Analysis Overview
Threat Level: Known bad
The file https://getsft.top/ was found to be: Known bad.
Malicious Activity Summary
Meduza
Meduza family
Meduza Stealer payload
Looks up external IP address via web service
Drops file in Program Files directory
Browser Information Discovery
Suspicious use of SendNotifyMessage
Uses Volume Shadow Copy service COM API
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy WMI provider
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-18 18:11
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-18 18:11
Reported
2024-11-18 18:13
Platform
win10ltsc2021-20241023-en
Max time kernel
81s
Max time network
141s
Command Line
Signatures
Meduza
Meduza Stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Meduza family
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\2c2cc795-6e4f-4ca4-934e-00f5ab8f3d91.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241118181136.pma | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://getsft.top/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff89f7146f8,0x7ff89f714708,0x7ff89f714718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2532 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5872 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff77e6e5460,0x7ff77e6e5470,0x7ff77e6e5480
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5872 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5960 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7444 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap6325:94:7zEvent24413
C:\Users\Admin\Downloads\Galaxy Swapperv2.exe
"C:\Users\Admin\Downloads\Galaxy Swapperv2.exe"
C:\Users\Admin\Downloads\Galaxy Swapperv2.exe
"C:\Users\Admin\Downloads\Galaxy Swapperv2.exe"
C:\Users\Admin\Downloads\Galaxy Swapperv2.exe
"C:\Users\Admin\Downloads\Galaxy Swapperv2.exe"
C:\Users\Admin\Downloads\Galaxy Swapperv2.exe
"C:\Users\Admin\Downloads\Galaxy Swapperv2.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,656767087236784273,15647182972828644451,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6564 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | getsft.top | udp |
| RU | 45.130.41.247:443 | getsft.top | tcp |
| US | 8.8.8.8:53 | 247.41.130.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | netdna.bootstrapcdn.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.10.207:443 | netdna.bootstrapcdn.com | tcp |
| GB | 142.250.179.234:443 | maps.googleapis.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| GB | 142.250.179.234:443 | maps.googleapis.com | udp |
| GB | 142.250.179.234:443 | maps.googleapis.com | tcp |
| US | 104.18.10.207:443 | netdna.bootstrapcdn.com | tcp |
| US | 8.8.8.8:53 | maps.gstatic.com | udp |
| GB | 142.250.179.234:443 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.187.250.142.in-addr.arpa | udp |
| GB | 142.250.179.227:443 | maps.gstatic.com | tcp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.179.227:443 | maps.gstatic.com | udp |
| GB | 142.250.187.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 95.100.195.160:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 160.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 95.100.195.164:443 | th.bing.com | tcp |
