Analysis Overview
Threat Level: Known bad
The file https://sharedocumentfile.vercel.app/#[email protected] was found to be: Known bad.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: sk-btn-investment-still@2x_2024-07-03-002923.png
Looks up external IP address via web service
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-06 05:05
Signatures
A potential corporate email address has been identified in the URL: [email protected]
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-06 05:05
Reported
2024-12-06 05:08
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
148s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: sk-btn-investment-still@2x_2024-07-03-002923.png
A potential corporate email address has been identified in the URL: [email protected]
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://sharedocumentfile.vercel.app/#[email protected]
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9b5c46f8,0x7ffa9b5c4708,0x7ffa9b5c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,1995579719596568473,10878647321929502155,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5380 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | sharedocumentfile.vercel.app | udp |
| US | 64.29.17.65:443 | sharedocumentfile.vercel.app | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.17.29.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.49.80.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | kit.fontawesome.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| GB | 142.250.187.202:443 | ajax.googleapis.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 172.64.147.188:443 | kit.fontawesome.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.11.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 8.8.8.8:53 | ka-f.fontawesome.com | udp |
| US | 8.8.8.8:53 | logo.clearbit.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| FR | 3.165.113.129:443 | logo.clearbit.com | tcp |
| US | 8.8.8.8:53 | 137.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.147.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.11.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.139.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | image.thum.io | udp |
| US | 34.202.133.228:443 | image.thum.io | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| FR | 3.164.163.127:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 228.133.202.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | api.telegram.org | udp |
| NL | 149.154.167.220:443 | api.telegram.org | tcp |
| US | 8.8.8.8:53 | 81.59.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 220.167.154.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | devtools.azureedge.net | udp |
| US | 13.107.246.64:443 | devtools.azureedge.net | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 34.117.59.81:443 | ipinfo.io | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | www.sk.com | udp |
| KR | 49.50.32.35:80 | www.sk.com | tcp |
| KR | 49.50.32.35:80 | www.sk.com | tcp |
| KR | 49.50.32.35:80 | www.sk.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| KR | 49.50.32.35:443 | www.sk.com | tcp |
| KR | 49.50.32.35:443 | www.sk.com | tcp |
| US | 8.8.8.8:53 | 35.32.50.49.in-addr.arpa | udp |
| KR | 49.50.32.35:443 | www.sk.com | tcp |
| KR | 49.50.32.35:443 | www.sk.com | tcp |
