29df15edb8a3b |
| SHA512 | 858a33553c4bc4e57a55a970210ee676c49962a47529299e93d34de7344a490c1292a3de9e6ab37aac75d5e295b8de2351567fb3e50bca187bc48d7f5d2b32db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032
| MD5 | c03ff64e7985603de96e7f84ec7dd438 |
| SHA1 | dfc067c6cb07b81281561fdfe995aca09c18d0e9 |
| SHA256 | 0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526 |
| SHA512 | bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
| MD5 | 6b04ab52540bdc8a646d6e42255a6c4b |
| SHA1 | 4cdfc59b5b62dafa3b20d23a165716b5218aa646 |
| SHA256 | 33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d |
| SHA512 | 4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033
| MD5 | 7c702451150c376ff54a34249bceb819 |
| SHA1 | 3ab4dc2f57c0fd141456c1cbe24f112adf3710e2 |
| SHA256 | 77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583 |
| SHA512 | 9f1a79e93775dc5bd4aa9749387d5fa8ef55037ccda425039fe68a5634bb682656a9ed4b6940e15226f370e0111878ecd6ec357d55c4720f97a97e58ece78d59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | bd17d16b6e95e4eb8911300c70d546f7 |
| SHA1 | 847036a00e4e390b67f5c22bf7b531179be344d7 |
| SHA256 | 9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352 |
| SHA512 | f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 23d5f558755a9d58eef69b2bfc9a5d99 |
| SHA1 | fa43092cb330dff8dc6c572cb8703b92286219f6 |
| SHA256 | 6e5bec69b1c6424972a7f5481ac57049811f0f196535b707613126c11292c5cf |
| SHA512 | 9c56c94d059a27dab9f69c9dfd718382a8eb192b8c0ce91cd6db6ec0769b8756acf9c0956a35561474b87d6278b13fbe88a6e4df6260c278b1ae06e9be55dd6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bf4c3a20c9108e6a56b5b3fafcf35626 |
| SHA1 | ceab699e7b4d82e7a316a684c9c4264a7fc954be |
| SHA256 | 4577c25f9dccf01dacefc9629538ee7053c9e8bd4473411831cc9a62c7c77d7a |
| SHA512 | 06989b8c58f6d7657af3412f7d147067d854bbd48fddb87528be91f3120d1ccb17f3e4c10513e2f78b2682eb30b71d4818be354c187fd622a1b46135e04a100b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
| MD5 | 73f7da9773311072e0c5afc00a131562 |
| SHA1 | 1c3f088685c91a64ad1b586a346e89710cf9b5ee |
| SHA256 | 2ee0a166c8e3f18b1a9e16df6299d980aef03b6ebcea36541dbe129b7497f4ea |
| SHA512 | 8a100ea38250bd9272d06ea4bca61f91d31e71c404800bad9fc7c032d322dac69d1866fe9a314d1b686fd6e2895c4b14fb165f56670ca00234b8939776cfb479 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b
| MD5 | f1d70a540dbdf88e7717a915f85fde22 |
| SHA1 | 1db3cfdcb4acbfa279cb531e811f020cb5895089 |
| SHA256 | b9a31a7c903838c4054dce37f9a5ca001b8e237a7672bc0359778f3cc57d22ec |
| SHA512 | 74ce714208eea5854e20d57a54f8b1fc6d6eec404276258d912a7e40b538bd9ddf40f482436659c3facb53bef21c5ddf92d535b2b949136109ad23a08797d2b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | f1d9d186e57910d58688dd0b009319fc |
| SHA1 | f82484219c6e1bebe8ce0b5fdadff503248189c4 |
| SHA256 | d7afd3801127cf53117241b74b8f19d58f8a337d1f77cd06ce44a029deceb0f4 |
| SHA512 | 73d8cdc2c3e6fc89d32e04b5db7c394ca2d1a8be3eed5f3634d63b8aaf9b990eac8be769f3eed37d7ce67b733f1298906998108963213ded9a6ddc52195a120a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4e9011b7ccf03d8_0
| MD5 | dcfd56057adb76415763a8d1d9bbd473 |
| SHA1 | 6eb45506b5c086207256c2155e4b8765e790054c |
| SHA256 | b8cc1136340434b055fe54c9e6e1751b57a68bfbbba6f30d78195fe7cc168c95 |
| SHA512 | bbb0ade01e7bb44ee4deadec8b84f879e9ef07fcb2a0efbbf94598f56bd15b88b0a0d7f182a8feb1f0769ed0e433de03bb22ee2f7fd4d808f97f15c9b496a83f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\336a68eaaf209f48_0
| MD5 | c292920d37de7c4d633f0555a44d2c00 |
| SHA1 | 68264ae6bb75835f92569831160413cf48cf1008 |
| SHA256 | d47b093f20002e30c48aa404d552edb858a2b28bbcee4e294d285f9f81b2cd39 |
| SHA512 | fffc6fba69223e5935c3dd501f2c9602e4ed1c32ef45b3b6594991101c02427d6edff4f228a9076e1b3eb1ca1ec10a50421981710fcfa739b48b507294f49b29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fef1b8dfeb8711af_0
| MD5 | 53496f09086eb59ab4f17d01a69d526a |
| SHA1 | e251b0e9882979c080aee1b5e52fe3a3aed28b0f |
| SHA256 | f35fba2807ddccf20b18e7536ebd1bf2f59c7038be59a3bf3e0a9f72a87c4331 |
| SHA512 | 14befef6f7bd7b7912044b76c818ef92f9354eb5a7239e2608b387a6e97b48abc1d2e1d3b054b70fc15351fae69ba68860a9bcf1157c8928e11a192d04dc0e82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\82e9889e3542e6eb_0
| MD5 | 3c27ac0ca4bbf73e1648a0c5bc35f3f7 |
| SHA1 | 0786bc7157e387b1047ca69b0566b481bbdcae3f |
| SHA256 | 007626954d0aa18d659906c6c77f3bec0c5f1c40a12d4913619d4f6b5a359d2c |
| SHA512 | 60b6880c8e4664ef3680bae9407ff53db7402b834d5ce3f0d9a0702daf617e8be153d86c619f4d6fae1dd5f545c9cfe994dd08da98ad7973f7b1c5c332ba47bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\279bfbac38372be9_0
| MD5 | f5bcc1909d8f1c657bfd28f7fad13f39 |
| SHA1 | cf251ac8d5a481a75de6914a5cca9072f6b67617 |
| SHA256 | 2ee53db0d408c2dc6bfbeab6a6b1d4dbf2f51869013bd2792de049aad013f142 |
| SHA512 | c307e416ee7a6ce7e4c2e4891d9ed494b9af9d854b6fc3bde1a4870f7385a884ac40a769173df405523efda7f547b24ff1010ed5d20019d42d7110048f973418 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\18612e061e2f61fc_0
| MD5 | 37b7243a88d03b1b833f545df61b2925 |
| SHA1 | 8eb3b01a05efca8d773421c3d5dd88942ed80101 |
| SHA256 | f3b5fde064225dddc907381f5cb183b713d585f9b3fc0716e450525f9423c8ca |
| SHA512 | ff23433c68e97b0021868ca8ea223ec5b82ed0cda77535645e94876b4f8766980d9cf8dda98f6c909cdd9980799ddeeccbf73501ef7bd19a202e0b5d954308f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\880227ac27ebc632_0
| MD5 | 90a25c6647ce802aae6e62644620cc86 |
| SHA1 | 60c7cf9f1de3e4ba69e84545d464f4d10a2e5e11 |
| SHA256 | 7b688efc90d456d031048611a4ac960812540c392d85b44dcdf265bab2f114a9 |
| SHA512 | 7ca7eb6b959014c6948ac548cf820790aea11b58423ed009f0138820203c9a4a0fa8d5dc9e5a1bff2921a9e50efd96a30b1ab8e5d2bf7004b233640a34946728 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\70c14c11fca4d6e6_0
| MD5 | fff0b1ba6533f3abefb804806142b157 |
| SHA1 | e87777db7588a0524ebd11d06af7049dae68b102 |
| SHA256 | 853116a6852b7042d62d4b289141b397f122b7d4a07999070ed4fecceb542a77 |
| SHA512 | 121736d0f966e5297ca7e06b4997019d6569512f15b3d4e75d3d6badcef039a95bf97ab2eaf4fe4c60b9436c52359707de7a908601f46e540e14b6104ad618e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\67ecbfefb7c24eae_0
| MD5 | 04519ba64632238a964579406db47fce |
| SHA1 | 692f9843e9ccc0a1460ca4f438aef4d8b83f5271 |
| SHA256 | fdad1df8982533889b25bf37c8e09992f5ad977dd82d3a8f26d0405eb442d8aa |
| SHA512 | 7fff3fcf668e6e87b22f5521f5634c9ffbe54c31d99dc0e0f68ab74c35ce60ac69b7838fbcb56cd303565163274fb6cb3eb9c90ac0158931846935824a0b5a36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0ccede3da2fbb81d_0
| MD5 | 41bde0b8e0bb9faf39fb0296dd6ad2cf |
| SHA1 | 81e6c67a398758d82f443923303a364e66887696 |
| SHA256 | 8a14fab5d1bbf1d97e187adb1e445983372910284fb9fdb9ce852c6e4adc5d20 |
| SHA512 | 674b66717f657d914108c25d588e01ca7cdcfb014c6563d8c3cf3e003429ce926786d7b942f6db7334a9b091eeb1745208aac8b99819804ada8aa681449e9846 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000085
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 71c667088e1fe692c2c598608849c186 |
| SHA1 | 08b746b7b64b181822e17a2f56b0bb2b9ca297dd |
| SHA256 | d0dc1c443b347390a64b8b82f9968cc57950d29b89d199f99cea1de08faf97ac |
| SHA512 | 6857c5fa42a00330b2b6390083a3cc40aa9f9c78342b2180e927f61a1e80893c37d76a336dfaba84bf633248560d88fb11b823c7a28d537d8e3d1b605d9c1ab3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d19cce126fd647a9094c2b382ffb6c11 |
| SHA1 | 7692f0eec8627c1e426ad528f8b7c799f5665dcf |
| SHA256 | 6e9be079c25d723039227b8bff577d888bb3b4a462a9d6734f3efcc569d2944b |
| SHA512 | ffbfc37ff056626f975bffc8e3166d3f1ad221df1aa3d1c821aa3e39807027e14df5725d1d842efb3770875b4f4ccc869a635949509ad14fa26657889d19fc54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a456b336979c72de76e82ac51addb8d7 |
| SHA1 | 7f403a8ae85a18878c7c47c0cbd8248ad427630c |
| SHA256 | b56f2e09c7842f2e2f6eaf48c5103ee5fad52f9787d165c38f180660cd253dba |
| SHA512 | 7ff6b09de210fb217a7cd310a0ee6f67b712d994ecba6c98869f9e37614216b8be2a4a89abe1befe7d1718443bf79c9aa8a5834bde83d0f86787d991fee0fff4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005f
| MD5 | 4da8f6cfae5013241215f02599acea5c |
| SHA1 | ada081aa0d4059c2f96e4a3db89a23cf9b1b7519 |
| SHA256 | 3ed684101de5eb9e1e935dc34ed5681e4e85c2d770397e334127b47852f0a5c2 |
| SHA512 | 4a04b562c3d96d55d5df30c3706ba4171209c18e6368d366a9b856e13a73884a8060b1fabb9b1830c659b11d532ac818c22d6e29958964844ea6892da4c30395 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d023cfe0e64828d812ef020655d01c0d |
| SHA1 | 09c1ba15c89c3743c2888b0a2a887209bad12e99 |
| SHA256 | 7780244dc65920f9d00d9b2024bb5b3072e7aacd4a0070f213dac2e5aa80dea9 |
| SHA512 | 1f7818645d55dcbff7732360e665c9476671d10ad5bd219014f0a25339d95911fcfa3215cb9ad124ecc816508c417c9bac3cdab7baf64a2cb929a1d3e7d12ede |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038
| MD5 | dbb38b7a91581ece453a84ab371cdc2f |
| SHA1 | 99faa21bb8c6cc4573a468fba24c0bae52cb7611 |
| SHA256 | e8b5943470b6cc3a7d39dd75d5e4437e78af034dd121d47bf77b15825d236bc1 |
| SHA512 | 983fce5c0635b7640568b2e1335cbde75595de5ae9ddde006de416628e2ba643ee2ed201c7484109d9f47db240896927f696e05fac3b2fd96dd2a9aaa9991c42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c9786c10-6733-45d6-b89e-e1761276c4f5.tmp
| MD5 | 4debd4afd7acc99367fcd1043562b2e3 |
| SHA1 | 353d8e8b4f68ef6f3452c376e42ebffdc0d63e3a |
| SHA256 | cc4ecacf4c1887cca718489f63c5fcba5a88cd45627073cc18dfcf1d294a5075 |
| SHA512 | 8019ee5c39e3f70b367c98e1d4deb3668bdf99217821580a52f7981562fa1f2a42f7f9a08486b24dd00d7213310824cbd63a3c8ff51d50ad0b29fa025852d63b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ccb543d09fa8757b14755f7f9e88aa7c |
| SHA1 | 88d2730e71a2a6fa3164d05db74b2f94f3ed30b9 |
| SHA256 | ddec0cdbafea7ccb2f0f7c7ea01c30b5a3f0aa27e964e0d00afe4a2c3c6fb52d |
| SHA512 | b56a18bed835942e4946b53a01b10d8509502c6316161aa019db7dc935bee38e9c8746ab823933507891a27f5662e117472145f1d308814742b56b12a75d248f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | fdc781639ee0ead53a41c756184a8b88 |
| SHA1 | 7b0002f0706644b8219d1c34b26b3065231765ab |
| SHA256 | fc3e13c4d7f933b0dbb7f815a1f90a3c2a9203070dfbaafb7278f206272d7c0b |
| SHA512 | 7e380b29fa9510dcabf09c6d55e1b00d710a079a04ae770850fe99fa0172c4d232720dbc9374f1b733f7c5d45a01fda4c3cf75851dcafb07b92573ecc459ba72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3d64305c557404aa4313f31d3cd476e9 |
| SHA1 | d588f54acbe13fea2fa16310c4c46fbe66371463 |
| SHA256 | 8b9a08c4e01298762f639caa71feb367a3a45f7f520a0611d5dfd06313d8f52e |
| SHA512 | b0c4f5918d49de4807185e7c0ffb4c7c9a29c327a21025f8ba2d01dc33aef595ab5bd729e81b04204c0714c3a3788b420d92772c94358764e2f076f04065e5c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b3d1f76ef485abeed8e2954c58408a91 |
| SHA1 | 142b15d4617ba078d24627e304772345cefef294 |
| SHA256 | 859ea93a37364a69d051f67147d6e5aaa3fe796206fe5df4d5f21bd3254d4972 |
| SHA512 | 3f72feaf6069d401221f2c48084bc444a54ad56206e0e7bf08da2a08228e4b6373adefeeb8938d80c0543c540a48982463d2c894c981ba40cb6329849f8fffde |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b585999658877266b776de75a3ebad61 |
| SHA1 | 4199769b16ce67a9ae789e6f20916e6ce9403e97 |
| SHA256 | 7bbec241abb5a6fbdec25019842ef85407b911d40cf63927e4a9846ca3e82412 |
| SHA512 | 137195b2e960b15349cec33ceec993b4108a563538223f0c250b6849be73898ce1d364ae0eeedf53cbec2cfdfb9b3f6922a84e89141ece52440019a8a95596bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9438a0074b667f7d7d096fcdfe239fea |
| SHA1 | 046c83771ba14c79d0966eb5d180b0c486ea53b9 |
| SHA256 | a5677f437cac8448c3b3e018d0115988624f86c263656bb916555f26dffce84e |
| SHA512 | a4c65de8c53073b60adee4bc7da1faa30c4eae35f6efe99c7256e5adf3da069f3e37c33f3aa82057bbd8cde82db8bc8d92a44fcd55f4c33c67c4d76325923cdf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c203482a85f900ccc7ecabb35d16c5e4 |
| SHA1 | 94744415f66d8f4d1c9b4434b393762b7e6155d2 |
| SHA256 | 45194771d58863f9d55523b024282e5790cc50cf355f0f92339b117a7c296fe9 |
| SHA512 | b5dd7bd14240d65f6138ed7d50c9ef514eca13006ce24bec07ac19a2a0e66d53bba04a340fc3c613d2122c585708c83d3711bab5e746b6b4c3b8cdd8de35fd6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1578f1e75e908df2743a07e0b8489439 |
| SHA1 | 744c5a999f457fffcbaf9958c84191cd60940474 |
| SHA256 | 28f0fe3cbb809dc992f49768d8eec6bded9b6cce5c974940d2723e3b556ffc4b |
| SHA512 | 1a3c9e3463061759da44f326e6850686b5b2f66e70256b379622f6ba11f7c94c006347cc59610d057e3082172da380cd8e222dd24ca515911fe1d4a65599898a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 2227a244ca78dc817e80e78e42e231d7 |
| SHA1 | 56caeba318e983c74838795fb3c4d9ac0fb4b336 |
| SHA256 | e9d7b93bae57eebd7019ac0f5f82bac734b7ac3534d1fa9bdba6b1fc2f093a24 |
| SHA512 | 624cc23d4a18185ae96941cf8a35d342e048476b0384f0595ec1f273e19163ca49b17b14760628eb9da9a5f5519d4671544669fb08985c4945faf663faf92e12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 55a93dd8c17e1019c87980a74c65cb1b |
| SHA1 | 4b99f1784b2bb2b2cc0e78b88c5d25858ff01c5d |
| SHA256 | 4925dd477b8abf082cb81e636f8d2c76f34d7864947114fc9f1db0e68b5a9009 |
| SHA512 | f9ade542c593067dbcd13ed94da1ba17a84782575355396db8fd7c28aa70a3120d0c0a22d3ca3d2f0774c1dcb06b9319e243b36001c618c92e0af25cb9c8e46b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 0226f8de1e27a4ea1675c906aa32e72e |
| SHA1 | 6be3cda5fb935d130908ab0ba80bb926f38c75e7 |
| SHA256 | fc1a6e9a3ea7894abb8c67345924fe74bae481b0e351ce3eedd0cdbd0d9d8459 |
| SHA512 | 5a9f280e79ff805409d50c4de5f03fb827d72d692ba6e3250943af55c43beb58af65598d5e5c7d2fb583ff0e1fa5795103559bfd7aad284fe12060626d7b72c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3b022807f7c5cca6f993e88109f608b4 |
| SHA1 | 5f8fa3b614649e0032c79a75b29cda32aacc5163 |
| SHA256 | d5e4bba4b3106c09e88ffe7aa9d1033dde44bb39aae2b447c6278d519536701e |
| SHA512 | 396f13a8cd0b67ca1facaccad9dcf1c324c11edff21102e70bf7ae5ecf265fb3293f3e15a16c6a0716c50cbaf35497dc1f3828f664ce80600a2c728fd8888d95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1047af36483db7126d4ac893b7f3b36b |
| SHA1 | 5db4c8c79892e2554abd51b3cfd29ee7a31d5b81 |
| SHA256 | 7e205424d76f9775b94bc9c8aafad12b85ab48ad64ebdbac4fa6f587e517f0d3 |
| SHA512 | 311fe0d1888d4cb68f9b567c628e78c97418d3075ffe07ea0c18d9cd151181ddcec5502d1002c678fa39e5fe91bb92f932ca030ed40b8bf2af3cbbea5e21bea2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6c284aa508897e76a677ed4d60feab77 |
| SHA1 | 3e1fca4ae80c9234186771d1e2fa00787e8a0cdb |
| SHA256 | 0c42ea79c377899102debc0e08103fe7a04df565b3a9440883a79d923ed8adcb |
| SHA512 | 3cc02a133708711e35c7d9acc98a01dc3b7e667df25b97c0f2dc4914c63f0061f9c6b133be9c812fde92c64b034e7ad2a47a955f216e242393270346d46c0815 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ea542610d552b04e5643b2d0a343c73c |
| SHA1 | 08b0f8e21cf9ac3b2d0b0ed825668e6874db530a |
| SHA256 | a5aa0534685b8bd79b79e69d9c8b9533061dd2f678fc0fa67b318fb7ccea893d |
| SHA512 | 2096ad74f04250c8ce90d81626fd8376b3c0ea4fef5f6c87563fe3705e082109ac0e6a5a3e8df52d40a99222f792a413e5f0f3efcdebc3678bb9bcf29a98321f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d0
| MD5 | 1dc06492f582bfc9afc32518c5b669a8 |
| SHA1 | 3ceb77de90dfc8ad8a38e8df30f44ccafc5a074b |
| SHA256 | 4cca2caca18dd3689fce9fdb2b27bd6bf9e779967f12ae9c8c0d4666c1e4c2a1 |
| SHA512 | 80114c72ce7ac3493602db99d3b042c928dafbe7fe2d43e8f5e9d273cec0289c6c4742b9cf55a38df4a0bb9376c68ac9fb0ab3e8a6de292bf62dfb6a0c4f9e78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f0e861b7c477af0c576012dc6fc3cec8 |
| SHA1 | 6e2c1fed6479bcdd5f9c805cdc116554396f4c61 |
| SHA256 | e960303fe590971ed0c97246b7403f48908551558d4203bc46f2cb450bb828ca |
| SHA512 | e8a9d8adb2e8ce3b59f242ca6e75309cfdd60ca24edab9c195a2fe3cd11824dd9575626ced49d00fa9fd87bd41452489918ab07ebc59ea800f8e89bb9f808a10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c1a9084031e0e457dcc7b049da67495b |
| SHA1 | 58257e8fb0582a818b35492bcf381478a897c036 |
| SHA256 | de143428a1b1577193f61f4b015d7aac480b93c1ae2f1dbca9224e66d0551b22 |
| SHA512 | db55c90e0430c188cf2d02ddbaf18b87172299d07d0c22b6056cb4083f5278564bf47bd23cc3d99b35069695decea68446a12e2eca39f8753c7004de08e2feb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009c