| US | 95.100.195.164:443 | th.bing.com | tcp |
| US | 95.100.195.175:443 | th.bing.com | tcp |
| US | 95.100.195.175:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 164.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.136:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | galaxy-swapperv2.ru | udp |
| RU | 37.140.192.62:443 | galaxy-swapperv2.ru | tcp |
| RU | 37.140.192.62:443 | galaxy-swapperv2.ru | tcp |
| US | 8.8.8.8:53 | 62.192.140.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| RU | 37.140.192.62:443 | galaxy-swapperv2.ru | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | userstatics.com | udp |
| US | 104.21.53.38:443 | userstatics.com | tcp |
| US | 104.21.53.38:443 | userstatics.com | tcp |
| US | 8.8.8.8:53 | sabortrujillanobcn.com | udp |
| NL | 191.96.63.200:443 | sabortrujillanobcn.com | tcp |
| NL | 191.96.63.200:443 | sabortrujillanobcn.com | tcp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.53.21.104.in-addr.arpa | udp |
| NL | 191.96.63.200:443 | sabortrujillanobcn.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | 200.63.96.191.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 172.217.169.35:443 | www.google.co.uk | tcp |
| BE | 64.233.184.154:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.184.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 95.100.195.175:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | www.galaxyswapper.org | udp |
| US | 104.21.73.64:443 | www.galaxyswapper.org | tcp |
| US | 104.21.73.64:443 | www.galaxyswapper.org | tcp |
| US | 8.8.8.8:53 | 64.73.21.104.in-addr.arpa | udp |
| US | 104.21.73.64:443 | www.galaxyswapper.org | tcp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.17.150.117:443 | www.mediafire.com | tcp |
| US | 104.17.150.117:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| GB | 142.250.200.46:443 | translate.google.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| DE | 18.245.86.111:443 | cdn.amplitude.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| DE | 18.66.147.56:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | 117.150.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.63.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.86.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.147.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 104.18.159.164:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| GB | 142.250.200.10:443 | translate.googleapis.com | tcp |
| US | 104.26.2.173:443 | www.mediafiredls.com | tcp |
| US | 8.8.8.8:53 | download1652.mediafire.com | udp |
| US | 199.91.152.152:443 | download1652.mediafire.com | tcp |
