Analysis Overview
Threat Level: Known bad
The file https://vo.la/PIreNL was found to be: Known bad.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Browser Information Discovery
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-13 17:20
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-13 17:20
Reported
2024-12-13 17:40
Platform
win11-20241007-en
Max time kernel
1197s
Max time network
1199s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2410826464-2353372766-2364966905-1000\{18018A57-DF4F-478E-BDEA-FA622B610FC6} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://vo.la/PIreNL
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff963ff3cb8,0x7ff963ff3cc8,0x7ff963ff3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5560 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5756 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6152 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6260 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6488 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1212 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,1590192119715100786,5897322172711154792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | vo.la | udp |
| KR | 49.247.197.182:443 | vo.la | tcp |
| KR | 49.247.197.182:443 | vo.la | tcp |
| DE | 5.252.33.158:443 | inju.cc | tcp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 2.18.190.79:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.79:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.79:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.79:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.79:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.79:443 | css.rbxcdn.com | tcp |
| NL | 18.239.18.72:443 | static.rbxcdn.com | tcp |
| NL | 18.239.18.72:443 | static.rbxcdn.com | tcp |
| DE | 5.252.33.158:443 | inju.cc | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| NL | 18.239.83.27:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 27.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.39.65.18.in-addr.arpa | udp |
| GB | 2.18.190.79:443 | css.rbxcdn.com | tcp |
| GB | 128.116.119.3:443 | roblox.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | lms.roblox.com | tcp |
| DE | 5.252.33.158:443 | inju.cc | tcp |
| GB | 128.116.119.4:443 | lms.roblox.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| US | 13.107.246.64:443 | devtools.azureedge.net | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| GB | 2.18.27.89:443 | www.bing.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| DE | 5.252.33.158:80 | inju.cc | tcp |
| DE | 5.252.33.158:80 | inju.cc | tcp |
| US | 162.159.133.234:443 | discord.gg | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.22.144.104:443 | css.rbxcdn.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1fc959921446fa3ab5813f75ca4d0235 |
| SHA1 | 0aeef3ba7ba2aa1f725fca09432d384b06995e2a |
| SHA256 | 1b1e89d3b2f3da84cc8494d07cf0babc472c426ccb1c4ae13398243360c9d02c |
| SHA512 | 899d1e1b0feece25ac97527daddcaaeb069cb428532477849eba43a627502c590261f2c26fef31e4e20efd3d7eb0815336a784c4d2888e05afcf5477af872b06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e9a2c784e6d797d91d4b8612e14d51bd |
| SHA1 | 25e2b07c396ee82e4404af09424f747fc05f04c2 |
| SHA256 | 18ddbb93c981d8006071f9d26924ce3357cad212cbb65f48812d4a474c197ce6 |
| SHA512 | fc35688ae3cd448ed6b2069d39ce1219612c54f5bb0dd7b707c9e6f39450fe9fb1338cf5bd0b82a45207fac2fbab1e0eae77e5c9e6488371390eab45f76a5df1 |
\??\pipe\LOCAL\crashpad_4160_ZRIPZDNLAOYTYSBT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2c1ad495a0ca3e13ba28015b35b27658 |
| SHA1 | 62a168a435f8452e1fa19d7d9a0612adf28ead6a |
| SHA256 | c2a90345d7fd83c7651ee063956e04f1930f344a53b664cc1531aa792912fed9 |
| SHA512 | 45d68cd0e5cb0feb0c139fd09a5b5b1089ae905ea7a06cfdc296bed822275796ad340a87006c72ee9f2e05aaa278d83f8fe81670bd2ea4bce7b33fb75ca7ac50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 20967ba3642d4434ec1e7dc3359ff053 |