| KR | 49.50.32.35:443 | www.sk.com | tcp |
| KR | 49.50.32.35:443 | www.sk.com | tcp |
| US | 8.8.8.8:53 | eng.sk.com | udp |
| US | 45.55.107.38:443 | eng.sk.com | tcp |
| US | 45.55.107.38:443 | eng.sk.com | tcp |
| US | 8.8.8.8:53 | 38.107.55.45.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 72.204.58.216.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| FR | 18.245.175.102:443 | static.hotjar.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| FR | 18.164.52.73:443 | script.hotjar.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 172.217.169.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 178.38.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.175.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.52.164.18.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.3:443 | www.google.co.uk | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 34d2c4f40f47672ecdf6f66fea242f4a |
| SHA1 | 4bcad62542aeb44cae38a907d8b5a8604115ada2 |
| SHA256 | b214e3affb02a2ea4469a8bbdfa8a179e7cc57cababd83b4bafae9cdbe23fa33 |
| SHA512 | 50fba54ec95d694211a005d0e3e6cf5b5677efa16989cbf854207a1a67e3a139f32b757c6f2ce824a48f621440b93fde60ad1dc790fcec4b76edddd0d92a75d6 |
\??\pipe\LOCAL\crashpad_3240_VPDNLOZWTEMPJJCG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8749e21d9d0a17dac32d5aa2027f7a75 |
| SHA1 | a5d555f8b035c7938a4a864e89218c0402ab7cde |
| SHA256 | 915193bd331ee9ea7c750398a37fbb552b8c5a1d90edec6293688296bda6f304 |
| SHA512 | c645a41180ed01e854f197868283f9b40620dbbc813a1c122f6870db574ebc1c4917da4d320bdfd1cc67f23303a2c6d74e4f36dd9d3ffcfa92d3dfca3b7ca31a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 20cdad49f3df41502780e07450c9b55f |
| SHA1 | 86291e74946afd902b6cb764e2db41e7f2d62cdc |
| SHA256 | a4e9747d0a1bfbffbdeadaf3faa4fdeeeb229a28210a64f4610241585aa04f1e |
| SHA512 | b60cdafe6a8716a52d138ddd12fd953bb67a8bffffcf0befc74261117b81b2e40af6085bdb87ce637ebcb61ff62dce0225e9f556af903721b8d4a5407c41d7d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9709ed0f4c6f6126b1e19562645aa83e |
| SHA1 | b94621903d6e08ba49956b99548389c9a66475cb |
| SHA256 | d2778c5af8556e7b732cc55a17022281078683fb9b3391301c4e6b7e0b78c3f6 |
| SHA512 | 6f57db64ac0dfa452ec03d2c2475795bf1cfdc8ff99960ce9a0116d6018c03da5b978f41d061aba6298c49849dc96b1f2701d0b7542b7d887dd8c97b00203dd6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9677c880c09ec32b4aa1b6ae20bdc5b0 |
| SHA1 | 10670f41964a71ef81739b46fcb6e27703f2d64d |
| SHA256 | adefde2a3fbeb09bcf90738ad5faa6ba94733e1540e836fd88fa79835fae85d2 |
| SHA512 | ee0c8b78893b3de3c9cdd6ba76c2fc01b0ec2679bbade96885368159007df8f21553fa19bd6f286f5fadcc7f21719355fd24df4f961d18f6a3bc6bc0039a0c07 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e1692f9613316340d8cba4c0f0fe58af |
| SHA1 | 878efbcffe3fe310c7313d2ca11bcfc564a4b00b |
| SHA256 | 41e07e58448e3a918e5f1204d8f57b19f554173d7b7d1b1e726b42a46a5eafb7 |
| SHA512 | f67ccdb929d8df80a41b19fcb402b4a80b47d22d453dc25399062542b232fed077af409b62c1ab3fcde95b8ebb3cd98a45625d024dc3fe443ca55807c8a93dd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index
| MD5 | 4b5f089692650dc67d3c059bb3880d99 |
| SHA1 | 5c32417994f6027acc98497476450eb90d6abd8f |
| SHA256 | 07bb345d2ad80bfb27ae8605b456f993e515b548278eb11ac9bad4d1f74e8dfe |