| MD5 | e332b21d67c5a6b4b73333460a7473e9 |
| SHA1 | c1dbd98ad3ea3dcf8ef75c3dd97b79d1d1bdd0dc |
| SHA256 | 7061195e180a68967ad0dce7f768c936cfc12dbb137fd16e3f8be55d2aae9cf9 |
| SHA512 | b6e2b5bfc0ee0af400aa2f03eec41e2977447a55637544fa67c8f5e20fc2ef32d81a4c60b1d56c78767003a494b0d20553483597e81ef9f2852989911f63b4c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | 8bb0d5392d592c2a47fe101f8d117829 |
| SHA1 | 351d6aa6fa1532d94ebe8174f16c9e78f52c3c6e |
| SHA256 | 5ce46c1c856775dde3940cb2c54abaaa3f26beb87fad6edcdb8a12dfc1361f7c |
| SHA512 | c6ce538a2ef3e7d9754b2b531412cc6553452ec86d76ae97284794948650ebfd79ad7ca89d5400fed8f4bec2ae04d5f424a9679a925a18edc087154e791a0e08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0
| MD5 | e0ca4ae2a78c44e04515f3695bf63d52 |
| SHA1 | 53cc6f17d34812fd2c2523b87c395e9e23a47e16 |
| SHA256 | a5514b0bd9844f44a6c754fda577d6d37dadabdc2d1824e2b9212135057042cc |
| SHA512 | 32bbff8bcee0114d53b7034392c45a1ddcc9b9fc78b014f4058840521d737ef8422fd05b81eb36bcbbdea410583c3f80b5d14be16600602aa266ad3772b9d49e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0
| MD5 | a4f68f56f766cc1463ecfb327cf815f6 |
| SHA1 | 9728a6ef2934e866009cbe1ad859ad1e0d29c755 |
| SHA256 | 17d9e5663bf62f9da72b3cddceffea68017c3fc38d99df9614015b1c2216db43 |
| SHA512 | b8f88b9acc07656d56aa308fc998ed4cab965418a1058379537e5198dece2768e154b57cdcad724bf2dda31a64162e75eb0b39968edbd8726d9eb1be8ab3e11a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5801d3329fb36c59_0
| MD5 | ae05ccd06b2d8bda4bf66c022158bab7 |
| SHA1 | 110b7a1d6862fcb95f3b62df5f87b43a895c74cb |
| SHA256 | a611714b1c15317e742d11d559e06bd53e119fb995b58d85fdd68fd61874a468 |
| SHA512 | 7f4eb2af26d557c49d569681660f1b544d86212742630fc0a05f5c7791657fd5b05091be424123e34420ba5bd382b0c3558327c33e0760b6c89e669f73b207d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 177877669c37424c6f474f9b369d178d |
| SHA1 | b5aade425d22f73a9783b7fb7860a46a5886db0f |
| SHA256 | cbde823229de3af3d4d7f972f5b4a5b20d5ee4330358236278f9e6ffa3c568c1 |
| SHA512 | d0757a317da27901abbee5b47ff142e1cef6522aefc94262c8866720b028a265ad1f1cce300216e75ec4a4e212ab4e76d32de1aebf32541477fe7583e8b1af99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0f6cf4e4077502ba_0
| MD5 | 704b40f5ac6fbbea73f42c75b920198b |
| SHA1 | 6bf1ab5c9717facccf0f8e5a8c73821df5e172a2 |
| SHA256 | 1bf51719950d835ef672ba6a5924699e242a180ccfde3bdcee078c24671b82a0 |
| SHA512 | fcb7aadb9b45f404b3faa26f6e04275186d3c76f7f4cde936c3fdecdff15455f9e0f30762849bf7dd40c68aec9b10a645ffbfe92518643cc176c3698b5ae18b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | ba22ad03944a30340149a9fae5fdd365 |
| SHA1 | 64376d018b965c668b6cacada3aeb59f94ca3e37 |
| SHA256 | b1b8db4d96e21ab6b195d81a8b472b62ff3bced2d577824ad9d33b4831f9a1c2 |
| SHA512 | e8c1d6ac427b1ee3ee1cddd6b549f5680ab2ac11e66d9ee5efb80a89bdb64fbae21a59c4a3daa760686dbd6ba508da4cee7e5ec9e04b501e0ee1a7ec3c911de3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5c16389b8f844dc0aa60f4513b134f01 |
| SHA1 | aca9904fddbccc9048f695e426616f0a1bef8689 |
| SHA256 | f2d8e6efb2c035e94c082b00a2e2d9450d60fe9572c2f26626fc42602b1ed980 |
| SHA512 | 1e6b10899b5ea54d4d173357a366e0aa1f4ed7f0837b41b58fb352716a7a5ee70862d2f2839352a7133e1c1bf67c83a13bcfb1f3be4585e98a83ef173829dbc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dfe07f2c15075c28_0
| MD5 | d02cd06cb7b4946e9018e193859c7da6 |
| SHA1 | d0fce5f8f9f0a5184f062d4c4e5653479e4c516b |
| SHA256 | d1da3ddbbd9ad812fbead01bc5f637a5dfb7609dcac8d1d30408d0bd3291711b |
| SHA512 | 6a99bb715748214af3915c5c5856dc0a51e17d1e0d813a4152a5e2258c17bce0e26f99568e35b21b1554bb44e689f1330f5c23f607137a096d1aab58a0f2db84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1597446ebc8d040_0
| MD5 | 95182d5270e893b310b7dfb1a1995c52 |
| SHA1 | 0982d68e7e566928a5ca9ddde4abf5d4c81f763f |
| SHA256 | d30b343238611c2aa2284b943d92a6126e8fc203f723cbd64d665d318a6885fe |
| SHA512 | 3da7a796b6ea214782d82af448e845b1002d633125ef63b2ff1759e609f3ce9394bd6fce6c30fffde426ec13cc50f05478f88a2a0fec5ffa3800cae61072ca65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\93764e5416d2ca0c_0
| MD5 | 5f7c42c9b5612122e60b2fa07675d2da |
| SHA1 | a8580a5df38f3dbdea2aea9eb47f2cf221288a7e |
| SHA256 | ea0a6fc3d308daefbb402e7a997ecbdc4fbf41a242ef23ba141dcb2b8bdd64ff |
| SHA512 | fe5b5ffe444c14b8a1647c0926e05e9cf9929a91eab26ce50ad14468ec1216bf18d38e5c3b404b2893b540da07379a6f1f4d58e6051908e76fce93169fb386f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0
| MD5 | f9e99d9783dcab005f81c3b6d3065271 |
| SHA1 | ca6fc468d6fe513ff1c5dba6c7acee3117211337 |
| SHA256 | 3da8ad841a726116f06e7f85b662e8e14dba4a4ab02e5333ae9333de7ac30a8e |
| SHA512 | 60ebba786284c9c5461bf50b86c881c4ef0a7eac30c11b3a96287d119a82a9d05583de713c671ec89a7b82bfc853c03699752e51a28a03f5ce9854df21f7b953 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9f54d7f2e6cf0b1_0
| MD5 | d97c4f351c6371c6bddf5631ff1b1c8c |
| SHA1 | a6be751ec3ebc4b3a36c056f668239b22c4ddace |
| SHA256 | e359d8c169b6fc3021d41663a178bd2187c2f3b6ed86b0e6d23df3de3818b2f5 |
| SHA512 | 1f4365c663bd0da6a891f4c3e9396f78e1ceb750fc6988a2273a789baa2ed5faad60a2423a02b909a831276b695a22b893ab38001536a6eb88656501715802c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0
| MD5 | 3bdae92146b8e05837de94778c1f66ad |
| SHA1 | bbdfeab2ecd22ba3b47af37439cf826300dd9305 |
| SHA256 | 4c1cb25b8d1580d235ffd6e32656d67d2ebae5be02a98bf69631248825c4b86a |
| SHA512 | f0f6b17f1415dea9d32c35ed3a246fb07390be650077327327eecf191e8a64d5e7d68ed0f94b9ca7b5f928047f2f756b81f1fbfa5a23169f8003762488a84b26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | fd32d094e166800353f3859bffdcecbb |
| SHA1 | 6bb1568ec7fd9b565565751331f328bb24a71c7a |
| SHA256 | 0512ab991abc6493342a8fc3f1b3133a05359396c751d9aed71d993f35cd35f9 |
| SHA512 | d5af37faa74881b25e00ea8e4528bfd3c00ac53c914e27dd9c1436353882c48c9dd35d165af1ed53d6ed647bbc22e3b7f2e32629d036bc8b28e1761ace4de870 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e1427d19ff38087_0
| MD5 | dbb917b5b95ac0befbb8e1dcc5d668eb |
| SHA1 | 0b8a16011dfe89891afca54375545113aa1f327c |
| SHA256 | 77b2e8e90884f57a61b66a574f102d76d1637e2dcb659e63c2125304d6558743 |
| SHA512 | a66cbb0af1d50749f1169847baf6d239b33af7595f919e25d517ed0ef500db9607101a4e850b28350ea808d85439bc9061145aa7634018f586dc7c1235897906 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0
| MD5 | 94bf4b6ab2cfecdb0d1cbeed1bfd90fb |
| SHA1 | 306b71afea755463246fc269f3e0c967185a2790 |
| SHA256 | ef6504771381a509001d2ae1175f81bbef598822b3f870028cf0a80f2829bd5f |
| SHA512 | 4856c033efe179db138c011ed72fd9ad7a0a1883faca9334de9e282e25a98c725b924910e3b166617b8b01878dfb7668b01a9d6e1c832ed537643e697e9edb9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\532ac81f752486ea_0
| MD5 | 77aabd79e9ece20d4003cdc525b2f734 |
| SHA1 | 359da3630c5ca8570501a4642027461fba9011a9 |
| SHA256 | ff97bd06277a4f74c87c63d21044c90cda96b4b45013ddbadf049c0e7f156205 |
| SHA512 | 437af85cb3ac2e86857991794083c56f8d02598771ec2e91e2ab64ec048821017f328dfcfca16d0a4f304949fb3ba96ccdafb01c57cc2bb851a1e9f0b21d27ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | b86bd48ce041b3743989767256320597 |
| SHA1 | e865f4af239fc80329cb7793574b1381e56165f7 |
| SHA256 | 075c5325bc27c1b597818131092e94fd4c2bdfafc23d6257a5c792a274a9e486 |
| SHA512 | 24de9204bd2fac6c9c8cc5c958390a82850c1555bae0b39c7d6b57f14caeae0711fc9a15bfdf597d232b3fa349394878884844f5aaceebd074a94957195acebe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\605167868572c6c4_0
| MD5 | 19c098d9450770b2224d7162aedfe6c6 |
| SHA1 | 0fe612f2c96f639261c92d6567bd843be3c93593 |
| SHA256 | 7a2dc260abd13c74292345131c8cc2e8c1ceacd4331833041c5b58047ba1973a |
| SHA512 | e49180d77a8b638b303960191a97856d8e1294d2327eea7e5d51890b473b098911166b8f513e240a142e14360054714b8b43f0a11f5689b2e62fd403bad9585f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | d8e0070286ef0d7ade47fae9635e23ab |
| SHA1 | 67a5f4465b999f916c50d6acb8c7a904293aa6a0 |
| SHA256 | 9a81e9ce388a779c2e0511009f7482b7c5edaf026d87d46e1c1f4ace24ca32ad |
| SHA512 | 27e9990d1020b1152245d61e09048b246a1d018a95a661047e0a64a10553fd7473aeb50406c1e84c2844b1a11ed0cbad865b0443741f6b1801b7e2a45014fc46 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | de16c6b630d81e256b34ee751b150619 |
| SHA1 | 924fefcd881177ff4fdd3a2af3c4e105ed32ba04 |
| SHA256 | 5fdf7c9cb71bf73c732f949b569aa714133becd10dcda256b154667b4e13fc82 |
| SHA512 | 88b687a4393be8025a06f351ee7ec48eac401eb0bd9924630ac8060893e6fb3299676367dca47ca4769b19ff6254ca790317be531a22978960657a4247bc6f4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | f1a59ae2badf973580d659d53f1f45c5 |
| SHA1 | 6a6f540826cfbbf131411ca1efb243ca26c52f4a |
| SHA256 | bf9f48205181bd302c9acf924f840ad117dcdd5e72e0dc6c40c13244ac83dfa1 |
| SHA512 | e400cff8be08d3a49d88e26691eb620a451f6c00acfeb7ff1ab4d96722500018614c6d4c747cbe98f41695aab62110413b7bf9ab506c04b865e6fee8735a251e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | 8cc9b16fef54a6676252e128646e3505 |
| SHA1 | f578d9815caaaed0cb101c04339ed3853434942f |
| SHA256 | bd95318df30ca47c8d59c61f8ff07808b4f376ccd16b1b9c5d3b462818de8600 |
| SHA512 | e98891c2b641dd581a61851a74992bde56335e6ad24a8151f7f58e28ccba4ee035bddc28dcdc37a8f6c739ae72275e496d59ff373b2861563f1ba60cf3b849d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d0c04f9998369cd_0
| MD5 | 1b8fb37debb4c22315890090c5df934d |
| SHA1 | 7f9a0c11b4d908436eacf6f5926c8f8f3056e291 |
| SHA256 | 5694ef77c0ead74c005bcee8b7ee7d91d4acfafe5a5c730eeb281ae37c245e42 |
| SHA512 | fe441155a6875c71ed2f62bf1ec16a3c37a36a672d4315298f3021c662070e70d53f4358b6d9176e6413e3d59c71eeead764c0ce60986f812d359f33e5678f86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0
| MD5 | 261d46a6df6b8980dc02651e941d19bc |
| SHA1 | ec579b6bfd7f2457fc8d35e6983355e0565366ad |
| SHA256 | b6b980e88f8abb7480b6faa456da5ee91c6ca68c97cb32a15d02f6252317927b |
| SHA512 | 4f9fedaf86e782a3b4492a46cc6af87bd1f45488579a0dedc281877e3cec50242b2a5ceec9df02addbde710589be0a41f0517210cc3a2b54ddd3eaccd5452969 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0
| MD5 | 55ec127671b14d82f6f9f52c25f2b8cd |
| SHA1 | 00733aa81f3048085fb2dbd2adeff170e85728c9 |
| SHA256 | 0e2a3690aa5a2cbd4f589998a2aff21d1730c8fd65a625321e79c298f7fa5ef3 |
| SHA512 | f7c62ddd0548217c4c5be059de8d35086a94ca77a832a8cfb3d0f4220af6e28e75ebccb2e2d325e085303e60238fd635f357f0c481ef330ddfdb4c63d1981e92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | 833f13339b3b29952cbce92c7d9ba325 |
| SHA1 | 36957922eb5ce2dcbb3420d5f73848a9daa86f39 |
| SHA256 | b705f44bf2928c815554f40466935b94e75353c8dc0ffcef6c796b5d24cc4aa7 |
| SHA512 | ad854ddc14a666ca353508e9c8b0ecade17bf40ac50432b35a0801b977bd66731b1105350b73eed102bd159b039d5ff9e2211d68fe8db01e587fabf236d0dd80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | f5f88fb9fcfeacc3bb05319c324e36fe |
| SHA1 | 9be3be5ede0ac6aa82763f303aab2315d497ad1c |
| SHA256 | b6121e8666ba958199fc9fa91a222529e30b12f2758f49f157599a01bae4aa21 |
| SHA512 | 3de11fdce298121ddc9f306b59118a28fedcaad8fcf5b56e29b944c2be1a578ba3b83a884250556da6346fd3fa9ea188a1112c65bb88c2c00f34e1cf81edec58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | 0f52ee651aa2593774f302333b0c7f85 |
| SHA1 | 707d8df2a90bc99bb61ef2ca959e8844714c64e3 |
| SHA256 | f596e3daa80989f25fe934ef26d133820b9a837ed2910c2abadd78f815dfaa52 |
| SHA512 | 1532b0c38aa363bbbd30e1befdb45b14092f26178a0ab2f232a760fc951a36e1975b3c9424c2cf279f3885727f81b2e8b1837548e5f59df2a40dbb2b12c75b90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3370a00ea10d10ed_0
| MD5 | 19c27a11fb2192e0b1ec28466b017a22 |
| SHA1 | 52ecf7f755ddefe35ddead273bcafc6a53aa7cf6 |
| SHA256 | 0e699776cd4cfce3621609e2fd2dc1dfda92883c627d2cb5274e36f361e36ba5 |
| SHA512 | 49f4443d1b8d6ece4cbef8453364a5f4d5d90682a3d9f5c4396cfc002617d1f7b7f0c0a6f5604fcc9afdb5ea9b4e6473218b0f7832ff746655ad6e7d57dea254 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | 0ccbc2c5d67464fd66cb0053926d215f |
| SHA1 | 9eb937bddc4a70b05196c7d3d424591055249e76 |
| SHA256 | ff6b6e19db7779c73e32aead08da809505db9d494063912c4dce5fc376fcdf2f |
| SHA512 | 8dad5d8dbafec509935c3e29a8e4c8b893a24502dd371d3cfa3d2c8a425fa8e9e0638afb56c8a10dee5587d5d5d8405a4c0ad543cf1e595d6138746e12960a68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | e185e72aec6268be774026837e12cbba |
| SHA1 | b519c87c5e4a9530b84e14fd934866a004e2c5b5 |
| SHA256 | 36e10a5628855ad09726832d6782acdf7d29d0d67e4b5a3aac36ef10ea479045 |
| SHA512 | 225aafbf50e2ad03827563ce7d600415061736a772b4cc269d4ff8969c9b5e018f51f8ec0fc124c641f4830f657c130548e532d8952d18c774d8cfdc8b7e1024 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9a267665648440b9_0
| MD5 | bbcd06c8edb78291499f083e095cd5de |
| SHA1 | 9ba4433928c4a4af1251f895c9a129663b62638d |
| SHA256 | 71798545e0336b774a49f1f6c532f995c3663b10fd0d9205de58a0e14a3c5ab9 |
| SHA512 | 2f048999951c4186a074c46a967f22e708fa903659d9851053194fdc5a896bba7d6c1b75a0f3a6419562396881d39c2732fe27b2a31e1a46b92c8c63832fbe6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | b0a69a8d9b3c7c2a3d09f20319c3f113 |
| SHA1 | 618a93d95654f699d022b49bf04b613be725a2a8 |
| SHA256 | 96c89ec18fe2772ba8bd94fa6e31a69055ffa94007906f65ceb9319aaeddecdd |
| SHA512 | 239a009ee8f459d530678bc20e377df233ce35a24ab230d38520d4f99f459367550bc52884ffa78e7d85ea99b822697e0cb8af6a329054398da0d1ccd253840c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4f85019800026a2_0
| MD5 | 1a6ddc18ce149f2e72238e36289aec07 |
| SHA1 | ac088cae49a1a9a505a67992c2c07d00c4361905 |
| SHA256 | e8e0c692716b7128b51075c5467689496a938284a202b5331926e9186e2b7b87 |
| SHA512 | e9a0362d0938a7e1780be5365c6bfb4755eb637597d8bccafda60bb924d3c05f3c9b2a068b469f9fb8a33ee96dd11f94e39b878f979ab079a830617ac22a9d30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b3e82669a81c981d_0
| MD5 | 3b5be8febee3e122aae80755dbe80e76 |
| SHA1 | 8b04ebb5bbc668d2cf902fc4540a8f2dc5b12ae8 |
| SHA256 | 5444384b764318f639796803e19012c1d2798a707f9fb531bb1f58d99cf5b80d |
| SHA512 | 401bd249065553a7b4fbdc8870116c7c50c51bb11abd9dbae207d5802c234b4c0ca463787abc750bd132deaf00d50d039c6d9f27e28045f4e673891db4837c00 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0
| MD5 | 034211df5f2987215f174398e2d335dc |
| SHA1 | e5cf3dc2fc653ffdeaa99019e5c450a235576323 |
| SHA256 | 0d499237fcc9e519fc5bda7d88ab66d57e59077b9a88ead22c51a0bd55561ecc |
| SHA512 | 2070fbdde2671db7e9af42f8a55bde1fad8bb27acd07f4359fe1bda1dc8c553f0a1bab86c6c060a1340db74a45685b8686fb40ab934743635a87c23b000100c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03eef0e77feb64d4_0
| MD5 | 86de7af20a2a5d36e75032951dd2c23f |
| SHA1 | 014f9812b733bd58e2640d0fc9f9d4106e578904 |
| SHA256 | 70de031619daceab1d361d894573d9ecd138eee10f9d49b5f428ec10b243a454 |
| SHA512 | 80747902309d0bc702c2d118fefa345ca51316712d5dc19c79eb94b0889cccb4e27fde1ebf613a148df875bdf3553f8b1ee1d8a1fcae72f34fa425a43aa83204 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca5bb3c84b908d6e_0
| MD5 | c6dc3e0a8de0c584f4cdb89321b8408a |
| SHA1 | eeefb65748b48e41c54486e65f20f159c259f008 |
| SHA256 | e4290651b7499a28ac2f46c54f938bc44c5949f3fa8888fc9229b1e8d0326072 |
| SHA512 | 21cd8c89a95fc404c731c2a2821b8d41b099354a4375214bb78c26802f10b9db871ee118b3e251b7a1464e9a8acd1abde241d956c56c8cb304a7f01243da99e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0
| MD5 | 13fb01ed1a109fd150f43eb28d0eeda9 |
| SHA1 | 85985631be9ffc0915e42ccdbdd63f0e87a51854 |
| SHA256 | 95fd14f43cd3fc379566f3c9e4fa72efc2f7408edcb440a144de63be84770268 |
| SHA512 | dda33e8855fefc69e0d0ad29986c75e3622b4325655c80bbe68124991f15132b5b09dd93509997279e32ff62c4894943803e6a0e7596fb036a64d2db022dd8e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8908012b8e4a5af1_0
| MD5 | b4f7ea8900fbce7fcc992a7d27996bc3 |
| SHA1 | 15f2c1baae31336913d23c3985408c8296a57e7a |
| SHA256 | 745e98b498bd4bb3f08a94664ef485e37b9bc3cfe617223b76179e98e3c10777 |
| SHA512 | 97e8a958283b211dbca8e628c6a1fb2a700ee70bccfb1222480bbeb667fa848159d110f0b273f30b712d8a421352181779b0d432890fee60c411b5cc5da4a62c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\718aba49c9504085_0
