Malware Analysis Report

2024-12-08 00:35

Sample ID 241121-wkwrxsyncj
Target https://www.puaida.com/products/charger-for-puaida-electric-skateboard-output-42v-2000ma-for-36v-battery?_pos=1&_psq=battery+charger&_ss=e&_v=1.0
Tags
paypal discovery phishing
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

Threat Level: Shows suspicious behavior

The file https://www.puaida.com/products/charger-for-puaida-electric-skateboard-output-42v-2000ma-for-36v-battery?_pos=1&_psq=battery+charger&_ss=e&_v=1.0 was found to be: Shows suspicious behavior.

Malicious Activity Summary

paypal discovery phishing

A potential corporate email address has been identified in the URL: 20221102112404_0c7cb7f3-1de8-4151-9fa1-212213644d0f_1024x1024@2x.jpg

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: 20221102112426_d918bcf5-d9d3-4737-b41d-9963bda6a351_1024x1024@2x.jpg

A potential corporate email address has been identified in the URL: 20221020161041_4512a5da-9155-4f2c-b38f-8ab8d290c7a0_1024x1024@2x.jpg

A potential corporate email address has been identified in the URL: 202210201611331_9b73ab50-ad9d-4a66-9d51-76759f165eb4_1024x1024@2x.jpg

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: 202210201611331_9b73ab50-ad9d-4a66-9d51-76759f165eb4_110x110@2x.jpg

A potential corporate email address has been identified in the URL: 202210201611334_5d42d85c-2741-44a6-9ca0-28feacdafd41_1024x1024@2x.jpg

A potential corporate email address has been identified in the URL: 202210201611334_5d42d85c-2741-44a6-9ca0-28feacdafd41_110x110@2x.jpg

A potential corporate email address has been identified in the URL: wpm@3c762e5aw5b983e43pc2dc4883m545d5a27

A potential corporate email address has been identified in the URL: 20221102112426_d918bcf5-d9d3-4737-b41d-9963bda6a351_110x110@2x.jpg

A potential corporate email address has been identified in the URL: 20221020161041_4512a5da-9155-4f2c-b38f-8ab8d290c7a0_110x110@2x.jpg

A potential corporate email address has been identified in the URL: 20221102112404_0c7cb7f3-1de8-4151-9fa1-212213644d0f_110x110@2x.jpg

Detected potential entity reuse from brand PAYPAL.

Browser Information Discovery

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Modifies registry class

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-21 17:59

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-21 17:59

Reported

2024-11-21 18:29

Platform

win10v2004-20241007-en

Max time kernel

1151s

Max time network

1146s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.puaida.com/products/charger-for-puaida-electric-skateboard-output-42v-2000ma-for-36v-battery?_pos=1&_psq=battery+charger&_ss=e&_v=1.0

Signatures

A potential corporate email address has been identified in the URL: 20221020161041_4512a5da-9155-4f2c-b38f-8ab8d290c7a0_1024x1024@2x.jpg

phishing

A potential corporate email address has been identified in the URL: 20221020161041_4512a5da-9155-4f2c-b38f-8ab8d290c7a0_110x110@2x.jpg

phishing

A potential corporate email address has been identified in the URL: 202210201611331_9b73ab50-ad9d-4a66-9d51-76759f165eb4_1024x1024@2x.jpg

phishing

A potential corporate email address has been identified in the URL: 202210201611331_9b73ab50-ad9d-4a66-9d51-76759f165eb4_110x110@2x.jpg

phishing

A potential corporate email address has been identified in the URL: 202210201611334_5d42d85c-2741-44a6-9ca0-28feacdafd41_1024x1024@2x.jpg

phishing

A potential corporate email address has been identified in the URL: 202210201611334_5d42d85c-2741-44a6-9ca0-28feacdafd41_110x110@2x.jpg

phishing

A potential corporate email address has been identified in the URL: 20221102112404_0c7cb7f3-1de8-4151-9fa1-212213644d0f_1024x1024@2x.jpg

phishing

A potential corporate email address has been identified in the URL: 20221102112404_0c7cb7f3-1de8-4151-9fa1-212213644d0f_110x110@2x.jpg

phishing

A potential corporate email address has been identified in the URL: 20221102112426_d918bcf5-d9d3-4737-b41d-9963bda6a351_1024x1024@2x.jpg

phishing

A potential corporate email address has been identified in the URL: 20221102112426_d918bcf5-d9d3-4737-b41d-9963bda6a351_110x110@2x.jpg

