Analysis Overview
Threat Level: Known bad
The file https://www.r.oblox.com.kg/users/322389417039/profile was found to be: Known bad.
Malicious Activity Summary
Browser Information Discovery
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-10 20:24
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-10 20:24
Reported
2024-12-10 20:26
Platform
win10v2004-20241007-en
Max time kernel
78s
Max time network
84s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.r.oblox.com.kg/users/322389417039/profile
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff877f846f8,0x7ff877f84708,0x7ff877f84718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8414509886189134999,2049724653114383708,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 100.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.r.oblox.com.kg | udp |
| DE | 5.252.33.158:443 | www.r.oblox.com.kg | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.33.252.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | inju.cc | udp |
| DE | 18.66.112.18:443 | css.rbxcdn.com | tcp |
| DE | 18.66.112.18:443 | css.rbxcdn.com | tcp |
| DE | 18.66.112.18:443 | css.rbxcdn.com | tcp |
| DE | 18.66.112.18:443 | css.rbxcdn.com | tcp |
| DE | 18.66.112.18:443 | css.rbxcdn.com | tcp |
| DE | 18.66.112.18:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.70:443 | static.rbxcdn.com | tcp |
| GB | 2.18.190.70:443 | static.rbxcdn.com | tcp |
| DE | 5.252.33.158:443 | inju.cc | tcp |
| GB | 2.19.252.132:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.132:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.132:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.132:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.132:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.132:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| DE | 18.66.147.28:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 70.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.112.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.147.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| GB | 128.116.119.4:443 | roblox.com | tcp |
| DE | 18.66.112.18:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 8.8.8.8:53 | t4.rbxcdn.com | udp |
| US | 8.8.8.8:53 | t3.rbxcdn.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| DE | 5.252.33.158:443 | inju.cc | tcp |
| US | 8.8.8.8:53 | 117.66.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| GB | 2.20.12.94:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.94:443 | tr.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.75:443 | images.rbxcdn.com | tcp |
| DE | 13.35.58.126:443 | t4.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | 94.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.58.35.13.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| DE | 18.245.60.52:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 52.60.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.130.81.91.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ba6ef346187b40694d493da98d5da979 |
| SHA1 | 643c15bec043f8673943885199bb06cd1652ee37 |
| SHA256 | d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73 |
| SHA512 | 2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c |