| MD5 | 981c9c119e7d2e224564bcedff51e8ea |
| SHA1 | 532075121097f43f0f1e32de13b96f2b0b7933ca |
| SHA256 | dee7be99a03a5eca2e62e518c369adeff634dc851c5daaa29060b0ec3101b636 |
| SHA512 | c6c59dfb292484e5bca1bddaa7ce6512b38ad0309c56445f7a3a3ac7d69ece6d15ffe856ad9abcec0f88309f46742096f06431a870297b3d92a1a65f8dcc8b70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ec4b11de0b23393_0
| MD5 | 9ab7d5efada21040d86cb59cf72c11e0 |
| SHA1 | fff477a63eed68a1a68abd0857503d70f23d0109 |
| SHA256 | 53eb66f5f78a7e3167c361a87587644fab81edacb310c77cf5ebff0d80bcaa49 |
| SHA512 | 9ab48b8e6439da2ad7d224610215b190b1dc196ecaf4262e784e79cd5cd3a5d7b1503000fb2085a6b0571755b44e809c6a3347de000c94404c2adf11fbe3407b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6aa9a2943612cce1_0
| MD5 | ab1f8100f92bb017f1fd2b929b6f0ce3 |
| SHA1 | eff00ef35fa1fbc9d8f42321d516b692bda1227b |
| SHA256 | 0b16e7baca79b3337a49b65a518f7399543b470afdad721776be342906e49b5b |
| SHA512 | 4f2062e3cf5991306dbf9d2c0a88728a47cc9a8a4792d964dc7cc07d2223af7a5fdec4947b23d5123a5988db87a0773bf529291f6d0563e6953f6ea22054dd5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6b7644cb858ee390_0
| MD5 | c2157c3179ec3c7b7f8ddf9f1deb433e |
| SHA1 | 480c99ab67e61803b65226efd19ed8d1ce55b67a |
| SHA256 | 786a112ad3934f0353ef8911115e8917082b78528931aaf7e98f2e2eea59e0d7 |
| SHA512 | fafa910798bf9339622dbd8cec9756f509b7ffe5179a65cb7530feeb8f0f17323e951058f93cf6def51874b14223a908a7873a4239fb5efa48dac828756c9d60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\476831ba582729ec_0
| MD5 | 04380d47d22b8aa283aad8a8374685ed |
| SHA1 | 9a439cf9374584376331c259112b753c9e7d16bd |
| SHA256 | 3b88a2939deece0f2e76cf5f0e451449abaf6a3204055323132e2423f1430311 |
| SHA512 | 6d6b08573c349012bb2c8984662b48709221cf2842ba2eca54ab2a3d245e964032967d49276176e12083bdfaaa0bc19cd38c2d760cb21036dbeff9849f30ea50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87bfea9426cb2ef3_0
| MD5 | d3ad4e8d9508e9c493dba9a8916f16a0 |
| SHA1 | cee37f66aec3c9e139ed67257abb249a08c55f5a |
| SHA256 | 11aed1e551552de4ddd6d8286c615bec0b66fee638e8d5908c71b30f9942d796 |
| SHA512 | 9e93badff554f85f8d3f22e786f1597de496a341463a91ef129ed717280ba3a1b9874ea600bbd2d056821ff0edd29230a1e8a0626081c55cb149e0c01d1e2df3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\534ab76442c26020_0
| MD5 | 176dc375afbb6753fe29c7bcd47d3a43 |
| SHA1 | 62beefbfcf690367509377c3c3dcfc7af1eeeb73 |
| SHA256 | b66e43e352ca277dc5babdc3b801c2d8e0f21ba093b37a4627d0feb757265edb |
| SHA512 | 19172ed73d9af5bfe301caea23cb75467c33a6f22e5e514c6fef2dd595994e3613eade55a96a8fc22f674390d9db1e4124a0470f6eb0a6df0a2e751c24676b41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\81764cdb356c9506_0
| MD5 | cb082b394b88a9685172356b76a60c00 |
| SHA1 | 065d15a17aa3b56eaf6baf35ceb8d6ce62d6edf3 |
| SHA256 | a36a93db02e8d72063b42ed1b38da2dc15bef9a426ec49bde428b0d94d51d985 |
| SHA512 | ccb41bad5ad9906a852b832787d7b382dd02ad3a86e29a9e10680e430594e59a077f14858b6680daab73d0a43bd38c58b593cd381091ff755298cf1336143869 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0
| MD5 | 05780f79698fd00dda8507a6c4b6aecb |
| SHA1 | 605ce0e704dde492ddf1caa5401a0bae61d9897c |
| SHA256 | cfb225ee60e1576127a94b26fa241804b45764419346e8ee1fd8fd74eedbae93 |
| SHA512 | 845e698ba8dc77c6e575148df0f8f4eede9c2f8e8dfdefd8dd6d7dd8b29ec809e99fb238dea727649353ce05828d3ebc212589f68f365c116df77341ecf20294 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa5fe3b36e22e31b_0
| MD5 | 3e95ffc3769fb0414bd1cfbbd6d70aff |
| SHA1 | c38d9fe5827cc6f524a6bf4f9b99e06aaafab30e |
| SHA256 | 9e4786f46520ca7c42ad333280f3e4ad4765c6ed441f182311b3585cd34a51e3 |
| SHA512 | 25b03a163f6eda7e6ce8994e56f561106d6957c45cb740cca0dca1fee9068b901ab97b32739903dac978ca3640c211a6ad40e413b36b81645b88cb682e2d5b6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0
| MD5 | 415db4d09998c27197738494a7a26f18 |
| SHA1 | 12d5c43906a8e73eceba513e31fd8d7a733cb323 |
| SHA256 | 319913f0511c87ae59e057071e8777778b78de839f046d9fda9a32f5449702c1 |
| SHA512 | fed2fdad9376ba0376646b49fef3c1221467f77b91e5aa7d1ec7bf9fa2b0af469eca2aa585c4648b50800b0c4ce313ecb64c7934c13f2e20a5d280bb5b7e144b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9f5d940a3674a33b6d191b3809b7de26 |
| SHA1 | adab29a1986a0d9e4f68634891f4c66e4fe18796 |
| SHA256 | 0c18962070592dc180c9caab63af590bd3f479b92e983818ca6e5f2b2f6dc978 |
| SHA512 | 535bf6c8312ada2728472c0b093103e6b9949fee1c59382601d6234912844d63ebb270f45f0524ecc495298267f25c4f0a79455e8ed87a09cf096c91c8f384be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cec0a8f045fb1f5c4efd54cbfa008cb8 |
| SHA1 | cd4d04fc2a23192a44d8e671bad671ea29c78ca7 |
| SHA256 | e2c11fd40df3abca0111f99b8ccfc230196b7b9c3af9b0dd2d90ffd7b8269f53 |
| SHA512 | 7f7757075367eccce8d83ee225278c69daaff35c7f456811b389799cde8370aa5df869fbe3652b217cf2695fb805e9dbd10166ff2f9dee504f92dc75a1b2a6e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5d15886d2ca07666a9135968bf554671 |
| SHA1 | 2035b81a6662df5fe2af2a088511130981dc673a |
| SHA256 | b94ce168e8f63c0be159b24789c738a0fa47c24002f91691ee11a986610b4eb1 |
| SHA512 | 5a0a520b803257bfd1191570cb36172e9e2175e1450aaea7a11db7ce8198e3c5b19c300a6d9405c582b1012660dc70e96df298f852d34230c693e835529f7d7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bc0276656709e65b_0
| MD5 | 73c8c728589534d5287a1e0d598c3452 |
| SHA1 | 330ca8198d2788bf9fb8b8740088f4f807206ebd |
| SHA256 | 5d3cc1619256abdfbb053b1c0caa84d858246ca6448afa2b7792d2f604e3c296 |
| SHA512 | b682d201264ad69ea07197e7fdc2a743649ca68aeb49b1ee136ebfce20079e41c6e8c9e5a5fcc4ecd006271211b9f107714967ea30bfb74d6aaaefdb4c2898c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9e04f19de8f5d184_0
| MD5 | a3a7ad77838c5992f1fb0865e1fa5736 |
| SHA1 | 55780bc1dec87e4f25845381e4fb65fbb5b1161e |
| SHA256 | ce7e82926531f3a3703c4537bb19ba650b39311f416b66d6849ab0c84cbc1695 |
| SHA512 | ad159c69364218263baf5d4bc5f4d4ff6e7bf59e782eb5dd8fee2bd785fb9e975145544ee7829a03db0e6d69a0729bfe2abbbb0347fb434849e3492961a24abd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c44449928b6297bc_0
| MD5 | 9b9fbb856a37d49495feb3e3cc1927e7 |
| SHA1 | 77aa59cee50e6553453935e9c447e0491a1e48a0 |
| SHA256 | e2b4492b1372233736b9ee625627827bb468b602f57d6f2657eba04826d3dd6a |
| SHA512 | c2b3c6b29a91d5416b6ef9ccbe88ab0bd80a1907a0ac84c6bc3d6ee6855ed0b487f07e1ceef1c8a21ef22374ce59071355df2c700823f5b1b5a991f506b1a46d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5ab91eca1b51c461_0
| MD5 | 756b62013b9e79ad361848ce8e5e9cad |
| SHA1 | fa5bb3f3018c12791b7b7da2bf4428e845b4c789 |
| SHA256 | 5d06489ab76057a7b1c7faba51008c566e65ff6b77603d105fd1d7f6649b1443 |
| SHA512 | 13bd2d129a4f136a83ae9297eb451335df2807f6df815c9dee3de3842eb74f994fb6af43396fab87f220af676ad8f43e4e575527023a5f3766cb4ed91c8021f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5818fa5d1dfb181e_0
| MD5 | 6a1c428a42974e12469b2110cb95c995 |
| SHA1 | 00e5f87e7cd4a65e7a718cacb6de2ea4eb13b2b1 |
| SHA256 | 26931c0d314b0aaece27736c4a5a995377bbf6d5ec36b3755cbea39f45651c7f |
| SHA512 | 5b37c208dae445bb1ee1d833901a2a9359f4dc78a882f4445426fbc0dfd95baf1fa90c08a2cb9c1718d01885371344cd56f85cd8662224ef190895cf2b16d935 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bb2c024c0771dcbe_0
| MD5 | 85aea8dfa944906fae71b5e375ec8a1e |
| SHA1 | d0645ec5935159096dcecf37652869a2b236dc63 |
| SHA256 | 98b327c90a09303da96b0eb7ed8301de73decccb379db6ccb8e5275d80c9dc0f |
| SHA512 | 415a6785735a025b35b2ab5b11e7c898dcc69ee0f51156c41dd07776aadd254afb3d72b1621ad72a9f89c6a4ef052c2454d387d14ffa1256cf831f951678dd2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039
| MD5 | b100307705c311e8ae4d31d8b2a4a93c |
| SHA1 | 3b1ec50ed6b09f7b3c14f6e8e201f2a2b1c98975 |
| SHA256 | 4a9f5d41f5ac4c03f7772f676247d201dadf15f9ac01a31ac26685d2f559c2fc |
| SHA512 | 213f7dbe76418eaf912a232d0650215b481674943ed689ed8ea4716caa6f5293b4495597040822a62ed9372f3703245a9498e28b852f00a2256fd28a54899ea0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c961c673905e124a_0
| MD5 | cf312bed6727c0f64e9961ef71a41a74 |
| SHA1 | d241d14e3b5a7014dabe39e93e43c1cdde288935 |
| SHA256 | bac8165868f637b7d5d5f760c3d41f5f36a7c2f40f795cdc42072c6deb11cd65 |
| SHA512 | dc38e467ebb80c61b469aba5345c1d0f08171178bbb96cd1c77288ae265212fb879f6d538a8ce08aca51362c52528770cae9607925853ec1c71842e1103a5848 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\488789c50751fa33_0
| MD5 | f91571aa309f31db4c09f7651451f33a |
| SHA1 | 8201958419d559d8771565e777c7ca3b97c9617d |
| SHA256 | 535bba5caf39ded81a44abfbc793ac08a38569404813717eacecaefd78d3d81f |
| SHA512 | ecd704f46986f017f6263924b639805ce5221c9af95c73814e22773f5038731a82d2fdac6db19e4bef10a895c13c8ba077da8bd3a9ade298c3581fadbb9a1ff0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6564ee215690f23a_0
| MD5 | bd5ff07c2b972904d0b9715265b14781 |
| SHA1 | 26e2b9ed7a53417fc6f786fd2ec5a26f54a84b7e |
| SHA256 | 3c8ab7bfd52c3695c278ec2c8f0abb9bcf6d1c4fdb6629ee0560e207e9e5444d |
| SHA512 | 7c3aacf7ea782ab82c4bdb86e8edd515a978f717109ca491faf98c522708304a0cc4478ad69226a8e52de6d8248dba23b06d5518ac21f2fe9fb5931186f69eff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\935118ef4decae69_0
| MD5 | 77792c05b1dc116011807a17424ae587 |
| SHA1 | 160ec230dd2096b18a0b4385cb8b0ccf07b263a2 |
| SHA256 | 4f06b4d38f44d7c4e9230af90fca8d821626f2fcd388efe4de23cb560b21a429 |
| SHA512 | 07d37ef4262aded860c99805d78988d0fab1e3dd2c24b05b5c70097509adb39ebdeaf452aa1a627437081f51f2b6fddd4abf387af4e7460079b62625a1ad4a03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9abaae9efc13e351_0
| MD5 | a357295484b94a527319e70eaa63a86f |
| SHA1 | 3a3cfa6784d0e7abfb051ed0d371858c319ead1f |
| SHA256 | 3fe48a2af85a2a0003e3e0f017ecbc750d58f6e682fe26cfc44889a50bda3730 |
| SHA512 | 686fc8837de50b0515c37288fa03e3e296152208c5876ff6a65c8343b223c00ace7d0b266046c4ed1a8e09d7135d9d26c526083a854013ee0ea12068dbbb17bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e201db4afc7e2e56_0
| MD5 | 3d4386bbffa03bacf7e5f26f2d449ef6 |
| SHA1 | 6b677cd7b7c3b9b1055c780d181c37298198233a |
| SHA256 | 7c2a02724fdf922fda75259e614685776c5014e2941884ee3ca3dbaf9e69d897 |
| SHA512 | 75166552db191ac562a467e040097881d595984e9c9afe75f2fcef9f3a256c4c8c3118026d29efca66e43b741acfa4d8987c274e53d14e8203615cfdef8246a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e3
| MD5 | cdfebe49024298841703664347953f93 |
| SHA1 | 57ff7319421fd587d38c36e95fd2959e6f0209f9 |
| SHA256 | 47c2947735b65062bba6a6a974795dfb65624d12d4014a990d53b518f9ce65bb |
| SHA512 | 5973b8a45d7e539847bcf0ee0f7e59cb287e228229ddd22aea7945691af09649522d55f50b26e16356ecb793f34d13395fb4722d22c5660eb0c0af802202f998 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000086
| MD5 | 115c2d84727b41da5e9b4394887a8c40 |
| SHA1 | 44f495a7f32620e51acca2e78f7e0615cb305781 |
| SHA256 | ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 |
| SHA512 | 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0422b1c23a234f646c5402fdace2394 |
| SHA1 | 59caca59c0171eb918f37a906414045a14d85d64 |
| SHA256 | 1765687ace1883cd74465ec4fe62f71de531d059d2cff2b41d5e494335bad104 |
| SHA512 | 84ceb091820f2d8a2c045001c40706954476dcb1b4e732f387b582f3b86c91b53c2b5c6db09678b242412e742c48d6161eee6ec1599eee38cf86b5fbfa04b7dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4011b5c491411c9fa112b211dd5541b2 |
| SHA1 | 1dcaf752737e5739e67dba09795559a16379f044 |
| SHA256 | 50893549aba8eb10fcb3e3465d8a724a155fa0cb8be5385b26ab95f326b50ecd |
| SHA512 | 807097693d506c8443a2f6281b0cac0f4218891b17b5936516307b787f6a722f127edab32a85d2ed985780132002ced4202990f35d3a8ebe59f22196d8d22507 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 52d3cbf9d3cad5d5c83be3e9007d6f52 |
| SHA1 | fec5c87d42d6346436299dc58b38007a9e7239b2 |
| SHA256 | e98efeaef5b95bfbe85556166fbe752a9c8ab8797152eb41bfbad68b3af678a2 |
| SHA512 | a5d85af9fa5a325e71418afab2fc025f6718b076202def38c2886c6325b2755656b9e95f10f6df8c5932e86105340ea8ca20751a3ab8cb84629b0e0637d1cb06 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b27e278706dacf10_0
| MD5 | 392c11fda7180b162779f3b7665e22f6 |
| SHA1 | 65f530a9365fe958df97962ff6174a9b44dc110a |
| SHA256 | b7188e33ae617a98c11af488e51255a8b99bc372aadbfc42dc437d2e8644283c |
| SHA512 | acb34d019084bb2ed28f6294a2eaa64baddbd414db23e730d9a81c5ee738ec389b982b7316138392a4bc8fd94a0f65606184b763c66a40368c195c4eda5a82d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eb9aa4691e62ba3e_0
| MD5 | d441e1c2845e705baf82bc00fcab1ee9 |
| SHA1 | d9606162a20477c97fed173c56f4c354e0454b8a |
| SHA256 | 4ad7721722f1506e7727f0b893c1fa47da42b6d2467e84758e96ce1961a16029 |
| SHA512 | c5880dffeeea6026e94c58820c454c96c1791488467c4a6654016f97424e01bf46ff5b47d2fbfc3a9570cf17063976602117dba5a61240871074583da36cbd7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | 484315893bef578d9bbb469de173e689 |
| SHA1 | fbbfbc2d1b7bf3e3bae423c1b50d92d780e2f33b |
| SHA256 | 259e40d2ce9cfbd80516b51e0dcfce4b2d8c8c92c3e8ff3c2cdd173fe1c3d9a3 |
| SHA512 | 25490f552adabe29e54b91097203fb5902d05a1706c3a1fb51dddef5c44dadddf9b0d1e6e742a50fbf3e4c007f7449a5041a08e82d097a6c8883c69a4e40c206 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b84d1ee908cb3d47_0
| MD5 | 24187cdfbbe6cf5392c21715b8082389 |
| SHA1 | 291c140aae2638740f96516d32d012fbed0e3c41 |
| SHA256 | 65f27fa0d3889f19b2026fefe2fd963765892e74528e341e05869e59ff628fcb |
| SHA512 | b723152da3e0b44eb7b38d9839c95aa7ab925b2d78b586980cacc96129e2ba1df72dd59ba1ebff33525a40a0a3d5b57a1111b732f7dc7bb5526807a615f0132b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b8fb7f17faf71513_0
| MD5 | eda3740f448deae47612c6b65f3e5fb2 |
| SHA1 | 132d1228a2b4ef809e3099a066a0bbf12a22b96d |
| SHA256 | ec71cfdf9b00b397dcbf6d472e5dfe28ef0d6f388dbca4601ceeb9f2017a7e49 |
| SHA512 | 8120b668c7c5ae04db50a8af8b20f0c95f6d7e1a3dfcf6be1868e8c2fb6dc82ea8cf9de7c972629f8b935b84de5fedeb235e2511e397ab0cfd656a44552f27f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\feeb6095a8cd1d6e_0
| MD5 | 292de549c41a8556b44c278152c4cc5e |
| SHA1 | 5b413496a05334939abb4bdaf8e80d405a0892b3 |
| SHA256 | 3364d82b622690ff3fbcae439022047850b788770190ce9d30e1886f85ec200b |
| SHA512 | 28cd4bef177a174bbd012f1626aafa4168b0216ed5dcd10507566d63c152f627d431957b853d600c102437bc921ee5b3e37afdfa08d233816ea0d9ab3a9a9875 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ed3798f5c61285b2_0
| MD5 | 39b4087633e92213bdfff5653699cffa |
| SHA1 | 21c1f7a232a0d7ad8db0d35f2227a79b41b4f74d |
| SHA256 | 30884cf291bf0becfa6218204569c398bb652715dda61c1a40ca7415f8d03460 |
| SHA512 | 3f84fe63933c5801aa2398ffee96b6b7af828bc1e10a91292dae91b968a9c6f241ac6ca3acec1879638f53539a24c859740e5004075da2ef6db981572c6719d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5e9e868ca963f625_0
| MD5 | be55e242a3c1d0f28b4238a74300c193 |
| SHA1 | bc9f8fb58b7ab26a8e9fddbb8536a12d5f6bf414 |
| SHA256 | cf5a68544c792e5d87aaa9d87dcc59074ee075a15452ab5454b96124c14f73ea |
| SHA512 | 5f44d44632c9f38db567d18e1f8d6db84384ccd26d2a45881f6f33460b7cf2fa06f012a33e7c15a88438b9db925e66c4a103342cf471d1830309ea0b16c5729f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0a1d49b6729e49f6_0
| MD5 | e090b24180c66e5eb3eae76a2215104d |
| SHA1 | 9b19419c11d96db60110d8fee6ed6acb9569c581 |
| SHA256 | 227cdeef34670c2f09b2ea8db52c6f864cbb03e0ad99e3bb7094f83c0d8498a2 |
| SHA512 | 80dd7c1b5af42a4c231e48a738982235c69b52bc47261ae8a695be6f3a74c020625969984f9a06fa2fdd5b8ccacd23377ddb9c2ea1676dc163c1ed555c5b2289 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\64d3fab4f4ad87b6_0
| MD5 | 817577cad954265cfb3fbae73c22ec13 |
| SHA1 | b6429c4bafc1ee1ce39dbefd95ab2a1cff17aacb |
| SHA256 | 208de59a42677d259931ed528a3f5524aca7ffd5449d3c1b2c7f884b9ff1bf7f |
| SHA512 | c8ce7307e015b4582044e3d07102658d4bc7c994850fc98b3a899957198be6fbb1b1b7000e73c18ed83c297fd383a3a47d8958275084204c2666c432f7d88be6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\78c49a8c3425c152_0
| MD5 | e1307d9e60baed57a1dd21ffbf6b693e |
| SHA1 | e5dc7709c9a2898526207e8afbdfbef793af9eee |