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: wpm@3c762e5aw5b983e43pc2dc4883m545d5a27

phishing

Detected potential entity reuse from brand PAYPAL.

phishing paypal

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1045960512-3948844814-3059691613-1000\{38F1D905-3D92-431E-9512-F997AC138351} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2000 wrote to memory of 4212 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 4212 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 264 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 264 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2000 wrote to memory of 3200 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.puaida.com/products/charger-for-puaida-electric-skateboard-output-42v-2000ma-for-36v-battery?_pos=1&_psq=battery+charger&_ss=e&_v=1.0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb596c46f8,0x7ffb596c4708,0x7ffb596c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5332 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5328 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 www.puaida.com udp
CA 23.227.38.74:443 www.puaida.com tcp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 74.38.227.23.in-addr.arpa udp
US 8.8.8.8:53 cdn.shopify.com udp
US 8.8.8.8:53 files.slideruletools.com udp
US 8.8.8.8:53 static.klaviyo.com udp
CA 23.227.60.200:443 cdn.shopify.com tcp
CA 23.227.60.200:443 cdn.shopify.com tcp
US 8.8.8.8:53 monorail-edge.shopifysvc.com udp
US 8.8.8.8:53 cdn.judge.me udp
US 151.101.130.133:443 static.klaviyo.com tcp
US 8.8.8.8:53 fonts.shopifycdn.com udp
US 104.26.0.12:443 files.slideruletools.com tcp
US 34.54.30.0:443 monorail-edge.shopifysvc.com tcp
SE 185.146.173.20:443 fonts.shopifycdn.com tcp
US 104.26.0.12:443 files.slideruletools.com tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 www.paypal.com udp
NL 185.172.149.104:443 cdn.judge.me tcp
US 151.101.1.21:443 www.paypal.com tcp
NL 185.172.149.104:443 cdn.judge.me tcp
US 34.54.30.0:443 monorail-edge.shopifysvc.com tcp
US 34.54.30.0:443 monorail-edge.shopifysvc.com tcp
US 34.54.30.0:443 monorail-edge.shopifysvc.com tcp
US 151.101.1.21:443 www.paypal.com tcp
NL 185.172.149.104:443 cdn.judge.me tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 200.60.227.23.in-addr.arpa udp
US 8.8.8.8:53 133.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 0.30.54.34.in-addr.arpa udp
US 8.8.8.8:53 20.173.146.185.in-addr.arpa udp
US 8.8.8.8:53 12.0.26.104.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 104.149.172.185.in-addr.arpa udp
US 34.54.30.0:443 monorail-edge.shopifysvc.com udp
US 151.101.130.133:443 static.klaviyo.com tcp
US 8.8.8.8:53 static-tracking.klaviyo.com udp
US 151.101.130.133:443 static-tracking.klaviyo.com tcp
US 151.101.130.133:443 static-tracking.klaviyo.com tcp
NL 185.172.149.104:443 cdn.judge.me tcp
NL 185.172.149.104:443 cdn.judge.me tcp
NL 185.172.149.104:443 cdn.judge.me tcp
NL 185.172.149.104:443 cdn.judge.me tcp
US 151.101.130.133:443 static-tracking.klaviyo.com tcp
US 151.101.130.133:443 static-tracking.klaviyo.com tcp
US 151.101.130.133:443 static-tracking.klaviyo.com tcp
US 151.101.130.133:443 static-tracking.klaviyo.com tcp
US 151.101.130.133:443 static-tracking.klaviyo.com tcp
US 8.8.8.8:53 otlp-http-production.shopifysvc.com udp
US 8.8.8.8:53 fast.a.klaviyo.com udp
US 8.8.8.8:53 static-forms.klaviyo.com udp
US 8.8.8.8:53 21.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 151.101.2.133:443 static-forms.klaviyo.com tcp
US 151.101.66.133:443 static-forms.klaviyo.com tcp
US 8.8.8.8:53 www.paypalobjects.com udp
SE 192.229.221.25:443 www.paypalobjects.com tcp
US 8.8.8.8:53 t.paypal.com udp
US 151.101.3.1:443 t.paypal.com tcp
US 34.111.204.238:443 otlp-http-production.shopifysvc.com tcp
US 34.111.204.238:443 otlp-http-production.shopifysvc.com tcp
US 34.111.204.238:443 otlp-http-production.shopifysvc.com tcp