| US | 199.91.152.152:443 | download1652.mediafire.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 34.209.50.207:443 | api.amplitude.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 230.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.82.161.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.187.37.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.159.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.152.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.50.209.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| BE | 64.233.184.154:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | tcp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| GB | 172.217.169.35:443 | www.google.co.uk | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| DE | 65.9.66.68:443 | tags.crwdcntrl.net | tcp |
| IE | 18.201.5.137:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.200.46:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 137.5.201.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.66.9.65.in-addr.arpa | udp |
| GB | 142.250.200.10:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.140.244.186:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | 186.244.140.51.in-addr.arpa | udp |
| RU | 193.3.19.151:15666 | tcp | |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 172.67.74.152:443 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.200.3:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | 151.19.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.74.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e87625b4a77de67df5a963bf1f1b9f24 |
| SHA1 | 727c79941debbd77b12d0a016164bae1dd3f127c |
| SHA256 | 07ecc7bd328990f44b189112a1a738861b0f4528097d4371e1ab0c46d8819f4e |
| SHA512 | 000d74220ba78628b727441c1b3f8813eec7fc97ff9aa6963eb2ab08d09525fa03935b32e86458c42e573b828a22b0b229af02b47eee511dc83de4ed3b5e726b |
\??\pipe\LOCAL\crashpad_1012_OUGXVALSMJTGKKYL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\bba01c2e-1835-4bd6-892c-9559c807e012.tmp
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5d9c9a841c4d3c390d06a3cc8d508ae6 |
| SHA1 | 052145bf6c75ab8d907fc83b33ef0af2173a313f |
| SHA256 | 915ea0e3e872d2b2e7d0e0ca30f282675139c787fec8043a6e92b9ef68b4f67d |
| SHA512 | 8243684857e1c359872b8e795a0e5f2ee56b0c0c1e1c7e5d264c2c28476e9830981bb95244f44c3b2ed334c3e1228f3d6245cce2f3d1f34cdbce8e2af55b4c85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 137094a3453899bc0bc86df52edd9186 |
| SHA1 | 66bc2c2b45b63826bb233156bab8ce31c593ba99 |
| SHA256 | 72d823cac2d49660cdd20ebf4d3ac222c4dd15aae6e5ac4a64f993ef5c4fdd44 |
| SHA512 | f8f149c9eab06e8d7e1aa62145f0fc588dc36fc521ef4dceceb80a191b72d79586d920feb5f3b1d19595109cc6d608c143e32f521a4da1068c708a2538899ada |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2fef5b11a24c39ef53a4e46abd0a75e0 |
| SHA1 | e3f5ffdcaf622b70e4293800ff455ac5902929c0 |
| SHA256 | aff5e2edcbfe310a58907073085c592639b20acbff6b905a267522681da90bcd |
| SHA512 | b4aba0cf8d66937da562926e699637ff34df8dbff3cbae27a6a840072bed238fb6549fe1e15439ba474c3233906315f0ceb972451797239861f72b4734c9aa99 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 1ca7cb2fb14da0cd3ea78a322492d458 |
| SHA1 | 965f85192786e7fdd38772ed820b4d38bb3f1729 |
| SHA256 | 7bb610d0eb6047b6dcd9eaa8de69ad68417b49162acdf27c5cf8cd2480c43bde |
| SHA512 | 68b94445eb98e21b50d755d8b13e2087ebc1518ca6378f45c17aa436588d2a9a74c95fcf79fb6489c208042ce212a759fbeb5644af009f620a558a338042efc0 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | f59b30b1876c4c7ba24d179f8cc0484f |