| SHA512 | 12db45c84e7a99c2630cee86a27b5ffe65d1c9e3ab50229ca796f2f47504e5f0425a278a451ae423f3258ddfde669ea6cb5dde97341db8e0f1a690ca5b6da0a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 93334d6ff55c8ce9093c85dc46a5ad69 |
| SHA1 | c0955804fa693b83e4b12da2d7ceb6255803f9ad |
| SHA256 | e414eff2879c3c022cea6abe393d5560d9c5f379786b3fd33da6a0495412f29f |
| SHA512 | 3d1ea678abe24ce91a9efeec2af801d1bf936d8cd3614f185a36e4fef12b0af2663d795412770ddc12fcf72986508a8c03edcefc4084b81b8eeddcdc2a37490b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581fb8.TMP
| MD5 | 898fd7b78c48b44140be040588354fca |
| SHA1 | 16f5d3ba15e3b32ea80dd11e0a468350d7f07acc |
| SHA256 | 0f878ae1c95fd5a4325090956694fa6b76d9a6c936b2f6131e191ff8b0037a80 |
| SHA512 | 5170999fe4e71b0333d6b310bf54846c570dbba987069df55b9dc48c634f5007a64d444e7c9dcfb7bdb2205e9454f1311f8446040916610b8abd9b00dd574405 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 99c71db8b93261eb7b3fd572ea05d45f |
| SHA1 | f39ce5834543848058619fbc6ed3e83bb7e24dfb |
| SHA256 | f5139d7a659964a75b158086a40f7f38e4b60bf598a5064a9b54416c4af90994 |
| SHA512 | 925339320ed2bad412639b7338276b8e1e8cc2dd08c5bb36d90d8eb00d809faddcfb7faac3ae1997dcd53865de5b894bc26a8f263f35cbd98bb3402d326006b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\13c48c98-aeaa-4b90-b36e-4f2933e95035.tmp
| MD5 | c8c3e7d56ea690b48c5d6ddfce980be6 |
| SHA1 | eda714fff3fc6cc60181a749b3686fda11791477 |
| SHA256 | 00dd3db94220a9a2b45992a7c5d75a19a13dae8e9b142695f61ad832f76365c8 |
| SHA512 | 759e8fc5094569bc9632f569c83581e1fd17aeb02458ffb7efabb7066eb223c5518017ad9befd589a0cd22275efd9a6c0ef7d682ac85747ab99dd653a31a39cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bbb3123a190777e78f1df3dbbbc2ee19 |
| SHA1 | 84424334de57eecf3577f750aeddd9083a5290e6 |
| SHA256 | 7d4420596310228fd09da121082bb2aa23bdef249a51d50e4b2a8cb4b0e308a3 |
| SHA512 | 7edb11990343f090efbaa9fb5eaacb68d7894a4447c6df4e043a77b05bb956cb598f67771a19b67a04699838c200893a5b3ea861ef736f955d09276a75dbae2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d2dbd2044d0c2c448676bfc6da488a5a |
| SHA1 | dfe52d9bc96fb8aefc5956cb5ccc9ad98fe38155 |
| SHA256 | 7f8e028eb8aa320d6d7047fefdfca331b428cd2ce75aa379cc79f2ad21bfb15b |
| SHA512 | 6bbaf7617ae08184bb05b93d152cde6e3f03b65cc5127fa04ee142881fa00fba7c2a06fb7eefa58f016ad7066663a764f36627c66d85b0e1d2f51927b15f2a43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0da0de4bb1274eed2e019b886729e36a |
| SHA1 | 58de50a5ecc5d4cf76f760f58028d4ca2376e853 |
| SHA256 | 5638edb3ef904712b33b88aa042f6c39caec718d54ff20af019290cfb6b360da |
| SHA512 | 588e41354f1b08fc480ef771af864f9604eee6ce2d03bd01ca29dfd151eaba642181633809e156c4598c3e799cabc33aa692c5662732bf35ce5257ac599636c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | 0ff7b87a284489f535bfae6188e47f3a |
| SHA1 | 5c36c89bebb6cf895ef53c0e06b24f85a7844a16 |
| SHA256 | eadc44249234510611bbbae03365bded391117b8bffab7822d54063c7767f6bc |
| SHA512 | e2312802a223d13bb32192f00f97f2505e4db04790ae3718e11cb6a5116e118d89764f15deaf3863c168e1595fe1f56f547d23bb541e75e4e4d364386f3829af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | af7130af3b6f011c86c963cf1725290c |
| SHA1 | aea8b75427546dd77fc79a52e957f4ab443faf35 |
| SHA256 | fe7969847bc3024a1188d7a53d5ae3d90def6a19be5497c26baa08fec023343a |