US 8.8.8.8:53 133.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 133.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 25.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 1.3.101.151.in-addr.arpa udp
US 34.111.204.238:443 otlp-http-production.shopifysvc.com udp
US 8.8.8.8:53 a.klaviyo.com udp
US 172.64.147.119:443 a.klaviyo.com tcp
US 172.64.147.119:443 a.klaviyo.com tcp
US 8.8.8.8:53 connect.facebook.net udp
US 57.144.120.128:443 connect.facebook.net tcp
US 8.8.8.8:53 227.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 238.204.111.34.in-addr.arpa udp
US 8.8.8.8:53 119.147.64.172.in-addr.arpa udp
US 8.8.8.8:53 128.120.144.57.in-addr.arpa udp
US 8.8.8.8:53 d3k81ch9hvuctc.cloudfront.net udp
FR 18.245.199.127:443 d3k81ch9hvuctc.cloudfront.net tcp
US 8.8.8.8:53 tracking.aws.judge.me udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 51.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 127.199.245.18.in-addr.arpa udp
US 3.223.225.216:443 tracking.aws.judge.me tcp
US 3.223.225.216:443 tracking.aws.judge.me tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 cdn1.judge.me udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 mds.oceanpayment.com udp
US 151.101.1.21:443 www.paypal.com tcp
NL 185.172.149.104:443 cdn1.judge.me tcp
HK 47.238.178.179:443 mds.oceanpayment.com tcp
N/A 224.0.0.251:5353 udp
US 151.101.1.21:443 www.paypal.com tcp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 40.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 216.225.223.3.in-addr.arpa udp
US 8.8.8.8:53 www.merchant-center-analytics.goog udp
GB 142.250.200.14:443 www.merchant-center-analytics.goog tcp
HK 47.238.178.179:443 mds.oceanpayment.com tcp
GB 142.250.200.14:443 www.merchant-center-analytics.goog tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
GB 142.250.200.14:443 www.merchant-center-analytics.goog udp
US 8.8.8.8:53 179.178.238.47.in-addr.arpa udp
US 8.8.8.8:53 ddbm2.paypal.com udp
FR 3.162.38.80:443 ddbm2.paypal.com tcp
US 8.8.8.8:53 paypalobjects.com udp
SE 192.229.221.25:443 www.paypalobjects.com tcp
US 151.101.67.1:443 paypalobjects.com tcp
US 8.8.8.8:53 80.38.162.3.in-addr.arpa udp
SE 192.229.221.25:443 www.paypalobjects.com tcp
US 8.8.8.8:53 www.recaptcha.net udp
FR 3.162.38.80:443 ddbm2.paypal.com tcp
GB 142.250.200.35:443 www.recaptcha.net tcp
US 8.8.8.8:53 c.paypal.com udp
US 8.8.8.8:53 1.67.101.151.in-addr.arpa udp
US 8.8.8.8:53 b.stats.paypal.com udp
US 8.8.8.8:53 c6.paypal.com udp
GB 34.147.177.40:443 b.stats.paypal.com tcp
US 151.101.1.35:443 c6.paypal.com tcp
US 8.8.8.8:53 lhr.stats.paypal.com udp
GB 34.147.177.40:443 lhr.stats.paypal.com tcp
GB 142.250.200.35:443 www.recaptcha.net udp
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 40.177.147.34.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 200.163.202.172.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 34.54.30.0:443 monorail-edge.shopifysvc.com udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
HK 47.238.178.179:443 mds.oceanpayment.com tcp
GB 142.250.200.14:443 www.merchant-center-analytics.goog udp
US 8.8.8.8:53 checkout.shopifycs.com udp
US 8.8.8.8:53 shop.app udp
SE 185.146.173.20:443 shop.app tcp
US 34.120.165.168:443 checkout.shopifycs.com tcp
US 8.8.8.8:53 checkout.pci.shopifyinc.com udp
US 8.8.8.8:53 168.165.120.34.in-addr.arpa udp
US 34.128.157.246:443 checkout.pci.shopifyinc.com tcp
CA 23.227.38.33:443 checkout.shopify.com tcp
CA 23.227.38.33:443 checkout.shopify.com tcp
US 8.8.8.8:53 246.157.128.34.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 81.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 137.71.105.51.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d22073dea53e79d9b824f27ac5e9813e
SHA1 6d8a7281241248431a1571e6ddc55798b01fa961
SHA256 86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6
SHA512 97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