| SHA256 | 4ef154bef549792ed2d9652a043acb3ef6dba2693a4032821b2977a00d835729 |
| SHA512 | cccde8f4c39f5a8588ea2e3b54b5d4a4f47510d5e3220bfa74ae8f5b1a30f0f00c553f957e3c29e27c31ffb604d9c037c84d2f1ed5bf5c2aca5cd7bb00aa381d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1c19086503f0dab_0
| MD5 | e67996d6afe451f260adfd9bdae33ce8 |
| SHA1 | f86440f01c8b15c933fc9898d33b466bfe29fb4f |
| SHA256 | a8813344116747e6e62ec8e75dc095a2450ca75fbd37cff24884a1d25677c520 |
| SHA512 | c402fd6f020c0a4d9d95e02e0ee602c927ba46178e71353b0765871fd4838dba7453f4958438052c9efd4ed23ac901e7a1845e01f13480fcbb9b6bed5d4054c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4fa63f600e2cddea_0
| MD5 | 6ff03359ef99280928eceb55746a60f6 |
| SHA1 | 8a3d3c2a6a0933c945f0e866aedb22f1b9c452c8 |
| SHA256 | c783c5a8da3930e8e9fa25cc6a8f1e3a1f07546652e3046eed12db461b90350a |
| SHA512 | 1b63f04934cbc8a2bfa0862cd69a1500cf18283a0bfeb5d3e5b71573f26b8c3d59f78d835e36d0146a38c79019abeb4773dc1790c46d673ce4e2a3e05d23bcd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | de91d212eb5f112f28d4c44f209af4c0 |
| SHA1 | 030dad000c95c3e64217603bfe103bdd03bee55d |
| SHA256 | c54dccbaed93ff8e7401d997184ef7484d0c763f9f2353561a017a07a613d658 |
| SHA512 | 31b3767c22fd27191bc90a3cbdc9e60cc6c83b1d27d2a2f26c3fff85ca076e0319b63e5f7896f825b22ed9313c23c7837d7cc9f4e696660d1a852a7cc8998201 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b4d3ee17d67160c4_0
| MD5 | be9ab0539a5ac21f3f75f52fce2d064f |
| SHA1 | 4077082f5456679a3853a851d21633cf9be0d97e |
| SHA256 | 5cf5f42c1125a2f25b5d20fd5bf0335bfa94a804a89b5a9ba78355822e02f411 |
| SHA512 | 456efaaf0d17a2a571babae2aac25e2268fc855e98567bf57ccfb4411d7465ec8fe328913d0831b9486405bda78eee63cd7e1c4ae1d7fc67e474725394906c4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\24029b20a1b39be0_0
| MD5 | c716a5649121a07974b51b29dfa7abaf |
| SHA1 | e53f62ce8ea1218f3ee80b3227098ac97cad40b3 |
| SHA256 | 058339ef5ad36e605efba2b1e80c78fcc56d0c2a9fafc210683e9d69d061bfac |
| SHA512 | d33365a9e1b7c17f84e710352f800e6e6e4bcf5fe4432bf36e992168c47d6b0fdbc13ef476512dfe9f8c9bd46c731098c19a584be322f5562b0d5d7742d9fffb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8a693e1c4699eaa4_0
| MD5 | a00fff76983087d14d6cca0fc3de5d28 |
| SHA1 | 62f679616aae1d99f558ef7d975b0b9f304b3e3c |
| SHA256 | 97351eb0e2843f50c16c69f44b2a48a6b8757b5a73081ce6c674e178683761f4 |
| SHA512 | 298fb93cdc94fb0a8afaeca205cc118147a127decaab2e2592f2bb0d070a2a95d6dbcaaaef4201e8ca9a246dc5758c09b76b288529eef0fb6e16c7d554d89345 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\95fa8fd52668bb2e_0
| MD5 | 06eed4f05ce5b07f2b6a48e56ec8ee8d |
| SHA1 | 4a2c06c884075056e5a21cf14d463514b2a5531a |
| SHA256 | aeee8993ec7bee782448ad71e49e2ecb93b0cbac55323dd743165c35234adde7 |
| SHA512 | 70f6cad79fbfca706acf86d0aa6d34746a3ebddec656672c0654807e875ecf9230f735f14a28c2aec34c66aa34a9d92d34a78638a91af507841b62236cd3c62a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b5b6723e98e348e3_0
| MD5 | fe3e9feea74cd46eb82ffca5ce1f9b90 |
| SHA1 | 6558201bd6bd8fa615e4c16c19e72aa6a7c053fc |
| SHA256 | b7500c586990b2cc492bf758d7d55b8f1cf1b56c3e9d40ff701da18f97efdc86 |
| SHA512 | 511a85027c04a1646a14768a8d6b8cd2c341f3b5d777e9489e68f4fb675b6a03998505113d411c274d42555d4dacd770a01ee4c3b43c43087172302c585a654f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5bfb71187a666021_0
| MD5 | 64fa2f8db5084dd78f2fa03352b689a8 |
| SHA1 | 09bbf04dffedc3d0d8fca39199a48e4716240f8e |
| SHA256 | eadd0262401e4a9bd31a620928e81f42b694957ae0b9d3812d378f83425cdb2d |
| SHA512 | 304030d11e1a3a248f2ba408991a74798375cee4fa86f60e23660ec60246e8dabb3491cc9282f1e8f6d4f175b1c0a483e6b8ec6bac56037cc93a0a7671eb35dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a7b3125ba794af53_0
| MD5 | 101878f224740718670c47fd0a1c980d |
| SHA1 | d819e84e0158617393e2f2ad7af57fa47150df83 |
| SHA256 | 50282eea14c1372aeb44f01a1867d3fc002ab0c56e420dbef9ba8a969af70e01 |
| SHA512 | 6ee64ee89e69e02711ac5ca71e5014c3dcbfe858cce1fda9b771ebac7dbab23ed8d25691c11df142bbe64204c2e83da79acc73eeae0faed65b006cf87468844e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\07278f538dc725f8_0
| MD5 | 7727381a7e90162dc47c7ee1f734a237 |
| SHA1 | cd17e36a6659598aafc7e18ce8fba3d4c25d75ed |
| SHA256 | 0b4752fa6ba835ef860b7d4d3e9e6fae6b38eb81345b554a5bce0d9220e369ea |
| SHA512 | 8a5c635964d49f785d29fef58636f6693533c389e90793e0ec6471c598126b47b46a76a8d8cfccd923044cd2b52132c13a97f22c176ab8cc1d593f966ad76b5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4b4bfcdbca80cfd9_0
| MD5 | d974f3db56ec9be012b5e3cd8473b26c |
| SHA1 | 19e7f9106f2c200d8f0bf887fb343bcd7a068136 |
| SHA256 | 4a631e53a1753c1c4f1afe5f6358d98fa4438e254391b068bcc992257fab20ea |
| SHA512 | 012395affeb72238c9f342921262d0d10613ea68eaf2b7744f1c422512384af0b9a41bb9c11cc5706bd5f2ae983373164989b43cbb82d9cea1111c361e6ff53e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\36d971ef7935327d_0
| MD5 | ffea8a57043a27474f0158d2ebfd3cda |
| SHA1 | dc3bc52fc2f6f24d969ea8d5081f8994b0d0b99f |
| SHA256 | 726f2f79caa620a9d9beaf6c49585db11de4a29f551d557c2e1b0d7a1e14ad65 |
| SHA512 | 604a89def1748192d9718ae09fd0e42060413915d5821dbed48194ae88760161d993fe2ee8c9f94e2cbb706fe05120a2fb893b1bd9911cd221d9b8de655ccb64 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f
| MD5 | bbc50fd81daa634956356ebe01811131 |
| SHA1 | 4430a7accdfcd1b3c9c9859e66c4215512083b5d |
| SHA256 | 49bdd4c96a6000996d9104a17eafd5a15443e9bd17d807df424bcbc4a9440c0e |
| SHA512 | 9d21a0ca98d07ee339631f494e423830c2da5de55f69bb5fc70f54627d3e4311c234dfc03ca77ad28fb64ce2fb28972e6422dd7b3cd76200402c25df67041793 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5e6ae01919b30df06fe5a6619ef0f0e4 |
| SHA1 | 544ccc90650824c62e9b93b77059e9651d4bae0f |
| SHA256 | d4504dfda542e8125bbd7febc687f69080090dc0711e324cc3ef43d1f45a390a |
| SHA512 | d5c2b4ae098b9bd1778dd29d60f70fc2726aef5953dbfa39af92c4b842e65fdd259832a78029621f62fc697d7f71d905ce614a9cb4c289d47ed700b5c6ed7c3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 26a19282f82d9f478a07048b245a82f0 |
| SHA1 | 6a2d925114ae1b544c5b81143687ee9ac31bc45a |
| SHA256 | 3259d3ab7458d56620256eb126a04f9935749508c18cfd1c4df85f92b5307bb9 |
| SHA512 | e6ca52561812718eca74728106fbf59299c506677937c70b9d9ab8a91765c5ef5818f8aa79c8afe07dd0b1bdf4fb85b73040d8b1a369b10e71840fa99bd77743 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7a466410bd218f4d81f24f2563b2c1d6 |
| SHA1 | 8f7cd4386dd719ccdcd19411abc8a2533f8c2f39 |
| SHA256 | d5cb8f3f5787c1f8a5d1289f3f4500702139e97d289e7c2836c4a1745c347492 |
| SHA512 | a2c606b9f0998cef247a948ae184e4d3fd575b6d777605dc662c004a19f97ea11963e4a895f95bcbb02dd77442dceea796ee4471fb7ea001cd734995f4e6d362 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b366c7255e5e3c7b_0
| MD5 | 32789a64ac05cec1d20f861d63844fea |
| SHA1 | 8f2af14e49514834deb05007d8166bde743a26ac |
| SHA256 | 8cec45e745f13a893f821d05b2bdd6da1b526875d932a99bca44766a7b868454 |
| SHA512 | e171935310bb7d9f17fc44b6d2c9727be45655993999b0726d9d1f318617adb5af0415686a1d666958c2d34dceffceb70280bc9ce2ce3ff120062301695d13a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0af02c460dc89ae2_0
| MD5 | 2b5c40fbd972c77a50a81114c6385b43 |
| SHA1 | 6450ffa6bc46f456e0bea5422b6025e05b7c8ea4 |
| SHA256 | 1346315ba3886b9823af68a6abf7996419dba83ffc929d6ca6dde1608615f395 |
| SHA512 | 9dbe84d5f4b0e4dfd216338876e6932eba642b41804930aa1d4d3850924d55c6e6d05fd80e1bd390713d4a0c970d6f24c32a56a4382b8dbf7e1681c42b186471 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bd6b414df7ecb6ef_0
| MD5 | 1a59869e7be370b6a1f5e7f3e96311ba |
| SHA1 | e86971c3d2a6d57fff8631c4f98fb27157eebdde |
| SHA256 | e5a6de2a2fe51d73a5e9316f615ab929fc50be5317dff874aa266265501c05a8 |
| SHA512 | b47eadfefb19cbcbfe8193ee901d3908c4d4c0909137ee78977a112738e3b7ddb9133fbbd110ac2451014dfa2b9c3e295f0274435315f9d459a5a09d0ac3a928 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\73ca0b4a67fe450c_0
| MD5 | 320ddd66ff5edf7954d020931b13f818 |
| SHA1 | b622946ea9991f418d5a12d79e52e011e0c54123 |
| SHA256 | b025ddf81bca77307897c18dbcc0f961fffa23db33d2af90b2b3f8ab47b21480 |
| SHA512 | cb9be7617ebadcc7afa4f30974f888d6c1053487a0b2c47b6c6b81320f10d30b76f2e320ce5a87bd73317590d4aeea0de1d81239f71f943de2054fc4d037854a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\10e7f09a1dadfa79_0
| MD5 | 4e83fb6d402d983ea7126f7cd37a9925 |
| SHA1 | 8499d07a93987fba371878b6c6700e74b1eb8e63 |
| SHA256 | 8de250cc1098816a0b8ffb450484db6d30fec03ca8c652b092b760f6ce0ce847 |
| SHA512 | 65f859d597de06b6789960cb7b8b7537c261c60a9ccf549158a12b922d670130ff02777c258efc839a93abd8aa351870e916ff5a54dade445841c575e2bac2f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\626803654ffaecd2_0
| MD5 | 38ea9e8b89002cc8fc94b3cbd94e6244 |
| SHA1 | e426f9ada7f33b487e20ef3aaad1e8f3bb79ab7a |
| SHA256 | 2d9a2636f3586d8736b2a2e5302cd6bb1137562b791089bfdb0e031d07cca745 |
| SHA512 | 0340e5350deb2fbe5f41a00c7137b4a2ca5436b66a479a8f67adc09606a7e955bdbe6725b73192fc42a4b87e0080de805ef19b2a3ef0dd5cc2e8a73773f8f307 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b79c6c5857945319_0
| MD5 | 3846e29a6602823de07f8185d5bbc895 |
| SHA1 | 3402962e6c455633cfe63f6a2154aa58bb12e7da |
| SHA256 | 79fd7b7e191e2b7036f8ad87cffbf2569f3843c1a6b1c7e2ec5691c665793e1a |
| SHA512 | 7724334ff88a0e521d87f7f935713efdd12d98bef9d698aa58e235b455016a96321869a6bd8ffe707a665a213ce373a07c934c9b5b17399538d5529e297e97db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aff58203494d7cb4_0
| MD5 | 5b9cd738aafe7cbbccb5353317e3f6ec |
| SHA1 | 8208b070599716df2e8302688252767954d25d15 |
| SHA256 | b92884f9e591ce3c6b98c48ba7f0742d37286ed51e4b55654932fa135fd902fe |
| SHA512 | e40f271067bff13d89a4e60da918db6b4845766f08de81124ca97161eb7a69a5673fc56b018464ad07eba9c1ecef7a27b73a7bf1acfd7e9cc35a7956d980d191 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\77756c76aa6ff360_0
| MD5 | 0d6509db1f81fc821ac79b9d48d51705 |
| SHA1 | 50d64a030a4ee3b3d0cd711926a057866e7f801d |
| SHA256 | 9184e3615d91565266f4e9ed46727e605a8b14dcee5cf6b700721c21fb178c4c |
| SHA512 | 2e65bebbfbfaa005d3c2ef3cf393c4a812c9d1cbb0a492163ab4f37fee2185f1249befcea7ff6bf203a84b2ab5cc35556e169d53598aeeab2b7dd77edb4b2fe9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cecc97629c33fed1_0
| MD5 | f4f453d401cb010c9b6bd8f383305326 |
| SHA1 | 721396652551bd9b2f8f68699822d502a6f093a0 |
| SHA256 | cbfb077be3ef0fa08cf92821147391b296d057a836c749d1828d5fdbb82bec4c |
| SHA512 | bae9f2ff02e4e0758ceafc64599a7e76f2c937b660bffbcd5b7291e4086ee4d9f0c7cf8e982f8cb1e209862ff96620932f67ce654b97f6e5cf82974c90b25dd2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8789e6fb125d21e3_0
| MD5 | 0f7606aaa601b75d2420aa07b2f590da |
| SHA1 | 4ee51badf9af0695c28a5928ced91f689d9e1497 |
| SHA256 | 213b8eb98b5d8d6f5b06163231b2a4793ebd39ef62f2eae987881cedf1d4155a |
| SHA512 | ecae22da32d04e25e3019cdb5ccbdcbe7cf5c0899c5f8e5c73ac7f008677fa0c52bba9673b9f26bb668cd2eb38454efba705a840e3c9b7cbdbbab6e5a4c674ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f6
| MD5 | 281d7e2264cdd30f0a84526715e98d40 |
| SHA1 | 8bbb9a87eb4afa64c64c18525586ca2eb407096b |
| SHA256 | 16bcf0c493629cd1857f28321da2e01b931eac37c2973692a9a17cc88ce5b53b |
| SHA512 | 57e342858ec4bde829dd7ee1cc0a59aa57b386c3daa762b13ee47c17f23a2b859df461fe9324e3dc98947478a9922e8725cc09c5b260657ea3df2d89d1266cd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6fbea62743c820f9_0
| MD5 | ec64d598e7d8521662e97b5f9d137cb7 |
| SHA1 | e123a90180d8a4431772cc9d18f0a8eb0de10e07 |
| SHA256 | 1a9cdeedc50f35cadf3babdea91c4ac7b76b105d7790116afc1b5fabdcd208b9 |
| SHA512 | 42639bc54d56f741d86b61b5d48d6e88b4e1dd0eb2710edaa13f96ee233d7c57297f11183aaf7c42fc1d8b634725cf24a0f14cf5ab3e7117edba8a8e20161ab1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c40133092d101876_0
| MD5 | efa2ac820875773f2fc335c14f8045f8 |
| SHA1 | 698ba14908591e0ed66d4f73ccf377290b7c7817 |
| SHA256 | f5a080bddab87edd31f562c822fd1e7fa854aaa2d2d109c2a3fb00bdc38bcef3 |
| SHA512 | 8848417cb08f49faf2ccffa3307d3314ff5b5cf0d8efa4d1e6ec68dab2fe6d167b0bbaf616d8df8be0c84e929beca0a3ae53616f8eb35d8c7e106bcb7474ccdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\503d03a55a971256_0
| MD5 | 9310d5bd3c39f667df737df805657dc9 |
| SHA1 | a298e50e48c9723935e5f8594a3b8de7461a43c0 |
| SHA256 | 15f3d8ec99190decb5d04cea820dd9b53e4863f223b797013904aa2cb274a075 |
| SHA512 | 1c88426cb2852787f4d812fa80fe08f9fd48f28c71d52b0e3010835eca86a419dc053ea47f626923091e40e841d66f9c10aa48cb92d3670aebcb60dc12818f81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f7ad0cfd499e5b97_0
| MD5 | 365c49a1957b86906133d2553612bd02 |
| SHA1 | 60efb9aeaa8d4c72eda3b080e15d90f7aae758e7 |
| SHA256 | e9e2defd80e9bb31abd3206110e1e7b12c9d0ec11d485e3a256c3f2eef36ce75 |
| SHA512 | 2d1815c667d01b4817dc25450e73f2f7b038b681f95cb6ee665061bb99eadce461cc7a845246b5347f189948f7470c3cba356b7bcdf8fb5438e633b2423bf5c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c2abf9c4deaa65d55e7d5e18da838030 |
| SHA1 | 6cd87f1c5bd58274df8ed142821b3c93e48a938a |
| SHA256 | 053e20786217c78ce8631191238c2c54d8e48e381fd3c359e6c711784790e996 |
| SHA512 | 3c455db55bd1ee99bb91e43b8b231665b02886d77e227f898e78136c4e7cf0129d8bd5adee37c62f05d58280c1b3146163608439c9f88d61135e932705ef7a9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a7fd6be63a7a14100365db79ec9c7972 |
| SHA1 | a5d61dbce2192f9f51a88c490464bdb573fc6b49 |
| SHA256 | 33366efab198fb53d687899919b4fca9eb352f4e3ea6ac3cfe929eae05fdc7bc |
| SHA512 | e751f6497275b874551d6706c407b38c8d8ca66ceae8ed9cf3492be29dca22744b9258a36ece73d980a5d686e1f37c62da54dd78dc56dfc52b9f5c3363f79d0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0ca1b46d6763e5c2_0
| MD5 | 7aadcdd3ff6f5b7cea90f96b9c94a7fb |
| SHA1 | d725632f27a8eb7068d98f312544a260919bbe2f |
| SHA256 | 915306e18c97344399f75dd4b3dc4280834bf8ff2688f235b609151b993bc998 |
| SHA512 | 3c6ca1b65e979d2d40e30e1ff88e07523aaa61859d2c6872fca2672713557130c966378ba6d4c7b244af65fccdada00ac10a4ded4a016dd45194de2f7fefd96c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\973dd2b2d15dd8ad_0
| MD5 | 5ab0c2186fcfc5680dd0c38915966e7d |
| SHA1 | 66f37a321c3a0942fcdf677c704b223a6f94b2ab |
| SHA256 | 288c64ce8713d944dced507af5af8fae7c00e74a4ef3a9068e86fb37d78335ed |
| SHA512 | fc9b75dded84d1779c13139a742edf30f1299d338cd92d217cc45ba56b0f699c1f571a81e500db7d70129e7fcbb285d2968be78456167ffa0931f0a24c4a15e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4c307b02b4dcc58c_0
| MD5 | 97fe1c6e44bc86ec43b55e7ab88d3a62 |
| SHA1 | 04d5b6380db7d5beab865b1f89bd47f4542c949f |
| SHA256 | b8c616e9c80079787571b89fb5feb9c9f5fc3bfe294ff3c67e31da34dd62fdab |
| SHA512 | fe468afeb6d7c70fa3f4ee54195dcdc28b78ff419292e90fe6a3a8610113234fd7956a76eb85ad80b5f3f3c5e51e422f4d2328eb2b6051a72ce8bcd54a416cae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8d0e0ae8e0b42bc0_0
| MD5 | c46a1b05c5965447572abbceefba4013 |
| SHA1 | 2fa84173f9b5a1bbf4160bbdc99c9283ada70dc6 |
| SHA256 | 00a9490b80e5644f9c8bcb5174fd95d5970a8d8abeb170bd29eac0f50fd884b4 |
| SHA512 | b344fe8e3d32be958fc60b11d2c7cdb0df1f5df6db38ba4d3eb42b8b4707fd97df5a3fe4a2c181b756e7585935ec92ca097b274615b7008e76e7446b125dbc36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\adce463dc0e730b5_0
| MD5 | 21558a6e5aaa7c978e0c998ca5470565 |
| SHA1 | a290385d72de009da5e11b96a35f63cd868f499c |
| SHA256 | 0ef2a05f36bc97b9ccd9ac1c59c5be0984386d3d0ffb739fbb40ba4fda514d54 |
| SHA512 | b953549e9135c815e0ad1de006b016fd5013b40eabbd8d870623684ddbecacbaa0bd916dfa6140bae01bb13bc50ae9ea2967caa8825735c1c78d1bb75ec7c2af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a53a2729baf4feb1ca1b640c5d806a11 |
| SHA1 | 25b884ee2db17f6035698274c8998f4e4603be21 |
| SHA256 | 8995bb755d5bbe7d35591f7a67a890a092e0071264cc44a148d41f2f7c10b505 |
| SHA512 | c046474f595b436ca9140b1d462621cff8cecf55efc87d256506681285f1e5eaf5712ef7ce0dee257dd47fdf8b066f590905a60fddbf34f4288fb117889c82e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e1ff7dfdf75334e046ae6088658b3b09 |
| SHA1 | 2e4b9af8e0e4af8d9cffec93c62c89b789c60d13 |
| SHA256 | ab55205dd29c2637fa7233672f95917846161d7e759cd934990115a7e36ce60c |