| SHA1 | 8b8f83aee10cdea069eb63f572330ec82237111b |
| SHA256 | 9c6700fe0b53f0fa0cf59961f93278b0901d97734c02ed71f6f88ac4b5e3a9be |
| SHA512 | 1e7e413c085cefbceb898b2b55ede3501d470240e9416e6212b885e86064c7123675e75ecc5948574990bc72865d880c10555f2d260211ceee095cf5aed83049 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7af64f6811c03c3c26c67800c67b1674 |
| SHA1 | e0dd19ac00e5564cb70ff2e0aae272122bcd010b |
| SHA256 | 286aad48148a303183ba01ced5eb3d366198356b08cb6b57c4ed78ff73b865d8 |
| SHA512 | a311a026ba6e1331ce30a44b67cb506f6c22cc3caedcd9b928f0782d450d2b4f0428841657609ceaf0a0b9c79a2e3bc8521f320e14ae00e4c4243721aaf58748 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ef90762657dd7083cf5326ef1b8c8bdb |
| SHA1 | 027589aaf79d54d2e87b1fe8734d73494d0a35a5 |
| SHA256 | ea54ccc74028c7d8ce7a2029ac6976709b9c8b7ebf6258649af91070489208b4 |
| SHA512 | ce4916798e86050f201fbd352b39773d16c3845c5ea5f1e2a256b4e7f406de0ae895eef2df1b7cb289cfc79fee575609ff01741c26174dd97361c5c51cf33119 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0c06528fc1093e1b68cc634dc01ab717 |
| SHA1 | b582029c0dd40f57dcc5942a82e10f8e672e310b |
| SHA256 | 8d97951d9b6e5b7c8712fb3be54ae315d1893ef91f18668bfd283188fd6692e8 |
| SHA512 | c148e79b15aea4fb987c286a82d95bac2b615a3cb5ca92d1345fddc465507d5ffcb8fb5b53523100afcca1a3052a87976910fcac516796e4abe32eedd9eba12c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57eee4.TMP
| MD5 | ac40338c6d78ad472df272fb6459ac19 |
| SHA1 | 57de500c9723f593f682e2ecfae43cadde73a296 |
| SHA256 | 5572e9b16348ab6be9fe9eeb4b5979eba58a1fa7d6b0b233e95cd22e5c73cbe4 |
| SHA512 | 6668778ba9effc4a583f94c278c38ebfb969298ec8185d88dc0faeb0065e9fdea04753b8f5652dcca61741cd65ce0c23e41fcc63ccecfaa52531d233d42218e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 456cfb9a2b68978ae78d1f05236274f5 |
| SHA1 | 11d6e7bee0016cc352e4a5b4ad3e6e5e61501679 |
| SHA256 | 735544375feb580ba008a4415fb40f6c5e53b1dd14bc9c8b6ca53ed526ad5e0e |
| SHA512 | b8d583ef2376221e3dc8fa87975032c024a5945a082eecdbe935610b745ec3194cad4d30d98127ca76a6dae0ffcaee27dfcdc2a37e68856b591bb0c4d4ec983e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b95248ef88212f666b3e03ad60adf1d5 |
| SHA1 | ff6e26575f2b62bd14ef23e35603623d39c4d76b |
| SHA256 | c849accce6ce64a90092112dd120da60d829a96a169fe1075d1cad2858f7e64e |
| SHA512 | c40a061e2c143e9489a47bc7c5a21873d647b54285a429266c339ce0a330e8b085be52de5d158eed30dd9442314685db5fe1a810a68fc21d5e9e2c230c2e5bf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 96617f52330c9e4a36b1426fb9ceaa1c |
| SHA1 | 8c72dbffc4c598b4a7e5ae59d70864629bcf304e |
| SHA256 | 14d374c61d746371304becbb08ffda725359c153f57e70e587ea10ce7fdee199 |
| SHA512 | 4fefff2bebbf09e7132ef00db255707152645cc3f88a7d5a433891f903f089a2e0ca8c2ef8814dd3caf70d71265bb4ac434e5aae451fc02123e1e78ffb077086 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5bcc5f05ef4d34b79b780632d94a37c8 |
| SHA1 | fa6d629189f830e74c1c30d5a0e6585921aff4ff |
| SHA256 | 2e6cb93b340b82ead9f9bd349c1632100c02bd3f6babe0d902e185e56f9ea429 |
| SHA512 | 0b9663612cf7b4353e3991d50f12eda0a27db2d69c8adc1adefeefbb2285f97325b5c8c24b23b2aec15165e763224cb8dc49449f5336bfb161aecaca58262116 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1aafa85b30533b19c3fdd7802965511e |
| SHA1 | 33b421e01dd52850b9c1c20a4078ff98e80b8b3a |
| SHA256 | 797eefa6939571b1d249d65cd18119697e9589e89f81dc6857b7e553264782f9 |
| SHA512 | e5d57ed61f7811b4c3199cbb2339f842d07e27f6f809c34bf5beb3d7ab3c303e9be9c9ccaf305c7d8d4175ed7d10e0f0b52ac680293955a8072cfe04ce6cab62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\23a08160-d419-41cd-a615-ee7aa74a741d.tmp
| MD5 | 0e2026cff3be106a6e97476fbda87c53 |
| SHA1 | 7835938a463d858c5749567022e4a3ed39e675e2 |
| SHA256 | 93a93312010bed5b9c5344fdedfafb2a5bdb150421fc42dad413205c08a4606d |
| SHA512 | ccb416dc464a41ea9e67fa7fecbca2a4b887db50ae82955e644c1272dbce810bdb898698f486427ff26a9595a37a1f8c20fc6d90022e090adabb0f993d11889b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aa75200b72215b2a17950e4748f91d7b |