\??\pipe\LOCAL\crashpad_2000_EECYSMTBPJNQHXKX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 bffcefacce25cd03f3d5c9446ddb903d
SHA1 8923f84aa86db316d2f5c122fe3874bbe26f3bab
SHA256 23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405
SHA512 761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d9a417bc-bf6f-4bb4-8985-8dd990053056.tmp

MD5 b3c328086ffc75b42ac2f48e79287c1f
SHA1 a4c8132be474bc81d042bd0ea0afc36f2b2ccad4
SHA256 3d3919451431f5534623ee5989929a995b24969ce799e39a9fdb8377ee67fe7f
SHA512 b17d5d009a8c570e2174c1352f8e388f3feb8592988d414d4fd9d5c1c935f7cc20815be5fba3da2a4d58400d78296767a0cdac193496dd0cbbc4b3a377f5980a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 66e32cba08c2ecd162039016d551e93c
SHA1 0744fc041aff6aa6cc3da34798bfd8c376d77933
SHA256 a9edcf76a0ca3955d02e44101bd586a1b502faabd8a560e6c2e6e025dd7cea85
SHA512 370b25189c28116383fb756b8905a6db72b00bf4ce21d447b6b15146c50e43c35ef8aa3bee7f6fcd4dac3f86b1af98b9e47c0a87a3ddb02f9c1303dc3d9eb6b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9d8590c6fdb7c9862660ba0614eeba79
SHA1 7fd77e4ac8c735366ce6609ae107363587671a35
SHA256 fa8f771a4771e6da000f1f80d1f8704722b9029e4235b14d25cd8e90265566cb
SHA512 97d9a0e72da8cc56cc5b98710929dc9909882484aade1ecbdb72c13e1d40692b1bec947e4db82211b14bbb0ae29e3eced2cef2bf154806eea3a3521f50b313d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

MD5 2be38925751dc3580e84c3af3a87f98d
SHA1 8a390d24e6588bef5da1d3db713784c11ca58921
SHA256 1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b
SHA512 1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 54adf5012d3d0d7913823e115d792c23
SHA1 33424095fe04cfcc78e5c20c5e49253b720a2ea1
SHA256 382dd6da0fc85e0f972f2259582e10fe62c5641678fa573d3b31e1b7310e6a5a
SHA512 80412f0ad06eea6228f4ff28c472d37cc6b1ac0ec6775a205f0ce059e010e387382b9400576861deb28b7bdc9ad92a6b4b1f28c9e4db6ed61dd2e1273fd5cac7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f1e2.TMP

MD5 09f49c3d79c4f9493f74913422dbba1f
SHA1 10c25e8125e5dcd5396cd8201c9c40bdf02ff677
SHA256 c7b3540b9c87bbe9ae61800532d527fc0ca44a32e2dd7e53cc9d2c7214442d08
SHA512 f12d2721a93350e6fd6344b1e15eb023fed30cfbbe00c84ed87fbcebcd3b64b9be41897f5ee539c2c832686daf1f888371206f3a4e43f0dce9846c4b67765f75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 eee47b36ba7bfec366b323145810369a
SHA1 485ab7aec99a6807c2a0d8da549c6a76187f8911
SHA256 e9455d5d3ec569ae70bbeb3c53f8fad3fadc66f30d66cabe163c66a4ad01a7fd
SHA512 df4c5535f2a91efd1533d81eec1ead88f0980ebd221bb8fb8159f8efa0fdf773309ddd82cf33036407c46b399d6dbce758649e41ff57d417fe78d5fbacb547c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 daa2796d0168fc09c2337dcb7629b7b1
SHA1 fc355d4450df473d0e3533e9c66adce7c11f45eb
SHA256 801be95be331e5f4b9782108338d3a2478f48dbf794411d8144bf4a34b84a2ac
SHA512 ffc08e4835e4040e44db11e84d9dc48346df89fcf1d48099db4619474b53e87354be690adf02b39e7d79c2d3966e64767f06b34e05ba8a08002047a0b3ea1fdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 894bd8e3a241807fdbfc2c14ff1fb466
SHA1 0dc9be8e83c527b33466f54dd4950eb076f6ad2e
SHA256 6bfdf4f69e8b9a7673068ccc4f6881e5204a1c90406559f9d849742bfeae4370
SHA512 b534c326001eb8a0f197f8c98b7de9dcb0dcdc50ae8552f34bf0df2c80db19bad736e1d1273ec097aa7685cf6200a5c3e28bf689ecee69b0df12ccba1f141869