\??\pipe\LOCAL\crashpad_4800_VENLZMFJWBDSKIGA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b8880802fc2bb880a7a869faa01315b0 |
| SHA1 | 51d1a3fa2c272f094515675d82150bfce08ee8d3 |
| SHA256 | 467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812 |
| SHA512 | e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c788c7b517939d0c4af948aca6ea7f42 |
| SHA1 | 67b0dd314d1d6dba9096fdfa0a8560edf059a075 |
| SHA256 | 4dc8983e62cba3f4c2ed4452c43497085ed4464cef60880bdceb20665bb510d8 |
| SHA512 | ffff808df49a5417b039012add5fb367e4573956070e75bf2c558f7a01f5b9c4d7b4377bf252fe0a965f57088b74a44351814fabcf19bfb9814cf83ff672f6ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dd3486f1d6d21fba7ff7400c72c7d58b |
| SHA1 | 7fde5a00f0b6e9ae7f4ef09de207ec1d0e234404 |
| SHA256 | 4fabcccab71e7e3c1364d4221997e7e9427b27a6b622a1436328bedcc6e3c374 |
| SHA512 | f641fe762fe59cbad9cfc50020671188e242b912ce2bbc59145b806c0334e224cb3c0edd7823954950d06017ed56f8669fd34a394e7213a1bb7e403f33c2ae26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\dfffe551-d553-4791-a6c4-c9861a6356fa.tmp
| MD5 | 08060db616e7433dfdab468abf70490b |
| SHA1 | e22310b5d3a9918947d3afcb168c1a16b4ee9160 |
| SHA256 | 308c9c02e7a838d88648700b2210212e96aefaacc70fa1de565ab085484dd367 |
| SHA512 | 2fe5276bce9fed8c46b2c2dcb2b0c69c419cd4bcf4dcb34256956cac2620f1bec05b55e4974d932dba718de193fae0a14d3bc6f818c49196919d9f2177c8bd88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cb5e.TMP
| MD5 | beb639cf94c949b37cd0c64f6825e630 |
| SHA1 | 88422c7e2b05323d6a3bd6fedc4953bf815ecc2d |
| SHA256 | b00d1e26281a570f98f320906ee453fb71160fadb6a07419cd6eb3474a4511ba |
| SHA512 | 838a1f875501217ef5c0edf95d6c065e5266eb6d03805aee69bc1871317f60c506806fe8c826a2ba14278d92d6e2b9e09593e3f9db413422c13150454153f263 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c8c4d7afad3ab21a85a518326e75b1ca |
| SHA1 | e7449096ef762d08579d9b5f2a7274ca0b04113e |
| SHA256 | d72fc4832a107503bb44b674734a95a623768ab4969c884ebd47f92dbd5906c8 |
| SHA512 | d4f54d95589af9e876e6bb9c5f16317798a0ddb4dd5dc099b9efe739534293027574124659aa36cca1186c21cdedcd61f0dbdfabdc3bfadcc2b6b9ebfe92b8e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 259834d276ff9c298e14542e8e8a2cb9 |
| SHA1 | 4dd3fac34e322b80c6169f9bbcd350b5a8871e2c |
| SHA256 | a0e731ebd2e054ed7761483ace223a0cbf89b07a330479ff49763e14cf03f196 |
| SHA512 | 422b486c15b05f4021b931a946113a2c214640e89e6a4a06f48d813085142eebbe62e053c548c50b5066ae95859f987d3d755f82842ebfc17aacf37c8202ddb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 28d6deba0823880f8331bd4695469645 |
| SHA1 | a9fb38e13eddaed233b777f4db8efb4762c215a2 |
| SHA256 | 2897ce935bf259f030e1c67dc25840da8793d4b58bc5fc8d5450525490d62590 |
| SHA512 | 05261445ce6c11d1cf49716c0a2c6c2abbc930af4b7c817d36afa7819446f7e40f740a31b8e9734a5f68a0b140f2424db8779f27bae349a429002bdb30c79e7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | e4b0d20f483b4c24ecffd4678479e3ae |
| SHA1 | f0f3175f2c92922d123eac1e3a4c5bc8f6091b49 |
| SHA256 | ab25f94f51f31d69f3a7ff1959eafe9ddf3fad8e983fa216c91795bae573e13a |
| SHA512 | 54dda1d96956961788768dd0d5cb0ef9f660898b3b4fd1f6c02d5b092fe3629cb38f478e5e2fa5b074963616e63a235593a2de9e3fb420b502b40ded7430a715 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 700db95cfa2fcac3be6b694fecd627cf |