| SHA512 | f840f129ee9c2879c02c648c836e5429142faae8d95949f07e0f048e66807791eaa11c822d264dd5472d4487bd1674bb35d70e49ce4daeeef1c41514eeb27e3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f9fdbf85a9c09ddf6d4304c204c7d69d |
| SHA1 | b57377520e05174d4853e1ef2d4b3c644983f019 |
| SHA256 | 86bc4f0031b8ba7890b4fa1f834b4f150e20417f0f96fcfe5220b22121eafd63 |
| SHA512 | c54d9d6f3487facddbf44f12f325e5f85738a5cc6c5ff6cbcb24a01baa4ec93bdf7f91b0795eba0d58ed7c9796283b1807ddee106a195475b8dfbd38c2ff467f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 91bd84dcb00509dd870dd62c00a153b8 |
| SHA1 | abe1359661b9ccc4b24650565cdf759d77adff7c |
| SHA256 | 9519927d9a0eacf936f2d454c5d39f2f97c0750cdd7b898ccd1d5187055b9a48 |
| SHA512 | a25ec5323f7b3bd21b7dcf724c23472ffb4ad2800cc522902c174babf8f090ee8e0144d3c109b29ae7fdb391107545f9f86e879fdbab290378cb2c5f7c720884 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0
| MD5 | 6288a1c9e91352d40870160c8e3c90c7 |
| SHA1 | 6279e567fc7487bdf3dd85264ce19cc1b7fdeb72 |
| SHA256 | e2d3cf94f0b8a652e13c378b3a637134536eb73a9820be54f629aa304b4dedfd |
| SHA512 | 679aad0f7f4658419028d86678e3049b943658fcaff876987bbd4f4001dc61714de153663a173f7160d76bfd4d235d02736e3a1d19ef1d3ba03bac38f8e0d092 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\63bab61298dfac24_0
| MD5 | 53f7abb0013a51bd2961f87344a20fb8 |
| SHA1 | 4ae889db82e706cb10193031c1aac2cbfcf188fd |
| SHA256 | 888dd23298f067876817fd16822d59143eddfb0755046be374810ca86b988e5e |
| SHA512 | 3560faee09059564052d776e4d3af904e5ea65013a27ca90c865075c79660700b2122ebee3cf861b6e7fc0f2a4eca9ccb0dc62d3ca71ef767ba5c0fccb503990 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\50c3dd411e14a3f0_0
| MD5 | ef6b7389da096e4714b999a1e51511cc |
| SHA1 | 74fe56baa05bb2b24af6c9277ac5c81bf32a9b6f |
| SHA256 | 33921b7eade2c3a401ed48bf4dfc00cfd066a282e83bde223bbf8924b39c28cd |
| SHA512 | f6e369c902bb75dde1bf5805c24a4b5943f373278c3dd6c2e554f5316960614f2b12b124cae0c877ff85aeffb7989ee246993a60789d5ab193581c55b2b8c770 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1cd0cfa7993434fc_0
| MD5 | 6203c4a131043c7f3ecedd4f503e99a9 |
| SHA1 | cd77618b2d26a6acae0c94c730fcf2160ba333bf |
| SHA256 | 46d703d160ade184f98a4475c5248552e2a03d7aa2fe43c3836a2e4e0aafff34 |
| SHA512 | ba86d24861713342ac725313a4b9aedbb8f9562980091b8fb59cf8b4f568a74d69a931705e74df8a8f34a3781f039cd26a3677358f673db4c96cd711fa32ef2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a26de030ab5c02f_0
| MD5 | 8d700bda8057beb9607d57b3423733d5 |
| SHA1 | fa89be4cf8aea9889e5c49c4d6d6e327c010125f |
| SHA256 | ce38a939a0e1c1dca9ba2da55515a6b1db371982c066efb1ea90654261293f3f |
| SHA512 | ffce5eb25f7346f1292c9fbf6f63c6f4b56d7be4575fa468cb3bea531455315038aa89ecf02f5340f0043d091d1a4d0f0e7ac6c215429f0cebfface3a61d83f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7899d2b49a9daab3_0
| MD5 | 9b8d91d7975b68937f3c59b18d5f3729 |
| SHA1 | b1ee9e5dd7142b87f349071b762ddad596266b6b |
| SHA256 | dbef218b16ad9bc2c7cb3b4e11d5040e29a5a4a0502c4c935e9dcbb7ab2b0ae5 |
| SHA512 | b9ac9bcbcdd62ee0f776f9501868c015cbcc92fdce338f240793e52231df75d2f19d18b003464c375b01b93dec648007ed4bcba75778fae579b436adb0aa20c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 4382110773a1241771ef3e246a72287d |
| SHA1 | 0840a47dae2880fdcb51e1b9a27fb3f4dd685f71 |
| SHA256 | d3400ea0e62d0a3146842d40107cda055b83519b36bcd3793ec8baddb8f2baa0 |
| SHA512 | 2b57a18dbdbd83bafb4a3a15b093c40dbbe4f990faec0956f9a34afaf7a4283345df81c447e850ab01543042ac5bb5b3810f36fc8db6eb630977d0a481e7020d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 78d21d9ccc0d483962b1dd71392c08fb |
| SHA1 | b42ef86f1f9eb0c00e48edef7b6104f66ab95e9b |
| SHA256 | c3e28e9c1c9c45487cf325723960b376f35ade0e651f361ba6f28ab09925fbff |
| SHA512 | 0b7e301a68d2c1e6a122542b42bd013802cffe03aa39effbfa068997844e2386ca9b14110fcf2b405fb4e7a3c07d436912eb8ec327a918f605dec6702bfd8764 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000142
| MD5 | 015c126a3520c9a8f6a27979d0266e96 |
| SHA1 | 2acf956561d44434a6d84204670cf849d3215d5f |
| SHA256 | 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa |
| SHA512 | 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b2741db484c907c9d0b3eac1be8c765b |
| SHA1 | 39eeb0e5cacf90b4aef78b9294ec592b96eff034 |
| SHA256 | 5e71d99ca1f616cded4971fe0d58717b8195acfd697f14cf2233def8b6117d8f |
| SHA512 | 2bf56722e3fe34d0826bae30cea1519dfe55d4b98637c3e52f665ab7bee0499107fd12a2fed40af40e8fb84e66469f45f69c6689829591098799db5f9ad88ef5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 976d7758d3f574c3fc30d5954b296286 |
| SHA1 | 0a8246185ee903e5f4679926a4eda234a055283f |
| SHA256 | 50287c9024e5c243e695fc2d86618d6e0eb938be84f76dde0af03ba7d088d7e5 |
| SHA512 | e46072f234a9fabda6a90315ed7aae1751a218dd9c013e7af4ce249e33cc864b60e3b2610cf9a52074340b3efe6de4a7603dae6be5a3523e335a5ae25453afbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 675dc99c5706053b91798a20af34a911 |
| SHA1 | ff8800dfa45c4146d475fc88d958301938a97e39 |
| SHA256 | 45fa9f7323b27c98aaaf7304a52655ca08201d19d9e43d0e2b0171047660d77f |
| SHA512 | d265606ac79ff915a5a5c50de3fea25a17131dccf95c0587c88bae0d9fd0998b517ce5d5731ef69d229a96b55f35b751a0c2cb16aa27cef00a5b4444592d0dca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 97494d2ab78c327f748074c3cccfc93e |
| SHA1 | 7ba4606436b811fa327b972769f0305b1df152b6 |
| SHA256 | 897f9bbf444af1d767fa03be44439c45912c262689ad12c5e4df4dcdc2f8dbcd |
| SHA512 | e09b8e025097aececb14835d28ccc1b298dddd01f638a2fd1e26b904f9ae050c10d5fa93b233d5d0d8125770de7b39a239d1055a6ea707e266f2c15c1c6bb7eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000123
| MD5 | 9683150f56749f13e49d5f4bee186679 |
| SHA1 | 7ffcf01cd35808be98dcb60a35f7135eddaf4efb |
| SHA256 | 6c27631e81d8da9963ae6ea22a837860c914b0e636e5228f8c4b4a3b529f4e54 |
| SHA512 | b63d4074acceb9b2679309ee446685cf1f7853bf454cf8a26d26eda534ee507939c0f84317539462275886dacd92ece2ba9a6ac276821208d9cc0a41abc54cbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000124
| MD5 | e6b421146577fe7e0d4f7d6c9ea4e3cf |
| SHA1 | 3b138525f54618af414a5449587f8266e54fa787 |
| SHA256 | 3415bccf0ea47c7ac04ee84246d2f2c6b9e451c4969ff9afb15526417edc9019 |
| SHA512 | bf68a3596a4ffd2e716d11a4dad7e6de7ef3a8ab121ae7c2b6714ae1639acaa4fb86de383ea063736c42d4167088eb2ebcdf24e061b8bbcd62d41f827786fb39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000126
| MD5 | 25fa8b948ab1e1fd9157bc62efc293ea |
| SHA1 | eb259a5ca92ef02be27d40d511106e1ce1a5f8ba |
| SHA256 | fbb984ab6dd53c27ac7fea5313101823ea7996c11f70cfd32d1c47cb12c49bce |
| SHA512 | ac6214446a6f253b06972699adca45e094d050cea801dddbe017107ff10f0c35d631eebe7be4c92b98ab324a9829275f0a75815a082943a83e94b83fc9241549 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012b
| MD5 | 9b0a2c84f3a4242f30ca6d3ce9d803d4 |
| SHA1 | 1e591479ace4d216f1830e8d64815c35119599e6 |
| SHA256 | b5f716b1dd72f21fb854611aeea65e41700b41f8dfc0c6bcc61801168c54c943 |
| SHA512 | de01ad2258dd2b4d53a0df73f6af433ad1c5ccdb0d2c03bb1cc0959aa2f4dbead922dd736bd4770feb16d9c489d214c981cd3f7ad2aa856963f7f0ab126d7dcb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012d
| MD5 | e29ee04a99befc135e8c65e0e8480c68 |
| SHA1 | 9d8fb2bd0885e7639921936992c27e803efb2f95 |
| SHA256 | 51a02f209920fe2c9bd03660981278db3e345d7064c08da8a9725009e0a8a6c1 |
| SHA512 | 75faf91904b0359494e18ed7c67e215480052ffa2f146c16942ce76994217ffb6bab8491152a1e3651e5df315db7bc45106427a5df5926424629e248c72132d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012e
| MD5 | ecee3963d561214cd884daf9dfb9a318 |
| SHA1 | c6a857c27da00fed2f70cfba3ac485361d8b849e |
| SHA256 | 17c62a456f6c6f95e574e1609603480410f2aa39b493d0757f31230b54f3aacb |
| SHA512 | 3ed290509321149fbfb7f2234f6536557cfdf9d964034fbb9c86b6f3b7a9647a533070d1c6b41a6c3a3ebe5c3a7a48a6ef8528f37b089cdaf838bbca545136a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aead27c05dbdd98f_0
| MD5 | 5eae54e7d750175dd7e0f5161346cc57 |
| SHA1 | 0c06ecf04be015193e453a458869c6712d482914 |
| SHA256 | dbf8834a60f58f32c1546474a6ee81b076a364a051bf38233b2c398b93815dd0 |
| SHA512 | 02fd140f06cbe0b3f24addfd97e31184bc0d28e01276e9b6cf3b3a201242bea01e44c168d340ccbe5f5b3faf44ba9bd3b92b6f685bf7b56a4a18938460704db9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e54186f5183937d5f5b7ee00eb701a97 |
| SHA1 | f10065b2dc72e22e1c76397b0001c3ed8e18b9c7 |
| SHA256 | 42f6dce7ca67ccb8beb532eb40318906cf67bf8b3ef2be758991c66ccb8b0b22 |
| SHA512 | 9b60c515214c5b6d1d0670b2a97ef30564ffe9c27be95b5f688c969002d1e084838c40c6899a49ba048bf67baab64d1077c4352957cedb9a20145c7f671f4058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000150
| MD5 | 6dc568f8aecc0246e6b8dcf8a600e188 |
| SHA1 | 866f6894a7c51439ff3a7216fa01b2839a36a077 |
| SHA256 | 8c3b2325cd3d30a7625d51d434ce010cd34ac2d6f7ba3a827b2bab727218f215 |
| SHA512 | 81c4a945aa9af38b8126a3d7692547dee9efe7a58909ba6e02417964afd5177ffe17cbcb00b988de33c48a1119db4ab4ba3f6197815d63d3ab28de3708105498 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\LOG.old
| MD5 | 7261fd06033d33b1984f1b175d0df8e7 |
| SHA1 | 36596a59a6ba09b316fb741826b5c84404318d8a |
| SHA256 | 02267e428d91b2c7134f04e434672e66e7151987bd203037cb07e9187013d917 |
| SHA512 | 6f9f451a2e6fa9457f9360338cb664d3314bbc2ee5e69c64d2147f46f4d0a50d04c36817117ca7065507b63b959805afcb973595491537a5556158ba2e5fd64f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\LOG.old~RFe5cb4d1.TMP
| MD5 | 085dfef7f22ed59fd5a43470cadbafc6 |
| SHA1 | edc9c1fa27d587b1606ef056f8a94ad1b3ee1c90 |
| SHA256 | 2ad34b3d3e5ad8cfff5afea7333c10350499d8a5b97e39c197f12d52e60ee251 |
| SHA512 | ca6385d0d21613205c3f89e52ba7672babdbd1448bd07ce41eabc45d14512307895f62a643f78f8e24bb571b2a7ff66dd8dcfcb2935c347d1b716a7a6000ad15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
| MD5 | 2f780e79075a036102af0a1e092f3bcd |
| SHA1 | 503d19610e0c5746d8f4c84103dd51bcb0026742 |
| SHA256 | bcaa95e4421bada50c125305c972d5f467a3aea846534da2dd22a5195ca23fb0 |
| SHA512 | 45096c4b0cf99516dadc01eb080510ac1b258d923fde64ad82cfc55f1e2b4e8650a264393ce545cd69ef6842f48bc03473037b3e32bf99677746c628e02953d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 725fddd924c905caf276f8dc74e6719e |
| SHA1 | b555467e0a282029f9c53ef0c83a96ddc896e4c1 |
| SHA256 | d0ecf50307afde2633a77f28d0bb48fb8925147f8544e1a0f8c4941e1ef2f680 |
| SHA512 | 75fdb6ef419c215b42ff7cc8b424fb849e11a45dca33e3a81d413161d05d0204c2c711129b1f1c6df28ddc154c94687f8d6239de82405f9912dd38688cdddec6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ffc3766aeedc0f67e5e3a5ea9df812f7 |
| SHA1 | 749975eb22fbf680e7bda9e15b11fcd305bcfd30 |
| SHA256 | 7e968132cda2f36be83a77fa7ee15455e6ad138548862078ba1dc5978ee8184d |
| SHA512 | e5938c99065832836316ce2cf28f581ad3a348adb4fd093e1e0b419b120a27982228f582a1fad73c4e48ce1448d30c77c4c8b6969e5c26c3e5a7148d0eb36ac3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 031d3ee5807914783fc8abf8a3f5de98 |
| SHA1 | cb5f5249a4662c37076fa8630fcf0e8903d3f582 |
| SHA256 | 8e9d2a14f4cb30309e224252114c246e4d342470b538084a996eb48228c58a00 |
| SHA512 | 77f3689cc0ddfc5dae0409077ba371611fb20fa2c8c8eede3fefd3c3045feb4b00486df1debc98e09f0d86cc713d346d8c8e65bd95241ad052abde938156095b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dc94d52a6df7640a7843a12a655d4d51 |
| SHA1 | bbc50cce56eb3b7ba891740effe1ab648276bb8b |
| SHA256 | 5618dcf6985641db754c89acf001fcb6816c1f5d4f8aea56ec85542cb4fd3569 |
| SHA512 | 5066eda9bd46edd6b7a345334d87ace7c0bef6b3d2b107a68b9e475100d416ddb674fa8a00fa67c39e95ccc36aae8a9f9c2b7d4da6c2f92a998264b6efd96df4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ca5509bbc1f65240a88b263231e8532b |
| SHA1 | 4e9724dbc2e717e872d5da12f14c0bfd3e873e09 |
| SHA256 | 69e521844fe804c5f4c12d4e1e46d3303d0b9bfe7227520eeed717e2997cd832 |
| SHA512 | eb53362be32a3dbb55a3958099675133189eeda347f7ba2d998d16da72d3a782df129b21843358262ca8a7c8d74baa182be217c93e700a79275c21b034b427f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014e
| MD5 | de5026f09cb965fc1e127e9c3358bd10 |
| SHA1 | 9d61b93812a75c0d1f350d3479b5d97068ed6f88 |
| SHA256 | f57128249b107e9ee50f6eed8a0d0c0b5a99d03a03019d3463dfb913c3196ca8 |
| SHA512 | 0b60a8e04da45fdf5fb08bd773dd218a3282348621b8627c12f8724f5edd0eb834581855c231b8a2c4f8a5f10908302e70c774d74905f94d4319240ab28fd69c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dddca7d2a95710602ed98fbfe904b534 |
| SHA1 | bc50c82eb01fa53791266b396b1d43614ae3c277 |
| SHA256 | 2b57feb8c44ba1059aaf605470f404b84b8a214d46f6cbbaae2d8b52d9bcbb52 |
| SHA512 | 77119727a269b0695761149aa977915aa3457afaccf075e339534bc17cb8c206a4f9259cc239364a03c675da42fd201189cc12a1d04be458e6db667e19d963ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a70def4a2b50f3c983540525d781dc9e |
| SHA1 | 681520a73468777ca6131396936c47caf2e3c3e9 |
| SHA256 | 518917db74e7a0abb6761a0275e77f00933c4d6f4a77ae5a38d7299e3b958d3b |
| SHA512 | c65ca20b672e0d3130a08cc53dd88915b85a81188d899af1fb78aca098c2d37bc45da0dd71ec7540234dcdd94afa80da483d3403cefedcb22ce78d6e7b8204d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ea3767cf71d09985_0
| MD5 | c15e60b51f995eada8d859a10d403020 |
| SHA1 | 3cbc0d4439083cc0d78a2a22347416ec85e29957 |
| SHA256 | 9aef8d02b61d1ccd5a647a10edf9b53cf58019f810da8a9e0c0e19d10344f38a |
| SHA512 | d27593b3713007eac3e4e039f64d88aeb36e557a2aec955b2c9254e4089570638b2431df9b3a9a5720b0b0c006aeed42506a36dc051e2f759c6b91a2b80c17c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d782f305bb50c377_0
| MD5 | 6716a8291e1012c78eaf2ea29bd9f1a9 |
| SHA1 | ebc2e1e87f0b7566758f453a10fdf5f63e40789d |
| SHA256 | 297daa537af05d9d0ea3c96d53370f2c8571eee3f3645851a1d60423c118094c |
| SHA512 | f1e9a9d00b077e2b663eb5ff2f0addc8623b1007956710d5d1272f8486660806c406a1c8d2151950244a4e3ae30491ea3ae0546817d17781d83d3d1ffd0ba411 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1
| MD5 | c0168b784e751301b8e8ee0a150fb77f |
| SHA1 | 182c104d1067b66dd8ba307833ffde75b4db971c |
| SHA256 | cb2fb3940dbc3495d3f8a904bb5512da1cb14a020aa0803f9360d20401dfefb9 |
| SHA512 | 6be08e59d2fdf5dd03c504563b3801f961ce8422220813cfda4ad603004f24f77d62f282b14bc59fb72d7f73831e3445691c3aa3e92a1017dfd16ae4bdced854 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c
| MD5 | 43f5c1a36da164104a6b2a8c64b2b2e3 |
| SHA1 | 449b4fdd09a87501f5a67c7149ad1317105f22ff |
| SHA256 | 6a007b4b553ebfcb1822cdfe66e0e42367794a25b84b2f3009ca2d790cb71a8c |
| SHA512 | 352c8a7e048ea3e6e78cd87885bb08942aa3d381becf71d59c3dd2f3eb16a50399c008efbe2942220510e4da903135a711da66f326a319ca14ccc15220ede44d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e
| MD5 | 134c77bba0e3bc48d06aba6bb900178b |
| SHA1 | 10735280e6c81607e2b9f47e86d1987a9e4e015b |
| SHA256 | febc68388a8aae62290a260527c99a5f41c69edd94c1a126152025f3254c07f2 |
| SHA512 | c56f347ced3b4eacd7b19eb7e2573368f3e448bce60168c2acd7598c77619d1baf32b9393c33c045bcaff1d88b8cf6cb1f26013d1a7820a7093a88d2243f0751 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006d
| MD5 | c0983f4a3e4b1ff34baa72f767e17017 |
| SHA1 | c1c8a211d971eaaa704afecfd2150cf998775c8d |
| SHA256 | 5b34d2e952517499626706c5e9745f6a1c63996c3406c14ce97fdc6cd2742da2 |
| SHA512 | f28c912198469247debe4ea6685c3275f0e6fd2b6d124961508804a0f14d395e0588fec3386015a1384309f0147061704c77f63d7383a2db9195033400781f67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006f
| MD5 | ae0d11ca058ab1130c6a607326a8ecf2 |
| SHA1 | 3bd422bf6bff36075491f12c2e4744cb7cb2710a |
| SHA256 | 4771b1bea16728a32f464736e182bd28117914b8e4509005f04068a0c130be62 |
| SHA512 | 14671a59c16abfa54064dce5637f1894a72769b9ac0e2e2ae502a7077fcabd64db4894c40caea02d8d609588beec0d89456f2b5149982b48b2494b73583d7a3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\LOG.old
| MD5 | 1081dcc3cc9a153354fe5cc5bd4ab57e |
| SHA1 | 76ff72bcb0e41fedc61fcae4a2149f979c4d7900 |
| SHA256 | 9867010c493f1443928702bfde9cf3aeb9738cd9bc7cfeffa7a9955cdfe84b46 |
| SHA512 | b55a61bcea63956601617fb64d625dd8fa8d00e511bc169d004ff42ab6514aeba2d52131f05cd4663455350df9444295e81645d9d21b562bf41a48416d48c84f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b72be0dc1afa0f30ba728f501e5c3888 |