| SHA1 | afe64a072b8708e8f4f3ac80c8b6f8393208b9d5 |
| SHA256 | 2b3bb3da77e39f0b3f16c2410c03d375ff0ba6ef1635c5f49badfdd4187e8929 |
| SHA512 | 1288fe88c5bec8989de5f28b9802228462ded6906c7e9e394668b9a7be1222bc940c4186d56e683486a410aaba4a70a91eae6d2eab66bc419cbb405868ba6ab8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d145ee7e4ba896adb606ee878791331d |
| SHA1 | 72ae3d6988e07bee2ce98578c666250dcff5d163 |
| SHA256 | 22b9b0d99342450c25afe667498555fe44f8c96c2cd3ea9b0c607e2def46476a |
| SHA512 | 1c56d874060e1c6322d8e0523596bb6cebe15eb54eedc2576a1e6364a219a085df50d5f7b95c2c7519ce1680a753b9fadd4c3e1f8b05edfcc1b6ce616d20c04e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 243572c4adae35b0e8b4d0e37f055768 |
| SHA1 | 85b3ac3c4e620720d054e26a6edb9d0d0703fd86 |
| SHA256 | 7672f71daa5e1687c6b5561d9a5747ef6b4461e384843a51d45abb19514e33f6 |
| SHA512 | dcf44dcceb470b133a3d63aee08a804b496a3b8b9046179321cb53f1e8b70e28e54455d92028159c453808ddab17a987b915110edc55c0c78b7cc705af243efa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 364592d2cc18adf665987584bf528cba |
| SHA1 | d1225b2b8ee4038b0c42229833acc543deeab0f6 |
| SHA256 | bd97dd6797bb763681cfb1fc3cc21a44a273aab1d9a4f4f9332675c662d2136c |
| SHA512 | 0e852db825e451464cbcfda95eae2dfe780874bd20e7b467604962428007d1735ece752aa5901d468708a68d66d029271d5567b39c530d2d44b875abbff9aa40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2768457f9d08a1acd4c166300cb2132a |
| SHA1 | 13e40f3e257a29f7a14288275158d4a720f7549f |
| SHA256 | 355a16d1c4620118877fbb90531c3fc93c2668a948079db9b844f72e4e08863d |
| SHA512 | 8103815fdefe1bb855bda5c2127d35cc58c78fb90649dddcaaebd568cc3d4b5c85459d4006e40b28c82e4f60f542bc9442eaefc4d2a8d3ed519e44c5dd66d1fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 80db6c83f1833d72dd53569f59d60a3e |
| SHA1 | 2de2a7532519cf72f0680d886afbdd65a7e516aa |
| SHA256 | 33fd844b0e209dbc136c7cad0399a1309bd4527cad23e427d8c53045a0d3a11c |
| SHA512 | 14cfe74c00f31eea5541ec25055a3a3d2a90b5c7a556bab7c5e1cb9e9aad95fb0401d92c05886793392c056297aa3177f44524a707e572ed8e74bc0c1c54a6e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57de98.TMP
| MD5 | 7b62ed95b18a935f08a06301d09dec19 |
| SHA1 | d60fc28dc10c85e4b17d0f323db5f7f79521a401 |
| SHA256 | 0dc84b07cf4ff7ec38d6433e57ec7d93d8877bd1105337644b0d82ca6a32d101 |
| SHA512 | 1e7ec533efe1fa3f20705d7faecf05a7c142a3927b2102cea72e63144d75a552872b28bdaabbf98319f2040da8322d98d9bf7732be3fc27ac1ecea82c59935e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032
| MD5 | 476ce314c28f9d977ff73f4b2c50b1f3 |
| SHA1 | 878eb1f83a5c332f6718df99c76165b556c68b0c |
| SHA256 | c145190c53c391fb3c218b23b38d34ff8642bb655a5e60e6ad95c99198affc51 |
| SHA512 | a7ccf454c373d7831b49169f4f450674151c07f514147d5705b72af1f19dfb4b46c8c229eb0b7580efe3588826de05d5244772368fefdbe85fc6f7a01631e7ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4683b5512e7b8e33abf758b53e7a715b |
| SHA1 | 3910c986eb6039c5a8f882cd47994727eac071b9 |
| SHA256 | 99b67d04bef987444abf9fc4460e67227d45398329a2d1c862518fe9e485ca17 |