| SHA1 | a2a1223671a8bb5c88f330a481587235930a4ced |
| SHA256 | 2914ec7a29ee658022d985263799842db3916cec965a0ef2829be1957d33e482 |
| SHA512 | b6b096bc026b0a8ed3c796c4ed3a6fb73995065ad6a7013bba8b61426ff1fd69c275cb96de6fad0ed26175ebefd5f7d220538403c4c6b13e5d06c0e65d1991c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 0184869286788eacac1ba69396519d49 |
| SHA1 | 0c5f414d628c549f94ad3a74b0afcb60e5dbedd1 |
| SHA256 | f696dbf8cecfefca50ea3fa5cf29f5ba98c37e723bbcd5c6381269e08be54e0f |
| SHA512 | b6bb6bec302cb11e978fb40be6ed3ad6ec18afbf3bc4e81aa5aa078c841bc323542b7a4c83037c7eeef8245c29e27d0143528f071d33acf5346ccef4fd5f38df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 7fd069146ea79b16633bc8b45f90482a |
| SHA1 | 98dfafac54f6f5db51e3baea698208833ed1b642 |
| SHA256 | a746ba588555b584fe98e42ac1a2dfbb92c2831b54c263f51fe91d124b9214d7 |
| SHA512 | c31822f497ebb35a5da455e77965f16a83e2007215ae88e64bc21019d8d45fff4671ab4300d9cf518bd2b652d071cc582fdfb99b4807c75e2022755e6c60a06c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 86fe63fc0e7a1438f6e28c33fe5064dc |
| SHA1 | 8e2536f901bdf219649c2ef9fd4915b2778a877b |
| SHA256 | d70dec47837e50799c46d9b8925767d32f65adda04ec015be6af92bd4caffec4 |
| SHA512 | 99f6f8abf56e3b620dfb9e961a71897c050e7f6b3d3b20801e5b7209a6f0afde2de637f26e4baf5d869aab99e99f1b872b19017954155fba0340f8ec771bb03a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 6915ed0a3c7d14bcb1ebd9b02cc179c0 |
| SHA1 | 391c45e87cbeabbfa660d126b8b357ce3e88821b |
| SHA256 | 0d0df9558a11e84ec622a0d8a5914c0e5af6e2048e9fd3d827c6fc0bbede7450 |
| SHA512 | 8badf6729803b5be4f8ca63b773c26e5eb44befa3cd78705381fc9079ae3e07d18a19efb04a80c8e34197ae1c4aad02828375618a14da866b6bd680759b4bbbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 6fd1421c547715cb7b78ca67104bfb78 |
| SHA1 | cc7f1d6761d9c7256745ef7586ad53e3183f0e2f |
| SHA256 | 57b9a684f743cf229723c1a5e9936d930cf48c3b5056c16c09cdd71ee6fe803d |
| SHA512 | f64899cf62a1696adbf62f597f69c3a1ddd62319071f9a87076977b9f6c80992b333223a07cc1645a2fd578306e30abae12e18afc41cd582ee9717ebcb423a69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 15a2f0d9497bdefec193f1951b076696 |
| SHA1 | b673c0729fa90d589261edd38bcaa74439297cdf |
| SHA256 | aad6b6bb918d96aa219dcb54ff8a8a9587a9abbe51b4ee131fdb1a82f028745b |
| SHA512 | 36cb398ffe146e46e57ba37a2ac92d03476ac0b0368c64ce0102ac3b9d6a484d5e4200c136db9e04f25b327641299457b8f9d140aba6bef6a9fdc04313415e42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | e1f6e032096b2924e561c3928b9dc73d |
| SHA1 | f33a3bb1b04f04ed1b93b13d21b6b3ce529690ad |
| SHA256 | fa802b853572d8a40ee939940d0cd9562ea8f5954c0522b0777e01fcb546c3c8 |
| SHA512 | b13f6e1f984d28c5f4cfc4ae2298b321c314892cab1e5ccd6f1f61ec98d8c1a39669078c88ba541c91648963abc6e16e0a1cdb4e9449b4be16927e9bad8d0f37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | d4b76b742347035e0313d5a517938642 |
| SHA1 | a96b03de782f4135e6989b935022e1849c1f49ba |
| SHA256 | ca877e4461a5d3d6e0878bbd7f0e8673979acb15bbf59d5c27096b78b4490e3e |
| SHA512 | c6de439bcb529b86633b6d3df41c2376d44cacb491584ce4be72259dd9d742940b01ab45343794b72111a0d48241d24520b90d850c6bb341cc184c9ed88c7e98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | cc7ad65e0558327d8fbe8ade40ab94e8 |