| SHA1 | 739b29cd965de5abdfaeace9e5246bc00350c1e1 |
| SHA256 | bcaeb8d68207217e7abe0e1692ba74631315deae1cc0642c846aa7bd620243f4 |
| SHA512 | f2f87f73b13ad6aed7f96319ac32c80e7ab9e629f2f399eec1322d4dd20f1cab7c6bad939803d1ea786360ceb8d74f3660347600b0ed2869daec34e158c83029 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f6686261-bbb4-49a7-b2ef-7e6b941a984b.tmp
| MD5 | c1ec7bb070b375ed6f922a70b180e23d |
| SHA1 | 2b97146dce8696802e389e5cf0b08d183b42d6c2 |
| SHA256 | 56138398ee348e46b92db3f4f903a73f17be2fccec6d22af091caddb5f35510f |
| SHA512 | 52ef6a4aff01f4b5ca61af3a2fe8a6ec87e9ffe102ef8a0c0f35c738a4997d15d2d744806a678081efb4c4ee8d7c498df68c09aeab701ac12c054740e3d04926 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 5bc530e6fb6bb2768cf1415c610a5899 |
| SHA1 | 7815c16c39694f89ee7f2eae40867c50461c51cb |
| SHA256 | dfa6084722c848e61aaef4d75e896e26679d257fcc8889638865e3447009fa35 |
| SHA512 | 306c783ac4fbe3128c6b6f134db21375b2bcff417ec8b65fbd1ef7e83bbd12fdb7468fd8dd8c560dc0e9367db73ec939b97e5ccad39c6d2a3200ba0c631d19e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0ad43559f93027b3bfe423b7a7540c72 |
| SHA1 | c8b446f618e75ea068d1b5b6862e96224754ac99 |
| SHA256 | 76edf88f312a0ad91cfdb91f892144dfe53dfd74253b55dd038e4e6313338897 |
| SHA512 | d4d8b78f0f777c249d4c5a3c0e7b2eaf887831c67fab9bd5a9569b4c5107d17aa656ab9da4ba2ba22fda1e270dec02dd027419aa0bd22c858f427b718b0dd320 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e8d4fe87ab4c207723400b6896e38eea |
| SHA1 | 92d594fdf0ef77bd00ee8b1e89f1013831291138 |
| SHA256 | fa45d815331e87d0e355bc07e99306cde6acf8e63f44632c0db59fe910ceeea8 |
| SHA512 | 6675b4730c75576c24c363e237137a023ff152c0718dca2fa9ab4ca1e614c73982c3c794b8fd49cbd384c61e093eb3908670050366f7abf826a2636bd466735f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8542a94c227b32b4c2e37203dfa86ec2 |
| SHA1 | 1fddf94cbff0c42643956f1ed32874a577aef1ab |
| SHA256 | 13ecd2dd5afb104638940767b32b1ac7ce925abe4e8cf3cb541ef5af047db924 |
| SHA512 | 3f5b1ba6d7119b576e1fc77e9feb11631864ecfa561f09419cf21602eb6f7028c8fc14db06981a229a6fa8489855a3045606158295dc630b665bbe546a14ae56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0f51d46f19fbf15492621310c8cca9eb |
| SHA1 | 939e9dd63088b9e52420a872456a2efe0cc86dec |
| SHA256 | 408e23351a9d552b4412522469d4edb1fecbbe283c7c787c4999faf7012a6589 |
| SHA512 | ec6b2860a68e0ba4303f91b6e2d9362127f25e6a258c91b8a17404f31f40a85861aa3e9064c79a03acf88cb070efdf6af2239fdb7bfd62ab7396ec044252ff4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b2d600da68c727d044b7bd314b786e18 |
| SHA1 | ec990ff56f85c03e9b6fbfd5092ad355cc488ea0 |
| SHA256 | 0102ce9c9fb8bc37193a6ca61ad2f4a588732a2ee114b836812e00503c0c2125 |
| SHA512 | 984a9a257d9a811541ab8a39ca61e6691dc8349bf85b9194a2660389858bae6543eb4ac47b205a059f741839a302dc700ae40a06df6952074145df59a2938beb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e4e6ced3461178b85e4c3798c533f6e9 |
| SHA1 | 02f72ce7b4b3fbe1cb30f457c130698da4192567 |
| SHA256 | 515c775d920c4a7c243592d5a54fb1f72f1f86e7b46f0b9f8ecd0d7129f2a0ec |
| SHA512 | 7c285338b62e3dddf168a567cd43df79fe5d4efcbb0763a36b91296508c7fc2ef04b7e0958db5f3f6fc44edc556e1b182ce7a7e117066e0ebf00e57b98ea56b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7f625155b55ebee9a2192342634ba40e |
| SHA1 | c079439174963b152f91eb54a5629715185abfa1 |
| SHA256 | c11c52c4f8e8bdf345a1c8bdbc942fbc1071ca9dbe33fd2d8eea4f144133ed00 |
| SHA512 | bc1d2b05389ca450d2e2f5eecb40b975ff85c848e88ef264adf1b6190dab78fe3751d75e52e629faecdbaabd13431ed72b9e34ef04d88ce22e61eb5a768fe9d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 25352957770afc03f9b26d1da931cab2 |
| SHA1 | 80e54795ef6a7024a5a09ea9099c03d1415b082a |
| SHA256 | 05daefee5f42dd43abe51b86fae9de95119be9e8e1337ff9c1c6c92266bfbbe1 |
| SHA512 | 3c7e7d0cab8bc40da670908bdb617645598a94fcf76b09d6ebfa7d6dd30687ce3650393a1ada8e70cc0ce295386cd64e83fd679d26b70428e5c90654ed90418b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5502bd1501ca48b79df215e1f91cb568 |
| SHA1 | 56d400fc1226c80b3479f4aeb18b1568f3aa5b4b |
| SHA256 | 55a7fdebef9699b3b7bf9cac721a25f36e8200f97b13bb0cad32d166a03192f7 |
| SHA512 | f87e1ec1a24879adcb82b13a77e46bd8c0491d6f8b55db1d8f0b291c24a12feb848299011be27a70c1a7cb956fe434f426948a0bb1cb3237c00e43a6c79dcb14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d4b9ee212f6057874518c80a71bf700a |
| SHA1 | 3f3b19ac5875f499f947ef4d40de358df3357310 |
| SHA256 | c39af7c0750a8baf0340d8677b13bd79a31c754eb353e94905560c9cd199ff0d |
| SHA512 | 8030de615c822dc6f577d8e7fba8c76ca3d5715f05d136f4d98a143b8f47354be7efdf38b319b15e7e0147b14e916844322b14debef553e308eb18e8cc122afa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 19f627c6222d9993fb847a61084b09fb |
| SHA1 | ef4307700959997b54fe6ddb6e2f3e9f11333c3d |
| SHA256 | 3f34dc1ea211488beebc7e5b0cd32935d5baa23fa24a26f493d974add6b5d35a |
| SHA512 | 3a29bffcaedf6f0e26a8347f11d1542e2b6e0e09b6638d41fa48ae61bb45a37a7cd138d27a0a5da80da4f16ad692b4318f82eb921555d3a0c066fe892188360e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
| MD5 | df8adb1901f8c7dcf4c6b40cd6c4fcbf |
| SHA1 | 3164ec36274034875e037198b2f6470060bf2d62 |
| SHA256 | 8bda811abb0984145e0d986901a2f5daf40a81387bd087a48b01686bf8600031 |
| SHA512 | fd638ba2ddeb9b7e0bb88e792279ee15ecb264f62ceb42050d0231fb601086f7aad68b07c6c83ac53813ca86a665c0d995c702144fac1081f56621a5d14ea906 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8f014fc9dffc64deefcae7c801b727a2 |
| SHA1 | fc7e3bfed323641d87bef65e137a068b3490e175 |
| SHA256 | 3e1c072745516b51ece89988d32aaa0adcfe49917611ca4aa9119f63805b2874 |
| SHA512 | b024973ce3345186067b7b9932efdfc91fcea7f35e3d108379a232b91e4dea4649026b52c07f4dbe984e3eb6bffd292fdcf2ceb75c9d395195e990a9d2986544 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4a4a15950c548801825d0596baf709b5 |
| SHA1 | e09249ec1f26155d52d0108c53c19e6ea173b396 |
| SHA256 | 249668a71d40b4742467d043de66d280707f2a9f76bc99f0b39c4734d92dd2d8 |
| SHA512 | 064ad54b99ac90f301da3ea230815cfab85f67b8131852b5c35df8146a5709d6391abdd76512bcf17b409f90da53cfd864b694c8d898e29da791a3e19868a920 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 367bb719b54f8d93d2c8f935cffa7a09 |
| SHA1 | 31daf3404f590f15bc30cfd293be8a14f0230502 |
| SHA256 | 7a0416832655967b67cf1ec6364e0ea1b46e6b6be798b50dbbe9d87c08ff8333 |
| SHA512 | 8ba1e001f58637445029e43564e1d9c9d69995dca955d9f03e2a90bd058cfa6c19cbeea8701a9fc4af98c6e68de6536fe59fc0119423971c24122f9da86d9f50 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d073c1db5bc015d6e7c65068cad81638 |
| SHA1 | 42073cd939f3fd33b50d101a4f748f3b2c7284f3 |
| SHA256 | 1a8ed0f76f9110ec53eda8c8fb90e5e8a502e055f5cb7c40d15b3c58617bb3b2 |
| SHA512 | 6a268fa693d2879d905e823183b19a800a7e6849130e14bddb68676967f68728578a6990d2a729942abca3329f80ce7365dbe257ceada7a411c8c5e6edfce1ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6ec48f1f4ddd0eee526c700e1b9cf62a |
| SHA1 | e5d6da7befc63055a1a167d28accca42bfc5b27f |
| SHA256 | b5cf6b4d571a3ba9b97d008435686cfb4f83c9a618168e1af41e0ff6cd1a818f |
| SHA512 | 2c0a9e713e1fd288af79d8a85eecd1faa5e0695a05231f19c20fffa48025f8f91ab44f762b2578865ff3b9b4e21a805992fe8a0612c99b78b2dee61c9fdfaade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0dcc006371acc73715e68a853f96cbc3 |
| SHA1 | e37df8d8795dca50505f2284319bea6de9f4af0f |
| SHA256 | adde0094bbb29cc6b73f44dbbbbe10419f7145b910d10207bcc0e39e4e5c900d |
| SHA512 | c80ef9b4980ceafa0e0714dc293383474f079a7e5bbb971152371631cb7665d5e896ed7b8dcef44ac56c20ebb84dd9480ebb9f6e943b189bfc0ea5ea17c7b7c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 98db975ef73418b2b6b8a1d5b5f60a67 |
| SHA1 | bff4424547e3161be0863834e85697f592d82150 |
| SHA256 | 5729f003530eab2097dd64037b4f54680649ba7396631053aeabb661b54d96dd |
| SHA512 | 66944d0aa8b78e68c2bf117d3d73c4cd7f1dc1100e54463b6155ed0a54c61877548a7e1f10f3740e0e82af0ff5d8f8f63fdf7a5019b413393b334c97c83027d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1cd178dce0c6b4acaee1483602e76339 |
| SHA1 | a01c92287ffe66bb05df73acf8acc88b57e57845 |
| SHA256 | 77faa25de2c194a8f6332587a5ebbc25ffea793bac434f3cc9f9e3afee396377 |
| SHA512 | 326f2aae2bd8c697862cbb9396434f81c3b7d77a2dadf4bfbe1b5953420a510ac42051647c0e8c2e9b199ad3639e7af8b0d6deebf51f5e928914416c0dda2731 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8932c8a8702af5b9cfc7dac5e3c8b7e3 |
| SHA1 | 70740e478c162416059ee045bb75224c5842a696 |
| SHA256 | 2094d0971b2ab87dc4df3d59f045f60ab51e011b80e31e7db1bdd5c4800b9b2c |
| SHA512 | 4be7205b58c7d60107fe414a23358ed52ddb8bd11329628e6a099eaae440ca4ac1c51a97f4af3f0ba2d46ea8736d592b98244fa89a055f1e9ab2bbf0722cbed6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e4bf2ddd9895533f13a5d348eeb816f6 |
| SHA1 | 75b9476c638ff3bbb05f8e0b13598c991a46e00c |
| SHA256 | de7095d1b3022ce4b446ed4bc547b3406718160760bdc0087c56cb455b45a545 |
| SHA512 | fd546bf68c35c814f483e0933f3a0c74bd220af5b2fcd98449801e5657e03efee53e9ba8e7c7f5151b2a4fecdc075bbb14441cd771809b07d7e627118af0a61e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ca09cfc6ce9759b794a2c68d78da010e |
| SHA1 | a51e044ea6aafc68065d0766dbc5e689cd06ec71 |
| SHA256 | 2b9c383078293837d4fadc2f70e99f8764c43f165f75d993eb7ec06f49b84c48 |
| SHA512 | 17bd483603b292f0c0fc66590407b890a1fedd429888bb33ead22d91af595cacc9e486a2094f250177ca43f0d5d2524795671353bef482e0bdfa021fa7a26501 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f16d46275a3e691e8d549f7cfc915982 |
| SHA1 | fe3852a66d624634c1f298bd96dd2bdd64e16aaa |
| SHA256 | c49eaacac443054b806fd9d4bc5230643a66e3ee1ac6f07760d110de30e4e666 |
| SHA512 | cfd162c7234bfbcccd44e8fb7ed5d7edb529877451cb8d4e841d5cfda5d058b08a3d5e5adbd875af20dbd45e1da54f8954776bf0b9501cbe5ad7571afac9e14a |
Analysis: behavioral5
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
145s
Max time network
155s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\create_stream.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7fff70493cb8,0x7fff70493cc8,0x7fff70493cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1960 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3108 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5244 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3948 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1952,14220382682164357899,355741434086106273,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5736 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9314124f4f0ad9f845a0d7906fd8dfd8 |
| SHA1 | 0d4f67fb1a11453551514f230941bdd7ef95693c |
| SHA256 | cbd58fa358e4b1851c3da2d279023c29eba66fb4d438c6e87e7ce5169ffb910e |
| SHA512 | 87b9060ca4942974bd8f95b8998df7b2702a3f4aba88c53b2e3423a532a75407070368f813a5bbc0251864b4eae47e015274a839999514386d23c8a526d05d85 |
\??\pipe\LOCAL\crashpad_4652_NDGDEOOTMUYVOZBU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e1544690d41d950f9c1358068301cfb5 |
| SHA1 | ae3ff81363fcbe33c419e49cabef61fb6837bffa |
| SHA256 | 53d69c9cc3c8aaf2c8b58ea6a2aa47c49c9ec11167dd9414cd9f4192f9978724 |
| SHA512 | 1e4f1fe2877f4f947d33490e65898752488e48de34d61e197e4448127d6b1926888de80b62349d5a88b96140eed0a5b952ef4dd7ca318689f76e12630c9029da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e1c1273c9988f4fbbc01b8502365a87a |
| SHA1 | b49db48f9b429d994e6ce6a8ccd90aff4ebe8572 |
| SHA256 | 0cda8f3e1ca3f6c555f98c05fb06771f6b4725facfbcf3d945f82a8184cbd8c6 |
| SHA512 | 26ad36076da5804c023d4a4837d73a8a85ac23f7919830fa33de968bdced78206e80bc2658e02189b43feca8764871ce587f7cc1d08dfcf2cb3c501cec7ac1c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 85accfe14d27c542938d4f1f3ad70cf4 |
| SHA1 | b7f29f7ee74686b13ec2be0788eaebf67595c29f |
| SHA256 | dff33a89c382386ca9017c456d6b5bb20e51790954c2c0db72c3e1e193758674 |
| SHA512 | ab721a15aa1777603ac9e09d6995a45ef1e543887a6a82f6d54529603b27ca72f66050caf295d90bb3b01a0539892f3f627e51ed25bfcecfe803244fc7badcb8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c84a216bd50cd815bc393bae8c0baaac |
| SHA1 | 04e8252c273a2975e58c4719268ccc8759246f67 |
| SHA256 | 57a25b0b8ec6b3b69424258ff8b46a952d457fd158899bd4032fe5ac072f65e6 |
| SHA512 | bf3416c57aaed6b96eb5a85d97ace5b489b3f4a8eabd053369bb28cb9d8051a9b740fd2a0f16ae82adf30f56e710782080317ad26e690a6b038f15e1fd5ead55 |
Analysis: behavioral7
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
146s
Max time network
161s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\error_window.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff1d613cb8,0x7fff1d613cc8,0x7fff1d613cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1984 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2976 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1960,15689520816273961453,12564220757421765131,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5240 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 101.210.23.2.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e11c77d0fa99af6b1b282a22dcb1cf4a |
| SHA1 | 2593a41a6a63143d837700d01aa27b1817d17a4d |
| SHA256 | d96f9bfcc81ba66db49a3385266a631899a919ed802835e6fb6b9f7759476ea0 |
| SHA512 | c8f69f503ab070a758e8e3ae57945c0172ead1894fdbfa2d853e5bb976ed3817ecc8f188eefd5092481effd4ef650788c8ff9a8d9a5ee4526f090952d7c859f3 |
\??\pipe\LOCAL\crashpad_3448_GBWTXCCJSTSFNZGA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c0a1774f8079fe496e694f35dfdcf8bc |
| SHA1 | da3b4b9fca9a3f81b6be5b0cd6dd700603d448d3 |
| SHA256 | c041da0b90a5343ede7364ccf0428852103832c4efa8065a0cd1e8ce1ff181cb |
| SHA512 | 60d9e87f8383fe3afa2c8935f0e5a842624bb24b03b2d8057e0da342b08df18cf70bf55e41fa3ae54f73bc40a274cf6393d79ae01f6a1784273a25fa2761728b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fc93d74b915367be8d22a3483b48743b |
| SHA1 | 345937ee1f4623e176c52799c4d5df8473db7012 |
| SHA256 | 9f894c647010bdbcddb99521039f331730644ea0ea9ca8a1831502f1ab9176b4 |
| SHA512 | f819038a1deeae6905af79e213995c22d63ca825645365430f3a5eb4f3f0771591f00f6d05603f67cac24ef9f8ad9b931497b7e59cd053cc2242b9fc7f5a2a1d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\f1b9b42f-b3e5-4846-8f13-3b572acf421f.tmp
| MD5 | f6c3a1d7a328757c9f7aba5cbf413796 |
| SHA1 | 44f25cbc0302c1ab843c501f40cbc5986873b8ac |
| SHA256 | 3df812bb9f842c527e6271d7f3f03535bce2101180b6f21095e34072d7e902ad |
| SHA512 | ad04abaa4508cb88d315f43f37f8ba7434718201eecd150dbcc21f485d5ecde408d778609dc49750a4e46edbf1507910bd937a11a8d04406a4c68eea6719b84c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7eb6535f395a98ecac3ef6d349e65cd0 |
| SHA1 | 3a9a00a132c90e3c87ccffd8dde182b000b72b4f |
| SHA256 | 82215a53e99fb0d84f9f116bebcf772c7b249b4d0221ec6c64d12a37caf9210c |
| SHA512 | 5ee75e463d1a9520b3c4385696b18e223e89d4e7d27eafc3bcbf35ce38a3361a23e1af650c6ecdc66a9eb2c5297f847e82e129ba4d211963dc5d7c6c97cac3c4 |
Analysis: behavioral14
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
149s
Max time network
156s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\lua\http\js\controllers.js
Network
Files
Analysis: behavioral28
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241023-en
Max time kernel
144s
Max time network
156s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\plugins\access\libaccess_imem_plugin.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
146s
Max time network
154s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\browse_window.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff91ad43cb8,0x7ff91ad43cc8,0x7ff91ad43cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1880 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2784 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4788 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1860,1017940069521550477,16418483137336651976,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2620 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 46e6ad711a84b5dc7b30b75297d64875 |
| SHA1 | 8ca343bfab1e2c04e67b9b16b8e06ba463b4f485 |
| SHA256 | 77b51492a40a511e57e7a7ecf76715a2fd46533c0f0d0d5a758f0224e201c77f |
| SHA512 | 8472710b638b0aeee4678f41ed2dff72b39b929b2802716c0c9f96db24c63096b94c9969575e4698f16e412f82668b5c9b5cb747e8a2219429dbb476a31d297e |