| SHA512 | aa40095f409ed71d144aa748298e804566cfda0598a2e3d8a9af7d1989a3c4bff002d27075e70c3fbf92a33307285b97d1a2e1239450db8125cf242dacf68183 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | b275fa8d2d2d768231289d114f48e35f |
| SHA1 | bb96003ff86bd9dedbd2976b1916d87ac6402073 |
| SHA256 | 1b36ed5c122ad5b79b8cc8455e434ce481e2c0faab6a82726910e60807f178a1 |
| SHA512 | d28918346e3fda06cd1e1c5c43d81805b66188a83e8ffcab7c8b19fe695c9ca5e05c7b9808599966df3c4cd81e73728189a131789c94df93c5b2500ce8ec8811 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | c813a1b87f1651d642cdcad5fca7a7d8 |
| SHA1 | 0e6628997674a7dfbeb321b59a6e829d0c2f4478 |
| SHA256 | df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3 |
| SHA512 | af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5 |
| SHA1 | 6dd8803e59949c985d6a9df2f26c833041a5178c |
| SHA256 | af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725 |
| SHA512 | b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | 226541550a51911c375216f718493f65 |
| SHA1 | f6e608468401f9384cabdef45ca19e2afacc84bd |
| SHA256 | caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5 |
| SHA512 | 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fc400d498896d065b182226f7499abb8 |
| SHA1 | 83c652c1a8dd8e4ac7840f12fa2f2f2d342a923d |
| SHA256 | e0b2719d5052d5f0f41bd6477d598c1833f896d19d0d3520a61ae466bc35458e |
| SHA512 | 740f49a53061c2fdf7333ea2996ae4fee3a361a39d6faf8838e5cc73a82475f3fcd97d8cd089f842e260a3d15559b82d2c2d62e14f4a767fe9397285d9d52367 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b2c5533bfaf842af083018785c9fbff6 |
| SHA1 | 5eb0d616fb61a956cb2c2c6a8637fd66e63ff25f |
| SHA256 | 826bf52ae6404c5ca02fd946293f8d36347da7f0dd1f05bdd9a11679195d77f5 |
| SHA512 | ccc9b085e19426e2c5eec41bb51da2b8912e55dfcca40155dc8a79f61de5037094191be66cec7f052d36497a3addba3238063987cfa3a3bcc011a5dd8d3d2a42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041
| MD5 | 4887275b4f2ce31fc2b2236771c171e8 |
| SHA1 | 90043873ae238c41f082a90c0e892c6d210452ea |
| SHA256 | 2c016e32414be1b907514b08c735c54e4f7a5cd98f3391e3229070d31c4353fe |
| SHA512 | 5b276fdbd4fa2636cc8eb588f2ba30d5950dcc1830c8c408439d271a13ba1351ca8e6aaedd0d75c6a8ca4828a40bce80fdce11ff342e910d2879079f7e32102d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040
| MD5 | bf449470f06ca2bf951ed1934740e8ed |
| SHA1 | 6e28901408f63c59f7c6103f70ea6cf8b52ecb5a |
| SHA256 | 1a2334b6e9885bba5223e21cae308d701c5d87b9b789972e180533583add89e2 |
| SHA512 | 217a6f35ffe5a2dc701d0e3b01076a7c799c89e97da0ce1bc60b7c59f2f91a979e98e1d59bbe8ee92585481fcbae534e34f98388614f5676d07db50676d99ea0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045
| MD5 | f64d7d5a4bd398d63101afc17f5e9175 |
| SHA1 | 3a69501e20d295d48a2ac86c3b7fb4ea9edc5f33 |
| SHA256 | 4133f505fa9f390a9397d92ef63f33c03160819b245baa50923eb8e082176206 |
| SHA512 | 684aafecd9545487f9fb2aafdccc01ce3eb81f690d2059e6ef99ba7b902e6e4d29dc0f80ade7da1271cbf75fa6ae88b71becd0aa31f01dec0bd769de22f63d44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046
| MD5 | 2365cf0d2414c061c29d737b07198077 |
| SHA1 | 55e4b73b57a77d0e20b892bae75902e6607d676b |
| SHA256 | bc77e41270598378662b9f6d9b746af73cc236c8bc4e6eb7bf9ac748752363da |