| SHA1 | 6c153e9bf971f196db25cb2cb3b62f77f0a1299a |
| SHA256 | 956e1fd407995ff1ecca3bf42ca0d01086edc7eb6a965e1d9d4a48f197a8bd30 |
| SHA512 | 0af63a7bb1151ef7564472b90ddd766857e3fd78973195817aa751d97093558688733876114ea7341063c7f1bc01f90aba1016980ce2c009a0cc399f40614377 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | f550dad3dbfb045a5d3b91aaeca0b384 |
| SHA1 | ae0700d295166c471d2e3640134d7bcfb183bbcb |
| SHA256 | a2d804e54d655a53053419498366fcc7e4a9e485fcc872795b22b31c6b889720 |
| SHA512 | 1eeab46bbd2eaadd75ba18fa3d74f9ba0555082588e7dfca77425adf6716d9553b669250af5cb2948cd4d4a5a4453866834f018709941da5aa67214c0f6b8b95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | 2115b6b1b215c8ad565149054dec8b80 |
| SHA1 | 36efbccc554f9a8ab99ce47c469bd2632f5fed97 |
| SHA256 | b6c3af46c0937a5536e6042de7a2f73d0a467b540e8c2f822e7d951d0707883b |
| SHA512 | 93b6416ea3ece70ec93e747f85b1548d425aa9dc92c4b6053b69e7e472f6a637a5bfd9ba3e30d33b21469e09c75754d1709789fe607ec84e417fedd5ee9163ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | 31923cbaa38a167d83e542d092988cf0 |
| SHA1 | cad1e5fc907a16565ad809ae155a1510598a322d |
| SHA256 | 9cb8398ca06946845efba82e74b30ee29c2ceeb34877ff67186e01e41611e270 |
| SHA512 | 4706e5cd2ec2ca6c3946035ad54fc99cd3f9c62cefc09d79bb180116fe89fef6686873739624d57c5b0a1ee6f0ffb0f4cd6c746fe92fb9dfab7d6fb8802a2862 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 2f4c4483d3f4a087d5a26b0180688607 |
| SHA1 | 6f616df9d2f7feb4d7ae7e623265318f5f44aabc |
| SHA256 | d65eb75c2f3cb2b808687bb9667615029ba71a52d6261cc922a239a7df8a8d28 |
| SHA512 | 25ee93d819b12b7e8c8649a115b40fe7c70afe0884c51868db9223458f13fcd22acd46406d7a023f950862b41593957d2a435e120db0e4b81d6baedcbdfa6bec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 4ced8626f9780b9a5e6d9a3a6b0bf879 |
| SHA1 | 0f5748bf6f834ebff891ff1991a6a4bce2d856b3 |
| SHA256 | bca48aa06fd698b8be08eebf2ce6b4c70f0297bb7197588e7cd8613a0a56bfc3 |
| SHA512 | 6311b907dba1cb1432a790a96fb806de7adeb467426bcc6fda494ddf74f407f0cec7d209e86e34e99dc83e6cd69f0cc59bd52661ce470f99358d685e804e9956 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 5fa54cc7bd54a3730775a199fc221e42 |
| SHA1 | 09ac79d5156344ef5f6e533b4a23d05ec434eb83 |
| SHA256 | 67527b8f186d6633fff48843dc2e9bd75bb07f227f7d0d940f7c996b0a3c256f |
| SHA512 | 81e4e73ab35cd1eddb5a777849d74ecf368b8850a3299430f22df30d653760be17d7503d6c89284da3ec20daa50fd363b80ffe2475f78950a404dbf4d320cd14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | efd99f6b50b61e6bc88ab81db271f5dc |
| SHA1 | 13a91d8c6aae48306779d950cd3da773bac54a04 |
| SHA256 | 3eb3416904e2d4354a4760874b015d4b7ad0f4f231889eb2e80a7c2ba79c22b9 |
| SHA512 | 3532987383c85b0cb80ada4314a3fd155cfb78d23470aa7ea43c40342d48982bb8b3824b65c05fe496662e433ce65598cc902cc9e51d6a32802709683221e160 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | cf32003b2a71b7f09b15e9ad77a42d40 |
| SHA1 | dd13a04a430ae36e5947a503abf60c24f17d31a1 |
| SHA256 | 9442cba9804cbfce11010881cda395e6df369f778358e50536bc183c926370d7 |
| SHA512 | 6007af3fe5be0f250b877d18351510f82fe40458033c7342e26aa4ab8fa75f728881b2b872e1bf1a6aca7810151523bb53bf9609f87d414390b45c32c0e66542 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | f1cad4800853bba09a023250de102801 |