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 971c979e7f1df46486367a011c99c2c6
SHA1 ef8ffa1c7574dfa57648f52ce26b0ee0c8bdaf23
SHA256 98dd145889960d795997eff9ec33941b1d28d26383248d87f2c76d93be1fd135
SHA512 514c07ac260ecd51afa090f732c2c73eccbe210bbfd9b39e02673c6f3863c80937c8f1dbc843c123f2f008811cdbe74006190291d0bbb852aaae9732072e17a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

MD5 c32845986a55e184047e928fbede46bb
SHA1 da808834c2315f31dd3910e2ae6b1a895d7f73f5
SHA256 2deee13a48ba2fddd9440dd1b711193236285f8cc73ed5692055527a100cb35b
SHA512 26fa88547c88e96d32cc03fd43970c1f44af9602e16460f883fc67507c30f05586f09794a1e4daf38469d3c18b659d75000766d37c9cc973842cc1fa40ab5fdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 ec0bdb3eeb234a4bec109897dabc70c3
SHA1 91ba95a725d9bdfe4971390fba64eb8dfe38af4a
SHA256 ab5263bf82c79706137931c4f9b49670ff211b5994cdeb8832654ab4bb613bce
SHA512 95e5783561099cb73b0f2dc203b93caf36b98db665f831580718609b51c5a115ddc3ed1fab1e584b9ed5932885abfd93f12a675b0d00c8e20825a9869a71ac20

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

MD5 1e537622c9985bb4d5cafd3d96368bbb
SHA1 126dd24093e910b23578142c0183010eb1f2b9be
SHA256 29d7a171bf5aa6e154d2c9fe04406c067791ed4711013a406ae706343e2e6c4c
SHA512 c2c415b83ee8e817e67e5cf9ceb5c6174d2c8b2518e35f4f890a0856c2ebcbe00fd892c88df35c9abd7b0b96d8a004ccab647930638e89ea28f65687064ea79d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 e04b04cc671f52d74650f31b15be9a8c
SHA1 c85f91ea821d792887902daa9670754f7c64e25c
SHA256 d295e9eede99e9941874e30bfa1238f633474059db0b9c4c2f65cd90f3b9b9bc
SHA512 34218206cb28c3c019e6c23b6f56d4c0c767b7a4dfa05e301d8a3afdd028db08da880069951168f16abe1545a4f95f0b326556b8ff0395960c4bb6b13c5faed5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 2285e7c07b04a7969954fcfb5782657d
SHA1 6c9976153995a4351b8539bfaebf6938655f4f16
SHA256 20358cafdbcdab6676033f2bd416e651f5f76829b47cbe551004a3b21653f505
SHA512 02916f911d6693f3237b7c59487c7350ce0ec82d985ebe81f337b7cafcda34472c4b7a58f84a0e445db66754eee8eb21962aa9ce3ac0bc38883b748ad8a67e07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 aa94898a82b24c3e9c6558e9d3312bb2
SHA1 90bb2247df40cbd6f65d2a72e5778b618b705bee
SHA256 ec489525138de2789b9f482b46f4e4ea5c48325acb0422f7833e38db6cbdbfc9
SHA512 2ebfd3c5b59ea41a8b1a7edad723ffbafbefc4b9992d703948a5942919f1096f10f1648166cb4be78f9c57694b3b9c2b17000b99fec5e30ef80c9c55d6af4441