\??\pipe\LOCAL\crashpad_3532_FKTVEDAFLUCRDGPL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fdee96b970080ef7f5bfa5964075575e |
| SHA1 | 2c821998dc2674d291bfa83a4df46814f0c29ab4 |
| SHA256 | a241023f360b300e56b2b0e1205b651e1244b222e1f55245ca2d06d3162a62f0 |
| SHA512 | 20875c3002323f5a9b1b71917d6bd4e4c718c9ca325c90335bd475ddcb25eac94cb3f29795fa6476d6d6e757622b8b0577f008eec2c739c2eec71d2e8b372cff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 093e33b808f4dd0ba780b610bf579638 |
| SHA1 | 3c4433337f5adf41807f6037c375a8556fdb233c |
| SHA256 | 8a6c13aeac35df0b99d7d66706694739d6ee7ff526d278231b9f4349e3f2b9e3 |
| SHA512 | c4ae5c7f880a55a147ef20e3fd052cf2135c33839da85809941442d67f5e8ab9d9fcab5446a9c1a5840f18da86e0d7db0371c6b48dd1bb1a25b13132e2b85aa5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e8d0869ee7d5931c50b8bcb79c79dbbc |
| SHA1 | 8f050c73efb9e8dbaef0c6e3a1bcd7c4639ee329 |
| SHA256 | 9a7842b937adcabde77232b2118473edf50c5d2b417733fa825370afe2f0304b |
| SHA512 | 6555e18146c9ce7bd3e5b7058113b4ce032e8e1f24bb5994ae1d8027336ba41b28007478411468308e225d8b5f5ca7fc891c2cbae92ffc9a90b03d522413b2b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b321ecb6da29696cd37f8c7da42d73f1 |
| SHA1 | 0e2274a8ab6ebe1816abdcf0de58fcded78069d4 |
| SHA256 | 26c4216a567cb0f0bad967909eed961295d15d1b926faad5211ae3213554830e |
| SHA512 | f9f9eaf61353885a93c5f1f30a004189ad063fa06a493c0fa24b40615ffab2c2cf0c7a5561a5cfb29af8feda428bd3e9087313d9617f0ce73e9bd04d1411bd98 |
Analysis: behavioral9
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
146s
Max time network
154s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\offset_window.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff72a53cb8,0x7fff72a53cc8,0x7fff72a53cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1848 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2656 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4872 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1716,13499072684127064024,7255036553528382893,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1968 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9314124f4f0ad9f845a0d7906fd8dfd8 |
| SHA1 | 0d4f67fb1a11453551514f230941bdd7ef95693c |
| SHA256 | cbd58fa358e4b1851c3da2d279023c29eba66fb4d438c6e87e7ce5169ffb910e |
| SHA512 | 87b9060ca4942974bd8f95b8998df7b2702a3f4aba88c53b2e3423a532a75407070368f813a5bbc0251864b4eae47e015274a839999514386d23c8a526d05d85 |
\??\pipe\LOCAL\crashpad_1644_KPORNINGNZSFQCAE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e1544690d41d950f9c1358068301cfb5 |
| SHA1 | ae3ff81363fcbe33c419e49cabef61fb6837bffa |
| SHA256 | 53d69c9cc3c8aaf2c8b58ea6a2aa47c49c9ec11167dd9414cd9f4192f9978724 |
| SHA512 | 1e4f1fe2877f4f947d33490e65898752488e48de34d61e197e4448127d6b1926888de80b62349d5a88b96140eed0a5b952ef4dd7ca318689f76e12630c9029da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d0e92b29fcd43585886636d60237adbe |
| SHA1 | ed47067992fa3edbd658047ed775c18d0e5b615f |
| SHA256 | 7315a37970a52aff66d23802f79c8c5aa97ec3bd5ab9612f95b408714449d452 |
| SHA512 | c8e5ad0b2b8b96e47e85aea5891e61fecc2530271497f95b6be70a2f36c9a1970946e772d50824978cb4045d24c1b73b84df490da81f2a23c632a4a2fcee4d11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bed8e5be022f216c811dbadbd5ddf20e |
| SHA1 | 8091707f436d079e15454eb9b3df842daf097e06 |
| SHA256 | a006513532cb5f22b71ef71c4fef27f4b3ad3ba3b464f290c824d4268d2af05c |
| SHA512 | 79a07ed19ad0efb7bfe80599647c705fd09f9b381309fcdd1cd538c5e8c5df0fd7ab5db7f1e01018546c1ffedf01c4e37420b4587193c9e07316a43d399a5138 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cb1847c90efbc83b758a9795c1dc76b1 |
| SHA1 | a6952630bd0b5a0e0a42c08d338badbf4760d239 |
| SHA256 | 4a2d0e1f83fe7c178b04c580a06c73cb6758ba675285d37915948d4c7b762eaa |
| SHA512 | 5c9d5691d2cd2ada7512b59f2950051ab8294e0539f739e277c140bd879d39eb8a9a2b65da4a54aacb4d5c244f9ab2839ebb27ebd2350e2dd811f16c0c6bdd87 |
Analysis: behavioral16
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
90s
Max time network
96s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\lua\http\js\ui.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral21
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
86s
Max time network
101s
Command Line
Signatures
Processes
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\lua\http\requests\README.vbs"
Network
Files
Analysis: behavioral31
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
148s
Max time network
162s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\vlc-cache-gen.exe
"C:\Users\Admin\AppData\Local\Temp\vlc-cache-gen.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
Files
memory/4532-1-0x00007FFE1D630000-0x00007FFE1D664000-memory.dmp
memory/4532-0-0x0000000140000000-0x0000000140029000-memory.dmp
memory/4532-2-0x00007FFE18B10000-0x00007FFE18DC6000-memory.dmp
Analysis: behavioral6
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
149s
Max time network
162s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\equalizer_window.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff850ba3cb8,0x7ff850ba3cc8,0x7ff850ba3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2060 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3152 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,15309450683215731962,11725568672272044213,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3896 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 051a939f60dced99602add88b5b71f58 |
| SHA1 | a71acd61be911ff6ff7e5a9e5965597c8c7c0765 |
| SHA256 | 2cff121889a0a77f49cdc4564bdd1320cf588c9dcd36012dbc3669cf73015d10 |
| SHA512 | a9c72ed43b895089a9e036aba6da96213fedd2f05f0a69ae8d1fa07851ac8263e58af86c7103ce4b4f9cfe92f9c9d0a46085c066a54ce825ef53505fdb988d1f |
\??\pipe\LOCAL\crashpad_5368_SBIVGYPJZWSQLIXO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 003b92b33b2eb97e6c1a0929121829b8 |
| SHA1 | 6f18e96c7a2e07fb5a80acb3c9916748fd48827a |
| SHA256 | 8001f251d5932a62bfe17b0ba3686ce255ecf9adb95a06ecb954faa096be3e54 |
| SHA512 | 18005c6c07475e6dd1ec310fe511353381cf0f15d086cf20dc6ed8825c872944185c767f80306e56fec9380804933aa37a8f12c720398b4b3b42cb216b41cf77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4116a259a33ef0acd1e6fd8f58a32148 |
| SHA1 | 63fd322b8973a61e299dc1e65b2f9517de33c221 |
| SHA256 | fd68dc37254dd04923a05ae3afdcc109cfc56d8231108f87eb9b04df569a9324 |
| SHA512 | 162eea53fa8abca5c616bd7a0cf8de9aad5c9b2acbeb3da78e3e04d8ef7820e17955844d66972f8ddbbc9c8699c95b3e87e3a8ae5df6733c38ddfecf93260b27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4a0850b2594e26d1f062f833d972d03b |
| SHA1 | 7d1df770588331d51f4bf4313792ec6fd9ad5620 |
| SHA256 | 8cab075cb575b9dee4139001306b6981e2c4fe024908d26b70b898eb9ec3cf53 |
| SHA512 | 656a265234ae31107dd355fbf42ec98e73180034dcfc3637a09c3188b4de0bebf77191aa8d6162c08a4cd988ce7a60494309bd300c78805bd939817681ab2bcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2a8145e35b3a6cf89f6cd4de6ee051a4 |
| SHA1 | c1fae1db720fc75532198db3dad887b4bc71d0d2 |
| SHA256 | 7aa208aad33441b91e6b7f566f90b65167ff6b01ad015f287e50ba03035b3931 |
| SHA512 | ffc94e0ace63951a10d22fc660ad2329acbeba48235b03f743280e92ddbe4b75e978f1639aefa5153c65dd74491670008a8ca91776af43aa643ad6e3a5fc79b5 |
Analysis: behavioral18
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
146s
Max time network
155s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\mobile_browse.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb74c23cb8,0x7ffb74c23cc8,0x7ffb74c23cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1688 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4636 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1832,5070288038792360082,4011120071404784046,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1128 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| GB | 142.250.179.234:443 | ajax.googleapis.com | tcp |
| GB | 142.250.179.234:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | 101.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1fc959921446fa3ab5813f75ca4d0235 |
| SHA1 | 0aeef3ba7ba2aa1f725fca09432d384b06995e2a |
| SHA256 | 1b1e89d3b2f3da84cc8494d07cf0babc472c426ccb1c4ae13398243360c9d02c |
| SHA512 | 899d1e1b0feece25ac97527daddcaaeb069cb428532477849eba43a627502c590261f2c26fef31e4e20efd3d7eb0815336a784c4d2888e05afcf5477af872b06 |
\??\pipe\LOCAL\crashpad_1680_WNQMTGXTWHZLOCPN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e9a2c784e6d797d91d4b8612e14d51bd |
| SHA1 | 25e2b07c396ee82e4404af09424f747fc05f04c2 |
| SHA256 | 18ddbb93c981d8006071f9d26924ce3357cad212cbb65f48812d4a474c197ce6 |
| SHA512 | fc35688ae3cd448ed6b2069d39ce1219612c54f5bb0dd7b707c9e6f39450fe9fb1338cf5bd0b82a45207fac2fbab1e0eae77e5c9e6488371390eab45f76a5df1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 21b55b56c4fe89dd143f9a975950f387 |
| SHA1 | 9d8192bbb7bb15d638aa11244cc8ff43b952b59d |
| SHA256 | 3c4d8bdac258f2aa5cabf8d8390820a0c3ac2025e83873ac98e9eb88bca0433c |
| SHA512 | 65bdf2d15ec25a9daf85cb5a60bb4df4b39ee5911f9747acd2d4da2bc71e8e2380ab704b910562d9d2fe28db56ec576b2098fa06b944de84f6ef0d51b941f078 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f4051a5ad72faf47a97f96b29dc58d68 |
| SHA1 | 412b07451c7fd106cc6fee782bd9ba9147b59fd7 |
| SHA256 | 958f2b24203fdc87bb08c2fceb1deb7c92f1d3d6be7ad704bcbc25075b1bf7ff |
| SHA512 | 57b7fff1b34dbcfd4027d86e484381e64f7677bd073470d57e7ee67723b6196a37b7311c3376b1d2a7751022ebeb3ddaa79714c00c412f02c77e7b9b79aa5fd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d21b8ecca38177842bb558a5525bf6fb |
| SHA1 | f6d78831dd1c24b6c84a5d7423b6bab25430f128 |
| SHA256 | cc9d1d5d087f00a63a4138d9fee403d745e23e6a0908e68935f0f982bfd026a3 |
| SHA512 | 3a9a705f62b2b3eed33929a8a7ffa1d47a30d992a4c60ffb6d7329b85c2f45e05fcae49ef4ea6ddf0f1d0a63d3728fd891fd1a050de6470063cebea52280b127 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e65d9111c14c3346a32037d3d4621deb |
| SHA1 | 6e9087eec469c4050b6bf6920fc3dd0c09e0da59 |
| SHA256 | 2ed0e7ed6fc13e2ad46c2fc5452db277a933d62f0f2a8126f3e06494724de996 |
| SHA512 | 6c377867378a0060680a4d6ec586c34459b13d469ec9cb0779a44dac8b7ecc8f022a71f1f3a1d939172ec362a01d9969f8760263ea27d35597faf7a31d345f9e |
Analysis: behavioral27
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
84s
Max time network
94s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\plugins\access\libaccess_concat_plugin.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral11
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
145s
Max time network
157s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\stream_window.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff963ff3cb8,0x7ff963ff3cc8,0x7ff963ff3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1928 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5316 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,1033751954107670146,4277577300729732192,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3076 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1fc959921446fa3ab5813f75ca4d0235 |
| SHA1 | 0aeef3ba7ba2aa1f725fca09432d384b06995e2a |
| SHA256 | 1b1e89d3b2f3da84cc8494d07cf0babc472c426ccb1c4ae13398243360c9d02c |
| SHA512 | 899d1e1b0feece25ac97527daddcaaeb069cb428532477849eba43a627502c590261f2c26fef31e4e20efd3d7eb0815336a784c4d2888e05afcf5477af872b06 |
\??\pipe\LOCAL\crashpad_3584_JNZUVROKYOKKVICF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e9a2c784e6d797d91d4b8612e14d51bd |
| SHA1 | 25e2b07c396ee82e4404af09424f747fc05f04c2 |
| SHA256 | 18ddbb93c981d8006071f9d26924ce3357cad212cbb65f48812d4a474c197ce6 |
| SHA512 | fc35688ae3cd448ed6b2069d39ce1219612c54f5bb0dd7b707c9e6f39450fe9fb1338cf5bd0b82a45207fac2fbab1e0eae77e5c9e6488371390eab45f76a5df1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e10b33a71bef274c84e62bdb9aa40919 |
| SHA1 | fea083ac629f0bf5e7d06b0250a5de2765d397e2 |
| SHA256 | 70b9f954d570f37b782b7d5af9598c8f88f9d998d8b6ea8f1ef8ba4613555deb |
| SHA512 | 1ae4cfff2adaa56233803089a3914fed5bf7c39393ada8306f98f45307bf24fc6032a22828a5e66a1aba701c2de05b55d921ad793726342da6d58d0375bd08ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8ea9745f56d0eeaea48a3cc3ab6b2ae7 |
| SHA1 | 5ff26620ab4a356b209809a91939d59170450c8e |
| SHA256 | d699102fac17fca184a3ec39a75d746d3389c46db177bd0f417b184384c732aa |
| SHA512 | 905375b04ec41f9cf4dd17efc3e72698e57294cfb2b1a32c23c4ab42c9ff188b089110a88d332d011e12e64dd3528b0d71140fa3caddacdbd82e93185d853c62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3204a953190d463fcc3e48990cbec50f |
| SHA1 | 4d995f9c9d2c682767ae57963605f9b788b2b663 |
| SHA256 | f569cb10ce578bffeb46f13b9f70f7b3e5ac4f957457a22cd30ecbcf4b5a197c |
| SHA512 | c0bf24222e32812e0ffced00decb114027287059edcfabe53f826a362a42a0ddf408605b502f81eb07bd48f8a9006dcc3fda6959c8371b240b682fe0a09ec988 |
Analysis: behavioral13
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241023-en
Max time kernel
146s
Max time network
157s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\lua\http\js\common.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral15
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
86s
Max time network
95s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\lua\http\js\jquery.jstree.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral20
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
148s
Max time network
156s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\mobile_view.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff96d83cb8,0x7fff96d83cc8,0x7fff96d83cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1928 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2512 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,1758501070463486635,11498641940699083994,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4760 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.178.10:443 | ajax.googleapis.com | tcp |
| GB | 142.250.178.10:443 | ajax.googleapis.com | tcp |
| BE | 18.239.208.32:443 | releases.flowplayer.org | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.208.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.201.222.52.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a28bb0d36049e72d00393056dce10a26 |
| SHA1 | c753387b64cc15c0efc80084da393acdb4fc01d0 |
| SHA256 | 684d797e28b7fd86af84bfb217d190e4f5e03d92092d988a6091b2c7bbbd67c1 |
| SHA512 | 20940fee33aa2194c36a3db92d4fd314ce7eacc2aa745abec62aa031c2a53ba4ff89f2568626e7bd2536090175f8d045c3bb52c5faa5ecc8da8410ab5fc519f7 |
\??\pipe\LOCAL\crashpad_5088_XUXVPZMYPUHGGAAT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 554d6d27186fa7d6762d95dde7a17584 |
| SHA1 | 93ea7b20b8fae384cf0be0d65e4295097112fdca |
| SHA256 | 2fa6145571e1f1ece9850a1ac94661213d3e0d82f1cef7ac1286ff6b2c2017cb |
| SHA512 | 57d9008ccabc315bd0e829b19fe91e24bab6ef20bcfab651b937b0f38eec840b58d0aed092a3bbedd2d6a95d5c150372a1e51087572de55672172adc1fc468a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 27452460d7f5a4551d524907b054a4b1 |
| SHA1 | 149f7ac1452d37f0ecf5a82885b5b4bc4b720283 |
| SHA256 | 9bf0c6d8b855656fe5995ade183ecdf5e7f2c1162005fa572704470bee9511ec |
| SHA512 | aafa86ec7bb7524e575c8e70a4cdcb2e479f8bb11cdee1ac4c71134dfb94ddf52a74780ae92df51f6561d04dbb16e68339a6bc2cfee3741be9f83d4553096bb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 511c667ebbeea4d98f6f29d73dfbd106 |
| SHA1 | 64bf466eb2abe87cbd1dd96f5dfbd82e376a059b |
| SHA256 | 444b9d4e629d16b0045a21d3ef7c97ef52342361ba4ac54d621c1e27cd3228bb |
| SHA512 | f54a4e5f166c98f5a2e498fe2a09f18a5c79aad796e7b4929518144bc8931da864ca1656abf37cbe613c3c554f7357a15c73e1b4742e549b52641de66a200238 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aac2ef952c7e78c9b2632140b4471bb8 |
| SHA1 | a1af210ee0cd932c8aa92fbf2093cd5a0f474be4 |
| SHA256 | 7b455fc9ded72a161f52f08c1873ace76fb6f989fc3792328c5123377e44fca0 |
| SHA512 | c52fbfa787d3f8177b84209f0682c26ee38b2df5f12c9d921a1c0627a9470de372da80fc8144ee837a7aa93659fca532116f2c733be7e699c6b7fc3a07895a9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7529c59e-1026-449f-862d-d94f1e0ab973.tmp