| SHA1 | 76e1a6ae10ac4db2a3e4e8bf6b7edd692c4537f6 |
| SHA256 | e73ceb9052ea848498daacd8a9fff37846cce47324b38df12e9dcf0bf25d2e3b |
| SHA512 | 4e869ccea434e71f03ab513b3aa6212da3326cb9625c467b782df48367cbf5c69fb8a073d68180877cfde2510dbe74670046b897125b55f013fe595bb7d3595f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | b715a5dd019d1b8771a3031ff85c972b |
| SHA1 | 5768744eb85d3137d094458e4b7842c1c5c526cd |
| SHA256 | e9ca7a8587bb3674824a28a8a80836e3483dc3bbe97c658bf7c984c5b424920a |
| SHA512 | 22e09e48a13ced3a3cd95a5f40b5e9ccbbad8abbd0d6af7dd4e411d63c662b09f1ad2453909a6c7a0d0ce34f250f2fbf0d7f076dced281f133ab7f21d2008d1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 90a60dcaa6dfc56895963fc7b5e4f2cd |
| SHA1 | 49a70895833201bcc62678285c2713d18042341f |
| SHA256 | 9fedef2b72b7d24af64ab2808e16a2f542c4fee55eaa92da867feab1670f4f98 |
| SHA512 | a909c0151c878e803305cd24fb7b7d60a8be130d8bf55024473808715e2a326a6b8ae1c57c70251c02af7543a2ae66a5d1be6ff0d79f45e993f420275d2ddff3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a8fc36e9262bc23f459c08359aaefea3 |
| SHA1 | 8edcecaed01a52a0ad8479947f7d1241b6fd76d1 |
| SHA256 | 31fa20c62eb72ec7964a66aeb628ecc686b37ce1a5e3b8fef149340c5b77e143 |
| SHA512 | 5b1fe8913a5aa1345d3f1dd91d504aaa572955d038f84125aa31efdd7fba6017a2ec848f8655adc433e34caf70aa79df85ec066026350a828e95412a53a3e88d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | df304fad7fc358ea8521843d06d9ed80 |
| SHA1 | 1efa78068abde7e9924362b4a918de96a4066389 |
| SHA256 | 365be0ed01ff12ab786f857861ccd5f38de468f80cfa42b4f1b940a8382bc23b |
| SHA512 | 0cafdf336f10ccddddf90f2008e6f4185b6b37653b7945928bd20e2149a870a6397f0e676710b8608bb1d51a3a86f95619a3596f0ac8f1f1d60c20f33faf2648 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5cd930f9be1b822931aa9694e1c024c2 |
| SHA1 | 1f657ebe00b4c22493bc636b8e68ad7bd37b88d3 |
| SHA256 | 6e3480d0dace390b0847a8164788858c44cb4765aa621ae5ecabd98a708a0bb0 |
| SHA512 | e0aa4b42e492555583cd1143286f31ba618fb72322d9c6fdf4b5223d0eabd2fb79de3470e0a8ed32072678a7cd90e1403606a6eb664e4c99843125e40d22c81e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2c83771b11aee3520337eaab25b4c295 |
| SHA1 | 2a6b05b27e04f27442b1f8082e749e3da9526683 |
| SHA256 | d6c0df839b9834852ed21233bbc7b0fb34d3a8bdfe35ddd77fffb69d86b71b92 |
| SHA512 | bf974decbc1f1885081ae84d8c17d2e1e6853eb300516b7401c4e74b2b3070c903bd48a8efe1af5c48bb57d4d472acf6daf557de7fd2b5807d209c768d7fd39a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3d58965f4d9cf7a79109161e3f61ad0f |
| SHA1 | 5c7ec78e29cc36d79411d6ae60c239a51fbfac62 |
| SHA256 | 52c2a4ba0ee80cf60f4aa45fc6fc4f727d1f371bc68aaff1ae48f2179cd6a835 |
| SHA512 | 44b01e2441cdba24f218bc9d95b6bc5aaea00751a642aac0dc5558b4b5ee5783d82cc96c4ee10722c5eb4b28417fe6b5fecbffe2c71446841e213067191ad438 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6ac639bf9051290f38942579ea2440af |
| SHA1 | 2c2e3bd9cde6184d126ab97ee02d4091e2d9f0c4 |
| SHA256 | a47bef0d3e38cfbd3f3ecf9926c58c41c1a2ea95ef03bbd75672219a20249f0c |
| SHA512 | dda771d3ba11ccd7597639fe2acde345e8e0ea6da2f1cf9e104ee29965d46f6740a5cf3abcc55ae1229f372d3ee9eeadfa3ab578766ed3ff8ac60aa260260f4d |