Analysis Overview
Threat Level: Known bad
The file https://urly.fi/3FTi was found to be: Known bad.
Malicious Activity Summary
Browser Information Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-26 05:32
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-26 05:32
Reported
2024-11-26 05:32
Platform
win11-20241007-en
Max time kernel
25s
Max time network
29s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://urly.fi/3FTi
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd0de53cb8,0x7ffd0de53cc8,0x7ffd0de53cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1912 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5888 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,2689878139420711704,18375647124545698519,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | urly.fi | udp |
| US | 172.67.137.55:443 | urly.fi | tcp |
| US | 172.67.137.55:443 | urly.fi | tcp |
| RU | 185.17.0.44:443 | api.inju.cc | tcp |
| US | 8.8.8.8:53 | inju.cc | udp |
| RU | 185.17.0.44:443 | inju.cc | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.209:443 | static.rbxcdn.com | tcp |
| GB | 88.221.135.209:443 | static.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | roblox.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 81.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| DE | 128.116.123.4:443 | metrics.roblox.com | tcp |
| DE | 128.116.123.4:443 | metrics.roblox.com | tcp |
| RU | 185.17.0.44:443 | inju.cc | tcp |
| RU | 185.17.0.44:443 | inju.cc | tcp |
| RU | 185.17.0.44:443 | inju.cc | tcp |
| RU | 185.17.0.44:443 | inju.cc | tcp |
| RU | 185.17.0.44:443 | inju.cc | tcp |
| GB | 216.58.213.14:443 | www.youtube-nocookie.com | tcp |
| GB | 216.58.213.14:443 | www.youtube-nocookie.com | udp |
| GB | 142.250.180.14:443 | www.youtube-nocookie.com | tcp |
| GB | 142.250.180.14:443 | www.youtube-nocookie.com | udp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| GB | 142.250.187.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 142.250.200.33:443 | yt3.ggpht.com | tcp |
| GB | 142.250.187.234:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.206:443 | www.youtube-nocookie.com | tcp |
| GB | 142.250.187.206:443 | www.youtube-nocookie.com | tcp |
| GB | 142.250.187.206:443 | www.youtube-nocookie.com | tcp |
| GB | 142.250.187.206:443 | www.youtube-nocookie.com | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c03d23a8155753f5a936bd7195e475bc |
| SHA1 | cdf47f410a3ec000e84be83a3216b54331679d63 |
| SHA256 | 6f5f7996d9b0e131dc2fec84859b7a8597c11a67dd41bdb5a5ef21a46e1ae0ca |
| SHA512 | 6ea9a631b454d7e795ec6161e08dbe388699012dbbc9c8cfdf73175a0ecd51204d45cf28a6f1706c8d5f1780666d95e46e4bc27752da9a9d289304f1d97c2f41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3d68c7edc2a288ee58e6629398bb9f7c |
| SHA1 | 6c1909dea9321c55cae38b8f16bd9d67822e2e51 |
| SHA256 | dfd733ed3cf4fb59f2041f82fdf676973783ffa75b9acca095609c7d4f73587b |
| SHA512 | 0eda66a07ec4cdb46b0f27d6c8cc157415d803af610b7430adac19547e121f380b9c6a2840f90fe49eaea9b48fa16079d93833c2bcf4b85e3c401d90d464ad2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 50b98812de7044e514a4d01355d7de13 |
| SHA1 | f5bea1046f6ec4580a86f5b11e4bfeaed5982cca |
| SHA256 | ad3d3666bd90dca14763e915e7abf5d1eaefaec6daa8e911d7868b7adeebc3df |
| SHA512 | 22d5f73797be3bc30aa74f828e6fd5ee50d8248565ec34a2b9efeeae2b259dd141ed6b336d0ef3b77e71aa82f5d8568fe260ab5453321cef5e120b3df2b3780a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt
| MD5 | 343859b4ad03856a60d076c8cd8f22c3 |
| SHA1 | 7954a27de3329b4c5eefd4bdcb8450823881aad6 |
| SHA256 | 8c79b653c087618aa7395d5e75198da7d3b04c08654c39e56b1027f9ef269c2f |