| SHA1 | c31eddeeb853e0c5602bd09734fc2bc06519461c |
| SHA256 | 195c2f8b4ab7d8a12200593bdda173d1239d2e15e0c581c64561464d5ecbe28d |
| SHA512 | b02b3a7a8a1951185800ef5e49dd5ff71b32b1848e3a0da600fdaded05fb87309418c79bf24b77486a9b9e7e790c169cdfaa0a1e914da29882581436131f1e74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6228f9e79653b9b5ab283631e9a7dc46 |
| SHA1 | 7fb306bfa18f58221bfd1246d82c4c645c27fe80 |
| SHA256 | e4df0e1fd793b2c0687c94baf0c6691602c1660c9968bdfbe29f7392deec5682 |
| SHA512 | c8f98c675d63688d254ebc75f3ebd6e223cb85d05fffebde7cb817c7a55c5bed714a3c807b24ff1c3f9930e6809da8aabee41b249d024b4cd3ba6d9f67c6171b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ce847f3bbdcce29eaafba9e61d2a3fb0 |
| SHA1 | 973d835ee80494a316f333b990831cb10b751217 |
| SHA256 | e2795c5f10c5ad560fcc1eca3114560f3701d58b19697a499d0a79b6ad270ed5 |
| SHA512 | b068c5062853593c05f709f2128997254954601c7f45ad93ebe6d77467ab6501b885da037ed7fde143503d47d4904cd96dd9e225306549210f0c483f940f67de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a363682bc02cf2f6b8d41b60438ba5fe |
| SHA1 | 6d20f7f7fb4d737615863e6cdd74010af470de64 |
| SHA256 | a541375e24984d511ae611e8afb12022d12ea686af1f149f3a1c36abf5504ce1 |
| SHA512 | cc22150152cfe163ac35a2cd204b6deddbdb148dd53346855f09b0dffa936fe7ab7563ff445738cdf97ed26c3e76644fb8b41e90f6fd3e8724121c29a4287b2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a782ca3256b1db6468ebbc1379b27711 |
| SHA1 | 132abdca8fcb185981b5df5ad93c7f42fb688e76 |
| SHA256 | 9cdb45785a938bd3bb752c6d4e935b366b73e6170cc70f3e9c2c00739fb3e710 |
| SHA512 | 43e448d44af79a20652e0dc37d84737376e932d2b660c867843dcbcb479fc4832b1b722706732bdca3cb95c1bb0f215c1678965209ef5dc7a0fd5ace4a0f93d1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 7cd3e7a5bee9a6cd4877c62f9adda17a |
| SHA1 | cb704b27b4c2cad668334f33c583b885d54717e8 |
| SHA256 | 52e621d4c5881f1b8548ac50e02c1295be5dba060b5f7c313f94bdcb451285e6 |
| SHA512 | f64573ac0dc888aa3e040df636f59efaa693a4392463cf48d28ac77bd8ad81f2f3a36531228bf66344640903fe0f001f076c28d07ee8ba9ebbd877f9cf4279cd |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | b5a87eba01676ce5657d8211a83396e5 |
| SHA1 | 9665e11a26c5b55baf505caea7cd64d492443793 |
| SHA256 | 61ce79bd59b3b6e6b5235c19c10afa14a39675296815977d61ca2a1d7204e5e2 |
| SHA512 | fb5cc242925fc78da222fcb21536a352d29e1f4e376385b4345e3f5ff69323c938173534bae10c6755b2978c7a8060d82db4cdaf47ff8357c859365673a70c92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 194bc59f102246b4a8e2051b1a7ce0d8 |
| SHA1 | 274b0332cc1eb534ecd036ba7efaf5bb8872f3b3 |
| SHA256 | 63d78982f691d0967cc4ef4a405b3a05ceef764186997b75d841c162aa8c45c6 |
| SHA512 | f59cbdaeaf0b0d2ed17531a5e224750651d1edc16557103be65c5de488d5464d3836edd9f09e237d93a4460202619c8a7a9938604a00a0dcd3cb64aa0eaf6d7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059
| MD5 | befd9c0fdfa3d8a645d5f95717ed6420 |
| SHA1 | c8b43436ab1659f32cc05625389f63e8047f90a8 |
| SHA256 | 94e5c823e72e71cc20f4bfa29b0434f2260040965d9d066c0e7cb5dc99ffd6c3 |
| SHA512 | 4d0b790db4323558a9eccadd1df116883b7044e0f7e4dfe120c2c98814e55ceb1bf4cde14e0f6af38541ef723571db0cdf35a2b3ee398af2d3031a9928df1d1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a
| MD5 | d4fe31e6a2aebc06b8d6e558c9141119 |
| SHA1 | bcdc4f0b431d4c8065a83bb736c56ff6494d0091 |
| SHA256 | c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec |
| SHA512 | 1cbe7641b8930163ed3ea348f573cad438b646ed64d60c1923e5b8664c3de9c2c21ba97994ec8d886f489e4d090772b010de72a1167547fb4f6a2d242d46aec1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 73d61b81e3dee2a7622944104ae36e62 |
| SHA1 | 049f244d43238d6ba2cf822769c85676fdea2e8d |
| SHA256 | c5171def893b5088873c382ece69dfe52a24ae761cb2d821f568347ecedfca69 |
| SHA512 | 393128dc517c4e2efb48a7485e872f429e592d15dd3d1a353d887b4a96a13bb9f787f5b15f3ae646512890f80017424770e4290e9cba47808bafc5b5edc263b0 |