| SHA512 | 678df0100cbbc041a999f8ab56c508230b2c26d2d684b3cf24bc2c8fe77254ca870f502e17165175c77bad37b99269885912e6a9ccf5d5f06bb76400c8c0f155 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c
| MD5 | 1d189a9f002aab572717f88ae5a108d5 |
| SHA1 | 8e547907bf5fd8b2d0e6a0afab3286cafa4e6b26 |
| SHA256 | 2a3813d14bf5cd4f12da93b2d3e650b27221b245d1c8887404ebaa185512b704 |
| SHA512 | 25e2afaabe75f43584d1c1f2cd523fe5701cb8469421e6c23a5c78ad6c636fda16dc611403c8b3807710db68193bd7aab3a2dac731da4d0f03e44b8000346f19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
| MD5 | ea0d829233ddf1a13f638f1bd2a4ddca |
| SHA1 | 2103d9b2f4c10ad663d6c45ac468afe23bd90798 |
| SHA256 | dd214f4e06912ec56d5765650d80dd0f87fbd3d4301054985b62252e3dcafedb |
| SHA512 | 0d22b8361fa4b8a8b280df86844a0ffeba49c3531f910b9dc066de00c0abb77a43c86d33f913c06ee58d2fc6c391a2226956203e73cccff1ed51ef790770f0be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048
| MD5 | 489170f565e5d8cf56e8ac02dddef34b |
| SHA1 | e11b556951fb2f7f066860b91647986c152f4e3a |
| SHA256 | 3da823babbf3a2f22892ac282aaf6a070ccf5bc8f415053e698636f9a2e17e87 |
| SHA512 | 7e615f726d767c55ff8e7cc20b6d35b2557a0e01b4bda5ac910ca1d9a12518a69aea5c535d5ab23d37fcddb039897f159cef22d59ba5ce0949fc5ed53f49c9d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047
| MD5 | 971f6559548a912d8e2151f1296661c7 |
| SHA1 | b93145b3d535cf1eee2f2329366bcd9d706d8924 |
| SHA256 | 38203d46cdf193780df9f60534b14152e21a3a4e1c891f3f31dbe16cd166485c |
| SHA512 | 27a8f938742b6215d0a5357d7c151bc8ad4880165d2cf582641bcf4b6081634759d913b6173f051d721e7c609c6f5f0bf2aad63873c8a79825888ff861fc7180 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044
| MD5 | f1eaf516993292ee07297ffabd5a1845 |
| SHA1 | 8bd64dd235d60b753bba33587ad99ff11c8f33bb |
| SHA256 | 3d47fc68edc76004a3a4fc7c38aab191c4dd301e107cda954d65af3ec8f1eba0 |
| SHA512 | a91d65a24117c375c145e1286724052bae514ce17db5922fdf3b942e5646fe4724466adf733b9246ca8e82d3b93e6a63ba5aeeddb0db9a8e1bf67f8e1e978b2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f52bd759f0b4c38bbc47ffe5f58bcbf5 |
| SHA1 | 2f5568e741381cea6a8c892bf459a7b8e21bb730 |
| SHA256 | b9d25c697d5f03d01f13dc23c7ee7c86812bbbe784d1298e4384ff724e4063d1 |
| SHA512 | 988f746b70898214878b84f70740e5a2acfd2f001623a9f48ab70b1b0f5cddf74a99c1f6e949f8f29d25d81205cfbb0b8c27804109f819dae8306f0b10ef774b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b7c45b2e73cdcde0b1572fc79c3f380e |
| SHA1 | ef6758e29a8eaac355d91bb1d7902b0a5d7d9bcd |
| SHA256 | b548adffc8efac7e492aaca2d46543eeb6445fe4a3206571651b60ae6af37ccd |
| SHA512 | 024c7feeab7ea3f878b3659adc52cf568364bf553a4de74d4862d1fadd8e45b408cf887c7107cd24d8717ef310a7d2613b78ba17eca7ca54354c387c4a63333e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8715b55b16ed572b21204342401ddee7 |
| SHA1 | 4944e7e19fe8063ab81aa0a00e0ef49369a07cdf |
| SHA256 | f06427eb739c5372973cd92ad30cceb2f15fb32cd021c2b29a205a98e4046c50 |
| SHA512 | 85ca668942d9fe76cbe76784647b52038b4a3a39e33ef024dfe3d28c2af1a8618cb3e8c758223769ef31ab6303ba1c72c6a174979c3c4ad145c47caec5d2a32d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\dd14cc9e-f30a-4323-8ed7-54eceac2d430.tmp
| MD5 | d22aa0c9338a437b90f8481ea79086c8 |