| SHA512 | 58014a4e7f2b4b0d446fae3570196b8fb95d0d1b70bdab0dd34a74d6c62cd8d7ca494a486f19c1a829988a3af83a08d401f18d1769ce1799a02ee09807234254 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt~RFe577714.TMP
| MD5 | 7d831d65bc7608437922d9a6de643191 |
| SHA1 | b012b2ad825c5af6aa528373821596ec5bbc04d9 |
| SHA256 | 9c7d5e3853a7a0323c8fff5ffc917b5fb9c17b64757e6cdc8848f0a1898b385b |
| SHA512 | 112d06c22226636ff07ba7e3823c6d2d57b26447d3f1340bad551b5edcf3e2f1b7245b9263f7e4f439b7d11c247fcc10ddaa00994b4d2637d571225883965724 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | db75f535f45726b3ac4cb7aababd0917 |
| SHA1 | f5acd9ece5787b8bd9880253574914cebc19eafc |
| SHA256 | 3c03a8fced9b3d96ca1db76975c933760c71e39c88388aeefb5a6358f66311eb |
| SHA512 | 1f9ceb548298836993a3801ad16b7de408b8808154f46b01b4d4574adf1d3c9e70b1ae6d63c59e68d91c1c1734ce6a86c8d47543a20a77158d10867534c315cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | af1c3a50abce74fcf41f6deca2454f8c |
| SHA1 | 64e81bc1e53bf3b08db4024d98a13b4b07cf654e |
| SHA256 | 0ea7b5c199b12cd96acca692dbab5e2506aa5b2a10234e0136bacaa7a508ed3e |
| SHA512 | 658ac10829581ae211cd42b2eef3c690df1544b2b5347edea7fc415ed3ab82723268c802fdfde72aec1775aa5456e120ac00fb5e830275b6c491dbed28c82ad2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b66f.TMP
| MD5 | d2add824783f92ee635862930db100a7 |
| SHA1 | c4aa3f6d3377209441c8608f5716538c98a5246c |
| SHA256 | 3d198ecf6a332b513164545303bab90533f4624110a891d296dfeea56bed1fc0 |
| SHA512 | 1272d047e6f56a4cd5ae81e6af20102962c783be44d8dbdaaa14314254b582f439d513489a586690894580112de798dea5eaa25967bb9c0e95655b16eb2aa31d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3c6efc9054b8f19a14dd495da4203d70 |
| SHA1 | 20bd552fddbed7c1304abed54c71a97a060579fd |
| SHA256 | fc6000291ca209d177210404aaf3fe7aee3d1482877d2a7c7b654773ce75f529 |
| SHA512 | 2f79b6e4730f17692bba3844aa4cea8184bf499f30264a29ae948fe924c573d0a499668ae42782e4dabeeb8563457db84f1050260f4c6901b9620b62d244f400 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3a73786e05aa78e3bbf6ad2c25e8ace8 |
| SHA1 | 99b246b231d83961b7d13ef87d2de99998669e8d |
| SHA256 | 3ba32e4e8b5413b8cd16bcf97c617d86b018c739eb8487ae0010ea10fc5f8522 |
| SHA512 | f3390ff40f9f84b404b1de87e9d293fe352f85445c75a3518671f6da59bb073805a2292b32024b416f291650db40525f9fefc78ff631e860532d2ebef50bc1a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aa60a410f9a822cb60b1acb1ecaeb2e4 |
| SHA1 | 1d779cf25563dacc7fc1a4e659b7cb21da78b8af |
| SHA256 | b1a4dcdc68b940c962c073080041964e96d05c64fa4fc84601a54209c3ba2d1b |
| SHA512 | add064a39c4b5dfaed1be967b1b5e2c9ec68957372cd60d54a62c4079a5182407500db5ee2a9e0910791ab54d47d8cfe5820636c9c51d65d15345fd0c6ab4c7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 529ecb9f3725ddcdf463a6fa059a4de4 |
| SHA1 | 45316ddde821f2c7d74467b611a97520cfa97d1d |
| SHA256 | 6d49e51428b983bc0532344c2fb4cb1e28c837b040e8e841266229ba9c1cab39 |
| SHA512 | d42c61ab399f883e5f794f8eace2697f912e7b9039bc4d0b3f9e9625d52f032db98aef6f8a346fea047c11a17272daa3cc5094a29b4b904a7fda62263f4dc08c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7fa8c698baf8d353b8ccd512771ae5f5 |
| SHA1 | 668c6460de3e1488d1d5dd05f52f76e5a9195e7d |
| SHA256 | cf49058809a379dd0d4f83495f7722dafa3d5c7a5d308e9e8a1fb2627ea2f901 |
| SHA512 | bde96637b575d7fcc7b619ce41ec4136baf4ef28123ad90ea2d74914b1cc8c4fc467394971bb58333d8d1a2358a51191be27323d47ade1754b9c8e7a98d23306 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c509b2420029ecfa3de7418c30cecb5e |
| SHA1 | d9ea9439cf2324b67d5ac54a7aa2d133c2ebc9de |
| SHA256 | 31447f602062fb5674688b448f513697267f17398cdfd5963700b0a9618d5389 |
| SHA512 | 7b270cf794a42c404036eef30b9bcd2f983322d35c613e679e2a36f6a1cba7a5304e78e3838e226064a24c05f7aabeb246ab06493310691beb83c099919d88db |