| MD5 | 3004625fc12221ea50281ce68be9e22b |
| SHA1 | edc670762798cb1ea493d84eaf16b2fd70a28d26 |
| SHA256 | 6ed3213be81352c6ef468b523e08a186da3c1ba4f3a627b3bcdb1eba2e4ebae6 |
| SHA512 | cfeadc0ed720df3979dca18dcdc3170e2b32882fe99abb82320ee493c5b0f8c96343c1522165fdf9ea16452a791337850b3614d1d9cd2d59c274df58ac819961 |
Analysis: behavioral29
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
88s
Max time network
96s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\plugins\access\libaccess_mms_plugin.dll,#1
Network
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
146s
Max time network
155s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\batch_window.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff982283cb8,0x7ff982283cc8,0x7ff982283cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1984 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5144 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,406010524604208340,10585640489649248461,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2952 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 101.210.23.2.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a28bb0d36049e72d00393056dce10a26 |
| SHA1 | c753387b64cc15c0efc80084da393acdb4fc01d0 |
| SHA256 | 684d797e28b7fd86af84bfb217d190e4f5e03d92092d988a6091b2c7bbbd67c1 |
| SHA512 | 20940fee33aa2194c36a3db92d4fd314ce7eacc2aa745abec62aa031c2a53ba4ff89f2568626e7bd2536090175f8d045c3bb52c5faa5ecc8da8410ab5fc519f7 |
\??\pipe\LOCAL\crashpad_412_YAVVJVJEMKZGBFOR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 554d6d27186fa7d6762d95dde7a17584 |
| SHA1 | 93ea7b20b8fae384cf0be0d65e4295097112fdca |
| SHA256 | 2fa6145571e1f1ece9850a1ac94661213d3e0d82f1cef7ac1286ff6b2c2017cb |
| SHA512 | 57d9008ccabc315bd0e829b19fe91e24bab6ef20bcfab651b937b0f38eec840b58d0aed092a3bbedd2d6a95d5c150372a1e51087572de55672172adc1fc468a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 818f78588dd0056674c88e36bbb8efa4 |
| SHA1 | e3addfaab6674458766cda05ef7347badf094488 |
| SHA256 | 8bf4e6dbd94e43040bebeb0be9a81ba5378493eff10794a04ddebdc771bb66b5 |
| SHA512 | 0e9a8be256695c366ef976faf78bb22dfdddcbffe838be2c40750565e76b60d529532d7c8744245ff6d90efa48385493795b8ac8b94ad6fb08ae4b930367efbb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dd13cff0b76e6042b231af074b73c623 |
| SHA1 | 0b363e4324baac0c1f4e1b2601872ed269150562 |
| SHA256 | 192355e26a6b86a71237052fd6c1fe2da4d267ef1285383af57e07d8a200904f |
| SHA512 | e0b5ecf3651e674b90efaac01a686f21865f93d23c192e3d3255d06c4cc8ea3c7745a3dcbd540e9c647f94ed71e1a7a37a10841c145f65d4e2374584bb02e688 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 967de791329c416968169d3dcfb62ccf |
| SHA1 | 26fa8fd0f703ebbc446e83d526c8dc036310d427 |
| SHA256 | a25003a4e8f49885fd14346eff215091ccf634f1399621f03283cb2dcc5deae4 |
| SHA512 | e771f7ad3efb451404249c8f8a5f6d0d0e4c653bb983731354059ac47f55aaee0bbbfdcc051d9da27f042be098ee8958cd6c8a8503f7fd580d88981347c273f9 |
Analysis: behavioral24
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
145s
Max time network
154s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\vlm_export.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffa7493cb8,0x7fffa7493cc8,0x7fffa7493cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2528 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4868 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5380 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1864,15834126205998532038,2050381229955173627,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3032 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | cb557349d7af9d6754aed39b4ace5bee |
| SHA1 | 04de2ac30defbb36508a41872ddb475effe2d793 |
| SHA256 | cfc24ed7d1c2e2c6585f53db7b39aa2447bf9212487b0a3c8c2a7d8e7e5572ee |
| SHA512 | f0cf51f42d975d720d613d09f201435bf98c6283ae5bc033207f4ada93b15e49743a235a1cfb1b761bde268e2f7f8561aa57619b99bff67a36820bc1a4d0ec4a |
\??\pipe\LOCAL\crashpad_3664_MNAEEPZLWXWKDIME
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aad1d98ca9748cc4c31aa3b5abfe0fed |
| SHA1 | 32e8d4d9447b13bc00ec3eb15a88c55c29489495 |
| SHA256 | 2a07cac05ffcf140a9ad32e58ef51b32ecccf1e3ab5ef4e656770df813a8944e |
| SHA512 | 150ebf7e37d20f88b21ab7ea0793afe1d40b00611ed36f0cf1ac1371b656d26f11b08a84dbb958891c79776fae04c9c616e45e2e211d292988a5709857a3bf72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b9d15790d6f9ce24f2413a3c531e2af8 |
| SHA1 | fe89cc052d3ef0e9e5a5613662770f72e1dded67 |
| SHA256 | ac3ae28e236bd2ba5442e0ec29700964b6db553f4a7e8f2272ff90aafb68fc1b |
| SHA512 | 92b11ddef148d7fd83e86d1f42adf07e2f442d1e3263c20090e4f533139eac10605e4add07e5e50d84939050cd66b535f849ad929e1f46429d8cf8652eb2104a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 94c2e6520eb34b629812940cd8a03ecc |
| SHA1 | 0596b78f4d20f2ffb7afcddb2bb5fc0b77efcec6 |
| SHA256 | 67ae06cc28903888c0a38e8b1d4dc7aebda01d044803e92485d3c7713f070170 |
| SHA512 | 5d4fce2e8869916bc1e54503e4d5c6f402aea718db2d9203963bcb369cf994dfcdf0e433b156a3f85033275e35d3efe858dd0afa49e6fbd6123ff1746593f92f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | da1ffcb10b70e3b6794afbd2c2bda0ea |
| SHA1 | 3266aca1124ff0976b98a35dc2e743f8fa8ae2e8 |
| SHA256 | 45dbc41dcd6037e27adbd0517f1924e97f54129b9895483164959631211f1eb8 |
| SHA512 | 6686bdb9822ba2be31c0366db573beb4552a703b5a0837ff3ae9dee6df626b55f6e165f3093bd5d79cbb75daa20dca41a7623c309639665a20175e4644847a04 |
Analysis: behavioral10
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
145s
Max time network
154s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\stream_config_window.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffbe9ce3cb8,0x7ffbe9ce3cc8,0x7ffbe9ce3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1916 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3172 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5344 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,8911941621461048732,5419725310990900228,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5336 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 02a4b762e84a74f9ee8a7d8ddd34fedb |
| SHA1 | 4a870e3bd7fd56235062789d780610f95e3b8785 |
| SHA256 | 366e497233268d7cdf699242e4b2c7ecc1999d0a84e12744f5af2b638e9d86da |
| SHA512 | 19028c45f2e05a0cb32865a2554513c1536bf9da63512ff4e964c94a3e171f373493c7787d2d2a6df8012648bbefab63a9de924f119c50c39c727cf81bdc659f |
\??\pipe\LOCAL\crashpad_3936_FUTOONWSTWURVSEA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 826c7cac03e3ae47bfe2a7e50281605e |
| SHA1 | 100fbea3e078edec43db48c3312fbbf83f11fca0 |
| SHA256 | 239b1d7cc6f76e1d1832b0587664f114f38a21539cb8548e25626ed5053ea2ab |
| SHA512 | a82f3c817a6460fd8907a4ac6ab37c2129fb5466707edcfb565c255680d7f7212a5669fe2a42976150f16e4e549ea8310078f22ed35514ee1b7b45b46d8cc96e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2737b145-ca22-4275-9b68-3896d3e45164.tmp
| MD5 | 8f13db014c14de3b3719110b317a07ac |
| SHA1 | de3e7fe771f56056eca7df678761dda99d9ad439 |
| SHA256 | fea6d478bb31415c4ec7f6fcb3d7730bb68cb0151812ab658ca9765e010761ea |
| SHA512 | 0445ee22ce22872c4d46811b8f7e0f73b5320cc9315745b8bdf5751fb0eaf057bf0d82c2589ecaad96923f31f76e81e04a719b08d023c4aeb672f9335ec935e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e24d771406a27774cfba95c45c0bc277 |
| SHA1 | 0ef331992c62ba1f8d8e81c42aafc0307bf6892e |
| SHA256 | 6cf383a95778cc7d7e8eb8f1a052a5b6ca8fe635c6b94da8e80253b6909e8512 |
| SHA512 | 03f2cebd3ae8ca2649c311915ce501a8e1f5a521afa9c37be8704032cc88f64dd156fdf1d3b706d2c268c1c34fe06be074827adce2e9ec017a1723b5bce651db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c92920878f71daacfcfd866156b690ff |
| SHA1 | 3d386f99be87589369ab1b89cea752cc288fd76a |
| SHA256 | 6f61fdcfb5a939d87542c8a6236fd752bd11fcf95f217038437c8845b07ef659 |
| SHA512 | 7adf867dc253379868ef3f0ad230e14a3a624dfd0b4983a0deaae9ba2848804da5afede85022f6c6fa92d11fdc6f12b4deac28920d822216bc748aeb7e1aa412 |
Analysis: behavioral12
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
146s
Max time network
156s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\index.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe0e083cb8,0x7ffe0e083cc8,0x7ffe0e083cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1872 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3964 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1852,18090337495904318384,2986032333909351526,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5528 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.179.234:443 | ajax.googleapis.com | tcp |
| GB | 142.250.179.234:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a28bb0d36049e72d00393056dce10a26 |
| SHA1 | c753387b64cc15c0efc80084da393acdb4fc01d0 |
| SHA256 | 684d797e28b7fd86af84bfb217d190e4f5e03d92092d988a6091b2c7bbbd67c1 |
| SHA512 | 20940fee33aa2194c36a3db92d4fd314ce7eacc2aa745abec62aa031c2a53ba4ff89f2568626e7bd2536090175f8d045c3bb52c5faa5ecc8da8410ab5fc519f7 |
\??\pipe\LOCAL\crashpad_4576_JKTAYIYJIKYQLHBK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 554d6d27186fa7d6762d95dde7a17584 |
| SHA1 | 93ea7b20b8fae384cf0be0d65e4295097112fdca |
| SHA256 | 2fa6145571e1f1ece9850a1ac94661213d3e0d82f1cef7ac1286ff6b2c2017cb |
| SHA512 | 57d9008ccabc315bd0e829b19fe91e24bab6ef20bcfab651b937b0f38eec840b58d0aed092a3bbedd2d6a95d5c150372a1e51087572de55672172adc1fc468a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a1d1e1b2588fa3ce2ebe774110e51e06 |
| SHA1 | a87b4ef46745b2e910459b896b300e6790a1e3d1 |
| SHA256 | e45022418a9da4595c4a11d316c72de4f4d7c6148c1c1b99f903867a55a909b3 |
| SHA512 | 0fd3eb60caa45e3cdd5c077deb9ba0b9206ac126f5cf283fe331d55468cbc449b9685387066b42f4018ae54def311101e673bbf686c4e288d255536fc0a914da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1439910fbf4ebdd47c3c6d4bfe3ac67f |
| SHA1 | ac35db460b864dbaa1845f461ed146f416e524ef |
| SHA256 | c8ab6dd088d90a4b2d80606663a27c92e0775243ae4f5f9a77a928bbf3d77dae |
| SHA512 | 25d7d5fc919ff5f21d23bf188b679fd4ce5e4268ff41087526a9af711da12f6c255e82df6c4dce7969fbb42f86c1620b8dd3c60b04b8075d76b4e3f2e0a5d1d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9914935530e53405671a27b5a909c1f1 |
| SHA1 | 1efd6831c92812b4eaa45ce0dd8dccd1ce73cd01 |
| SHA256 | 97229ef2e0daa2cc0b9cbf73930e4a52bd13bc273405155eb4e9cb3af60cb9b8 |
| SHA512 | 20ca26d905d3fc4b6d3e429efa95e436a1914270ab04905809ad9350ea5f8376f76130b95bf89650872d7357ef637fb314bc592d7476d88cdbcaf7b2a79077e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b69d23559f5b9934cfc32570d40aff36 |
| SHA1 | ee63be1202eea8b8e068a17eb7515046f868c5dc |
| SHA256 | 5164bb1c01a9cb712762f7e4c788f6f066db5f431553f67f032908b309f3848a |
| SHA512 | 75d5b9c704b9937990611d5030f66df94f3298fcec7f9397495445e6d78a0456eb76dbab38370024e8cd38c3e79f1cbeba64371cd1d9ffb3852a8ed9e0966b0f |
Analysis: behavioral19
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
145s
Max time network
157s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\mobile_equalizer.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe42433cb8,0x7ffe42433cc8,0x7ffe42433cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1928 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4788 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,471709629963977025,6048784984920228162,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4832 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | 101.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d91478312beae099b8ed57e547611ba2 |
| SHA1 | 4b927559aedbde267a6193e3e480fb18e75c43d7 |
| SHA256 | df43cd7779d9fc91fd0416155d6771bc81565e98be38689cb17caece256bf043 |
| SHA512 | 4086c4ebe410a37d0124fc8bd00c58775e70ab2b7b5a39b4e49b332ce5b4866c6775707436395467aff9596507c96fb4896f3bf0249c5b9c99a927f31dcc1a96 |
\??\pipe\LOCAL\crashpad_2908_NLERKAIZWANCKZBE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d7145ec3fa29a4f2df900d1418974538 |
| SHA1 | 1368d579635ba1a53d7af0ed89bf0b001f149f9d |
| SHA256 | efc56eb46cf3352bf706c0309d5d740bca6ac06142f9bdc5e8344b81d4d83d59 |
| SHA512 | 5bb663ede88f8b7c96b09c1214aac68eda99bc09525ac383baa96914ff7d553ea1aed09e3c9d16893d791c81ddb164c682dfbb4759ac0bc751221f3e36558a91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 83ac197fa33c1ba4d31faaa1c45bd356 |
| SHA1 | ddee37d05ef73987a4723e2a556fb4470bdd4de8 |
| SHA256 | 19cc3ec402027a8506175eb37c503450490abf6f3b56c1ce7fa7e99c767cd1df |
| SHA512 | 877b6a38dbd398f835981dd0da8cab2c6cf31308a5ed7e0939376d47b38eb6df58becbefd35b1280668bdccbfd5de2593a5fc6495584d18d37c099d188fa37db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\cddce3b5-7293-4224-88d4-a9c7ee0a8425.tmp
| MD5 | 53e3fdf9b460973bd9ae48aaec557da9 |
| SHA1 | 3b666e7c8278b1f15e3752bb26f43379e3482d19 |
| SHA256 | 985f16dfff7cb6929cd8170b99fae63217804e6f68b2b73784a0a1faf9633e81 |
| SHA512 | d36fee3a1cb0a5cc4016ff014a0fd812c1b24244ce126455c3ec23d46968e15b6766216f99d318c00ea6cebf93f3a71240d939421395bdc63fcd25a76488048b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ac5d08997a63e8ddf41c7bf7268545bd |
| SHA1 | 1c1a78edb617c8a3ede9fd489845cc570e49a83f |
| SHA256 | 22e55cf9b9af787244a50db0a9e962f506157fa4076dd303acca2246cb6b81f9 |
| SHA512 | ee46555fdc5320c90e31c51e88bda3a54f70d9f72d50dae7318acbc1b082af9861d70484c3530a2cd6be31ecc8fd2914ab67bacc74579ece94b0167b68991d25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0e794f0022f28cfe67bfe422519537c4 |
| SHA1 | 60e7d33851bbdcfc550d1920c6790101f8267f41 |
| SHA256 | 788efaacbe8ddf2f9354453bd947da32429f745665cbc551f3b81523e3fa3742 |
| SHA512 | 1f6983c6da248c88bb3449572b274489338603cc51e27074dbdf9830d7cad43930ee9c907acf1511ec5ad1a54d3137e017ae6ac6fdfafcefa58ca6053e30a046 |
Analysis: behavioral23
Detonation Overview
Submitted
2024-11-14 03:34
Reported
2024-11-14 03:38
Platform
win11-20241007-en
Max time kernel
146s
Max time network
154s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\lua\http\vlm.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffdcc33cb8,0x7fffdcc33cc8,0x7fffdcc33cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2728 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3132 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,4314024301459458219,12371088542505748153,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4768 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c03d23a8155753f5a936bd7195e475bc |
| SHA1 | cdf47f410a3ec000e84be83a3216b54331679d63 |
| SHA256 | 6f5f7996d9b0e131dc2fec84859b7a8597c11a67dd41bdb5a5ef21a46e1ae0ca |
| SHA512 | 6ea9a631b454d7e795ec6161e08dbe388699012dbbc9c8cfdf73175a0ecd51204d45cf28a6f1706c8d5f1780666d95e46e4bc27752da9a9d289304f1d97c2f41 |
\??\pipe\LOCAL\crashpad_3900_IWDCAXTDHPNNUUBE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3d68c7edc2a288ee58e6629398bb9f7c |
| SHA1 | 6c1909dea9321c55cae38b8f16bd9d67822e2e51 |
| SHA256 | dfd733ed3cf4fb59f2041f82fdf676973783ffa75b9acca095609c7d4f73587b |
| SHA512 | 0eda66a07ec4cdb46b0f27d6c8cc157415d803af610b7430adac19547e121f380b9c6a2840f90fe49eaea9b48fa16079d93833c2bcf4b85e3c401d90d464ad2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3959b2fd54d53a415e933ac9f9143885 |
| SHA1 | eecd453fc011a54624be49448f51a926486e38ca |
| SHA256 | 116e8aa222d9aea9b7ccf948a93beaa46080612bc828bc539181d3025aced70c |
| SHA512 | 15fc2bb852b178f56a95d8691667feba1621b7128b995f1b8691bb425714e9726f2f666ec2d1c1e2dc7100c841bdbe24150b4e10a6915a7e7b59a5935c89b4d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f07e64d6fb357e599d320abfe75fd639 |
| SHA1 | c2c99b532e7d744db5c2da42072756e907b54280 |
| SHA256 | 17616cf757a8e90d0aeda3c0a7a900b69fab4e3633469dc1d551941e5c6e3725 |
| SHA512 | d580ca2ff2f39536d74d1587d6ce5096e08cc30bf9af18c3a313ebb0d2c98052fb33a9dcee7ff873b1b47154e92bbf717c5d547b8c84d39ceb9f83a27f052b11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6c15c80fb8189187fec960a0ad0957d9 |
| SHA1 | a25e033cb029d92338a151823b26f46398359185 |
| SHA256 | afab5e5ed729acb9b74128e6cc47736efa958b5c4d9b2214ed9a6f4c58fa533d |
| SHA512 | fb9f66729e6b76eff9ad96e571179e034947ea06b21a9645268896ffc514e702e50fb0ed7058158cb226539958ef7a91ddfbc6aa895d6d03214cbbfeb44e9c0c |