| SHA1 | b2c21afca4f6481b1fdd52bccc9d00b0e7c14e15 |
| SHA256 | 88e7e7370231527dcc4edaa4ba6f95c5504d66bec760bdc079484adbf3a3e66a |
| SHA512 | c5e03f4e1c00e459358af4ffdd383e12139107da8e22258c6ca097dba10a1c46710ba200f98c84a0e3c01267aa0000e7be75c22aa80eb749afa4899e41565dcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 442b2beb11bcae8a925a6e456b495727 |
| SHA1 | 3d7582c10f0469a7bcc0844ffda4187e60093f5a |
| SHA256 | bd637f0964f643452be150d296879960d0430d74c1fe7636b06f8bebdb019cdf |
| SHA512 | 69d99e2d4b41de5ee6f342408e490fdfd03edcb56d92b9e376fbebbfe5527a08d8cbaea5c57ca93476979e922fd5a00c62315752b4c390d2aa18a7827fe905b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f6cc60b55fb14f432bd4fe21ac760d6e |
| SHA1 | d37ba5cae021f49c892136b3a73abbb88cbad42c |
| SHA256 | 7648d844d2f450f54fdde9ace76e579ae746e8e3ced0fddfceb57f3147416755 |
| SHA512 | ac82b9e6915cb7578a2d00a1a3780761c8258e7e266a92afe6fa04b8d504afee15963ea5eb08a6794faa860b87d237f3a026517a71c73a38136be7f4010a7934 |
C:\Users\Admin\Downloads\Galaxy Swapperv2.rar
| MD5 | 11ef03e15082235273b654a1ddeea7a5 |
| SHA1 | 33f54be53bc8d3b89e7aed2a9503e093e0aae292 |
| SHA256 | ef03b39e700285fb9d5dd5b3f324a35693fa94e5d1db69e63a57469951d3bafd |
| SHA512 | 8ba53819a6d8f1630256d65ab983c518f303e0031b6bf5a30843e853c72414a03bc8c2edd6229833c02c0d5e6e3bc218b516dcba5de1c68dd21182590acd1d14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 435001b44b23e82311bc98028d9b8499 |
| SHA1 | b226499800daec9fa97c311da465cbf8a1e8ac00 |
| SHA256 | c8996f9f70146e6a9641eaef8743c88e535446857319fef50d30d9e0e4f49539 |
| SHA512 | 2b5df6d2653e556e82655edd2ff689b93b70ed68e0dffae452b1c23857bca0a3fb8ed41805ef6df7d0a6e4be36710d987199c2157402d48f20d8ea3195e822a3 |
C:\Users\Admin\Downloads\Fix\etc\mono\4.5\DefaultWsdlHelpGenerator.aspx
| MD5 | f7be9f1841ff92f9d4040aed832e0c79 |
| SHA1 | b3e4b508aab3cf201c06892713b43ddb0c43b7ae |
| SHA256 | 751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a |
| SHA512 | 380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5 |
C:\Users\Admin\Downloads\Fix\etc\mono\4.5\Browsers\Compat.browser
| MD5 | 0d831c1264b5b32a39fa347de368fe48 |
| SHA1 | 187dff516f9448e63ea5078190b3347922c4b3eb |
| SHA256 | 8a1082057ac5681dcd4e9c227ed7fb8eb42ac1618963b5de3b65739dd77e2741 |
| SHA512 | 4b7549eda1f8ed2c4533d056b62ca5030445393f9c6003e5ee47301ff7f44b4bd5022b74d54f571aa890b6e4593c6eded1a881500ac5ba2a720dc0ff280300af |
C:\Users\Admin\Downloads\Galaxy Swapperv2.exe
| MD5 | c50f8f31c903a9f88b6bdec9b9f8962b |
| SHA1 | 39e30a482d13a431797c02a0d0c90fa9829981e2 |
| SHA256 | 5c6985e002a60d821fd7b029b2c5d04c3ee16bb619999202f6dbdf432d229989 |
| SHA512 | 6a2361e6bc5706b5ad0e8264b7767b620111d879dae1bdb463771a39422e20aac204eb25dc06c0820ec69260ffb2ae8e0d939982c865029e2252daeb9cc1f87d |
memory/1240-1196-0x00007FF6F0A50000-0x00007FF6F0A51000-memory.dmp
memory/4748-1200-0x0000000140000000-0x0000000140141000-memory.dmp
memory/4748-1202-0x0000000140000000-0x0000000140141000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
| MD5 | 969ff34e20fe4abd72a5a3044ea2e2f2 |
| SHA1 | f692ae59b6df9c90dd13ce8738ad5e4b08f81b55 |