| SHA512 | 9955372b05fa980a7aa095f096c361a4fa10c0875219a97efd66835049eb2eb85e13efb5eb9c9477dc9d1ee435346f39904ceff37fa53e0991a6db9e07a2edcf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a05b8b47fa2fc07819e1665fb980267c |
| SHA1 | 400cd9a021f56e962b49528beef9dd9b3a5af2bd |
| SHA256 | 33baafd14cf5b05ebd56db82d9eaf0a1e3496280d25b20e36392057f4e415bec |
| SHA512 | d7d0a416a8d3025d512771a48cc0e56c8795121a738abb151188de33393519f9397f5a94a3081782bfca35224e1672ad2388d3458186c2695498749f820e35a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7cc48c234cd9ab9a6cd0414f9fc2f015 |
| SHA1 | 684e52c8473d82b8f4066038356ab1c7c676a502 |
| SHA256 | 830dc38d5bd50aec02d16501298ff972edc1a76b51e40eb67d2bf49157765a31 |
| SHA512 | 630669fc4c21da2f3c1cea00048a7b9f4b3a82d1873033f9f5ce9f187da52a7cb07a7815bf2a36958e377b00a4a47402ff378e7b4a3a540a7ae107c4f2afcd85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | e4e45856bf1b2130fca89eb8e99243ae |
| SHA1 | 8e0bc6f7e9605d1441d91324e8422d957b261625 |
| SHA256 | a8694a7dc03ab1ee4c884dc51e7c4c234e5f28b14ce4fab1811412282d95aa9c |
| SHA512 | 6fc6db0b6af3391a150024a3963e2d536a77f810cf28b8606bd85779344784e38e886204302a0e1ed4ea6c68537445bf42d91a0aff0a7c3caf569efdd1bae15f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58d760.TMP
| MD5 | 5bb0b80a32052e727658ce1714ad51e3 |
| SHA1 | 4cdd1450a936d7dd87fa00ed9f312bf1e9b52c03 |
| SHA256 | 54ae2b9bac69d1e85d7518c4c79294d2a71b93a93e99dc9ebb651b84e5ab7aa5 |
| SHA512 | c8ce37053d8a300f3d951f64d4ecea76b34d29be59b6e84206326360d3d0a3f9f84d59af0466784334357c9b934070cbc512b7ed9443877bf4644bc52ae05deb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | e4f0f6ff1890e7fcfb488eb3becbfd5d |
| SHA1 | 27e7d087c1f08f7c0f06bc4b188ff7ab93499ddd |
| SHA256 | f977966f1c683bd33b0de69f62f476f77435b2fdfe8e00acfc87a4cab7fc51b7 |
| SHA512 | 6a48801fdf7a3b40b716aaca91b1bdd08ac80b9c4d9aa1d843ec0f2f6adbb11654c04507e6380277bfaab35e48824136a1c54180afd3255e2fb29ebad6fc6673 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 93e53e9e3fe74cd6a97802e0686a3146 |
| SHA1 | 8b6b3d578ad14d1e08bbb6eb6eecfc5029da2845 |
| SHA256 | 10a7c3fabfbccc4570b77845ce0b7a2c85652ee30b2f36cf2333287960cd651b |
| SHA512 | 580ec8534aa25916f6af74af02e8dfeb37e0b5feeeb0e4fc1ec8ba7a521f1ee1f653f615414c76f29c63b6038cbf81d3e8b3e5a5fcc64d57548cbe018a6e63b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
| MD5 | a68e8bf7bb40720ebd26f4b765d3d42d |
| SHA1 | b7a94f29425ec484898468b84c4b348ec58f5a24 |
| SHA256 | c31cda58fb3a72b0fad90994df65091ad4d899427e58ed89b0a36b8e3e1218e1 |
| SHA512 | 62d6f510d4162bf9290f19d9cbad78a566fae932c8bf66a61406ccd063efc2f5768569d904cf7e7445898d07a01b9c1a8f2e645ee154a32fad9cab9a4d89711d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 055092da9f486b9159ae818211df44bf |
| SHA1 | a34bb4bcfc2c8bdeaddcdccfedd16ccb3ec8c57c |
| SHA256 | 7697ca3f5894c7419868ebd599bb355ca29a0cb5dd5180de9a3c6e65b812b60a |
| SHA512 | 79e745a93af39df2edb4172cbee05d74cdd3f9ae786cdf8990fa2eefc74ee9cf141c055c159def4d666c2d7b28d6d21908cd130b27c373050799d0a3138d24b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8e81d2345ea1e43fd5840327625c03b4 |
| SHA1 | 3e37d7a124c0ffb0a299e226fd4eb42f02fd0db0 |
| SHA256 | c0e8161252845229d2b1c64c79613d6ac1eccdc542819aeca625d28af2e7d8bc |
| SHA512 | f426c70d079fd34fba84463db0df6017687cd60da6ccd19e524d5cf1773ddbc9b9c43e162c42fdf0b0be06a154c2e1f41cdbca697906a62a1785e50ba2a32aa7 |