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 51026e08572ad5c098fc079e4a42ff52
SHA1 f2266875a0d86771c60d24c3233eb7b38893b430
SHA256 fb09c1b2c02c3eaa402ca43946cb6a28dc314a37e056be46a974e9fd04046a8e
SHA512 f0ea9677c7729d3accc2fa4f52a81ef88ef8bcf2a4a8b37499eabb792bf3f1dfeecc94d3f931277b4dca0ffae523482bdc7f42bcc9263859666f36c0e24b4d32

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 57be76b01e7082230a2d95ccd0392532
SHA1 afda663da5176968f251ceb66ca3c6375e781afe
SHA256 dbaf0270ca1516a770fdff3b52a576c69c146dabb47c3014c5d8894cd19bcb7b
SHA512 2777ee7744745da3d8a73ba95b2197ac4142273f6e6e71ca70cbd8b54aceef64142619412648684b57daee02feb775f5991c71ba7e2bc9aadc17139c8ce5ceb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 d4cc008d8088db1b3da383a5e1a849d5
SHA1 422e444c8edc280dbb3da0398b620d7e991f6f2b
SHA256 225042a58aefef8e76964b6be11f505d5c22ede56d09ed50bc030cacbba9f33d
SHA512 7b2396194b91e9e5b8a353cd5ada362bbcdd1656e6a79752ffa3a1c8bbe4efd628768ff5b62a787523545b4f410e7428d188cb098ca3b397c2a750cd96230b37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 14fa32e8a1b4b0394f57c9192c461106
SHA1 3d59e72cd78cd6371a27bbdb38548f0a0980fa6f
SHA256 43e3c856d5b9e20fa16629ca68243bb0ac6ac565e1464c4313b98654a0ece5ce
SHA512 d7f3975c7f4f19d386c0e52d7a395af63c5f9d81ba07a9915aa86880fec93f93e7cb2fa1c49d0404a51a7470f853b37ff3c6ad22fe80deb17f046abda16b803a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

MD5 0bfd8f07b8dbf053bcdd5f8d3d011376
SHA1 c6bab8862703a66b62a92eff44bfbd81c2350f9d
SHA256 6c506939dcb293bc97449a62c2c54a7080692de1575957e871ab8be96d370cae
SHA512 057b4220d1526d5a8dca17da6421b85a87ee59bf9c65ff0e20248559db3766beb80691c8893ac100bf2087c9150b42dfe030962955b73c2492a91035677a2fa5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b0fbf5fb174dffb42026fd55a5f2c673
SHA1 de61c8d68b29a0a7b3416c3dcea48fab7841a762
SHA256 a83b8a0129bdf20ab532e0501008bb8b5276d93828918a90014e251c46168f23
SHA512 9e414901d36a2f2e5a99f94a93161f74b29ba6ecb3dd530fbdd5b98f010453fc7d549e0f7429ab75d64f4863c441f703c206abea0eca9334c31b9691a6eb1907

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 b100307705c311e8ae4d31d8b2a4a93c
SHA1 3b1ec50ed6b09f7b3c14f6e8e201f2a2b1c98975
SHA256 4a9f5d41f5ac4c03f7772f676247d201dadf15f9ac01a31ac26685d2f559c2fc
SHA512 213f7dbe76418eaf912a232d0650215b481674943ed689ed8ea4716caa6f5293b4495597040822a62ed9372f3703245a9498e28b852f00a2256fd28a54899ea0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 15b3e100dc3d18db38203c4137151898
SHA1 2face70b71cd8c84843f51ad20bfcb1aceec8756
SHA256 97f239d5211678c6f2902b552a2716cff3fdb952d578f5cafff7acadf0e5889a
SHA512 0ef36fafc1c7c04d6fb351b8bcfb4d8eac9db718def509afd73a822cccf1bf9be2ebe060b929dbeea7878621c8d7ccfba26b87f85c1515820a6fdfeddbf72784

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 27020c5912976e958fed0bd54bbe0206
SHA1 fbefc0f8947c74381a0ac77a51ae402f2ea7602d
SHA256 456018b738e8ea9d299e02dd16823722e3fdfbdb664b443eb3ed282b9172e49e
SHA512 cecc574942419a7e754b70f69e2ebc0a22dd0e11c627770d76fa636c3afc986479b4115e0008d4a67e14c51cc8d79dfa11b2387547e3a0ad64e6780c14d1e362