| SHA256 | c1314586d776e1608ca6f6e569cf1857627c7e757244888730c8c0c66fae8db4 |
| SHA512 | efdc8408f1d32ffca83baecdb79726d2b54350f3e7d316ea45fb28b49163bdce1a74c3d71309c774cd415eb0e6f14f246b3923a4f5cb09063fb979b02ad7003a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 4081422abea4a316e46c699f2547c76d |
| SHA1 | 005c87466aebf5a79d8b5dcb48d5d2ece9395a89 |
| SHA256 | 214d72e7ba32dd901f406072ed488779bc9b1ad36dbb0de5e3dac38cba80d351 |
| SHA512 | 17d5d1ce4a0b7cbd69698a159d1f6a6b7775fe2ce668c4c7730db95a34818b4020b6beb39296cdab84a21426b7b80b5446da8b2ed823d4939247a71e5d8ff713 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
| MD5 | 614aca0f5c1f660a2b7ee2420cf5fd1f |
| SHA1 | afbe1bff1a5fb0ac18f1636697aa15e78f827e0a |
| SHA256 | f8cc793bb008441daa3712e20a22a375316a8e0d1ce93eb25f93795dd7d8cce7 |
| SHA512 | 80be1c10f24a0ddb337ca3d6efd4962a95ec38476f8a3e189eb6b04dd209f0613f398436f175c593fb57274ebff1695658faefbd645da21990e4f10243b89431 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | d1be4282ca6f020dfba692798e507ee7 |
| SHA1 | 3d5fc05df5a17c1ccca6ea53e4e4f514a1d863d8 |
| SHA256 | 16bf0c8c14732aba8bd6d2fb4ccbf9882cf8f9582517b5dedffe3c5720c3c3fc |
| SHA512 | 0136c677c5dfa5bd3130aef38d7f364a1fe64fba4674b13781c2529909c5715cdd98e8b10a8acacdcb63007c94182294a2ae31e3091c389ea08c58b480847c4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | 0a33b60c4ac608e065bda575ffdadf72 |
| SHA1 | be849cf05e5e8c57264015172382d5e67c868837 |
| SHA256 | df83e9e8e2f8b77d6fa1bf2353e217c4f52dd510ee0d5ef17afa23578f4b72de |
| SHA512 | d19b712bf1241c195048e0d3a0e1260ae5d85c1d86b0d301f1be05c56645d9bdcc73fcf106d49b799b1e5dc1cd32f3a4f3e89b5708afaec8f6cc43ce1a20c7d8 |
C:\Users\Admin\Downloads\PASS-2222.txt
| MD5 | e1ca5dca9bae3b73a530850ffabe75a1 |
| SHA1 | 4a2a3ead4114a3df1d1115fe10d8ede70fe99076 |
| SHA256 | 3d5202d006181f27678a5dec8c9b8b4ebef0d75749b4444c034252c99e59a56c |
| SHA512 | 103eddd6a647ad3a3221f4276fe711c069609738e85621f33e0cba8f94992e8ab0c4a7605a0fab15ee05681c1f8343466bb838aa39fe29a781f812f344a3058f |
memory/5188-1225-0x0000000140000000-0x0000000140141000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 093c35ef51caab6327365c08b37e6a81 |
| SHA1 | 73b7230f25756f7bc4058b5ee0bceca11d481cac |
| SHA256 | 44c4240e18f0fbc98126c8907e6401a260a48aa7e009ce4d9e5fb61f010be85d |
| SHA512 | 9fb9a272abf88e1ef5f26742cd3242977ad3efa916c3bd57ecc673ba4be917020ae8c1eeae01d19641e621240bfe95f9488ae67bbd15ab1d90eff630e2704696 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0cf5f69624e7192e94634f1ff271e9e5 |
| SHA1 | 2dc4a66d2ab3ba8b11bfaf80223ef84efb2b9b01 |
| SHA256 | 4dd61da094cece322843f6b1f2f7cc9d80b7e9aea729fe351a35a168f82598b6 |
| SHA512 | 8a2703e4454e2d992216e593df8f7d9272e8e8c99e2a96e26627d8f26706a60bb7e4034217e6c211c46e6b372014dc6770c98f746c6adeabacee594a20c0c351 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1136ab6592cf7205fb7d31d8107c6897 |
| SHA1 | d652d23dbf860a487aa8989bb6f3cbda6b280e3a |
| SHA256 | 5ffc4aec0ba507e30f52a187815f9e8df1ec3e368c18419353f1543200a9fda0 |
| SHA512 | 2243bd007547d16ed5c248b748dcd8c98cfe3d4b935f32353ccd00c7ce132c11c96f322bb39151d942b0cb1d344b8c1c9da6815222c95dac4efd1921408c6877 |