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

MD5 26245a9fcfbba6bed7c23982ec432f26
SHA1 e7efeccae27f22799b24ef36ad9ba39f6d3dd1a1
SHA256 8e30d0992a4bed059b2f7bb06dd70e595571a2e3e548906d29c73b653efa9c21
SHA512 1c2ff5bb32e3c9f3bbd99f6600323b6f384bdba8794de1ca9ed6621e229ae13bbe2977d258f12fd3f30046126d5767c72255baabf122b837b5e6bb4f3eab98e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041

MD5 ab612afa2a93eb38039e8da10eeb0396
SHA1 c46bd7e689f7b981d9c6cfdf7791171d6225e8eb
SHA256 2ce4b747c335e5728db029ed53a76ce21c5d22e638136abb324e366473ba3507
SHA512 52974e3aca8830a916e87e64fea35746cd9b4890c7f01ec2c302cf98cfb5b56cc6440e8af56667f8cd36c0b49734acc1f8a8607a2c185b3ec1a53ea5d79b9f0d

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 69b96fee7f65ca9a0777c306b111054d
SHA1 acadb3fc746355225756840b6eee581b480b3803
SHA256 ac9877afbdf516719fdd52fa3ba1a27966c2585e946edf5c0aed28678fc05a45
SHA512 24f2d3f4cfae46534366e946d549fbfc3fd8f747a9c1f762908f738f5e035239fe2d841b65c7cd30a2b9051042b9304016fb92bff2e5961f5ce4b3b8c74647f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e7b09d12652f0648a07ec2b7cd9d614c
SHA1 ac997730616ce9458dc2d090fb6b69564118f05c
SHA256 8aebab230d7904c7545b546cad89373ad223010e4f381349974cba402ab182a3
SHA512 7e7ba4d45afdb161ab3327071d34c91e4d13a8005d3704c1923984aeac2bd25a02286f35697ff1e358ba5e3f666f6c6d68a41705d9d86e5c81e9d131da1be08b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 53fb28253dd544cd2eb71dd48c5aac98
SHA1 d7abe22b35937bae21cc7fa20d4e0d7bd2f7fa40
SHA256 440c573664d3ca6548144ad0c9b61a7e023effc9ccff86bd37d6ddfd4155ca35
SHA512 ad2f61b319003f99690a2a3c478dbcfd4667bee3d133fe99bff0a9188d5358d80746fb94f05dba6606d3ab7ba46eb9867610c24d74132835d5982133326cab93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 959b772605f577ec61c779841ad07505
SHA1 1bb5c75b553172dfbd34b0f5a08f942143748b4e
SHA256 1bc5a9d7d670ca8055bbd735dbd451e7aa537acc08984b1950618454921e14ba
SHA512 8c07f9e305fb40bcd5391e668feab37310d2f9b6b9264e39330c1fa15781568695bb1da22cdbb72311b7d6a1960780225c6edae7f7211c329cb46e33db5bfaa5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 bb2b8945e0bb9539d59823562a21be0a
SHA1 5f48c1207cca391e385f5696c009b13d9dfc3e33
SHA256 2a6dba3bdedbbcc18e421d736a9bc59e2f35a02b6230e885894b5c3b2ec96591
SHA512 440a9940874e9ac9493c5c8d164d3635d26e5d38748f409fa158507542398555ea1684602b7a32af0f78a016a7fcd0c2e358d3830e393390695e5446723dc9bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 491453ebb0e0c486e6765518b2508e53
SHA1 027f6b38286e39194d60fc9098e4648b3d372804
SHA256 0509ae16f62dd2a4288db8374cd34368673e77ff83c92ec170d1ff484b3d713f
SHA512 ddfc0ebedba7628099c1c5f222276e8def82a0d56f5e2901affdbfc00c2dc2cbd75da23212555ce391666ad4e4e05aa1aa40ab059755559f70fce59dafc6e342

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1a3f82721d65aa64290aa6c4a820d02a
SHA1 8fd3b961cf7c9c29f0447c26201824469fea04bd
SHA256 521a8749682d23f821840b425232d0217084cbc6ce5fd8cfb38ba78d4a2a99ef
SHA512 4cb388c78ab0b9cf4770d2f64e07dedb9072e9900e3b00c109f0a71134c4d1bcd573aa5db36a924b1bed9079e816b973ffb65b1a347e1c6c81453cedfa7c04c0