Analysis Overview
Threat Level: Known bad
The file https://robux.center/ was found to be: Known bad.
Malicious Activity Summary
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-13 17:48
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-13 17:48
Reported
2024-12-13 17:50
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
148s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://robux.center/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xd8,0x110,0x7ffad17946f8,0x7ffad1794708,0x7ffad1794718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5148 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5148 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1940,18176820364417816771,4704612762344318940,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6288 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | robux.center | udp |
| GB | 109.203.102.247:443 | robux.center | tcp |
| GB | 109.203.102.247:443 | robux.center | tcp |
| GB | 109.203.102.247:443 | robux.center | tcp |
| GB | 109.203.102.247:443 | robux.center | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | d16w9e5gvnj8jg.cloudfront.net | udp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| NL | 18.239.47.93:443 | d16w9e5gvnj8jg.cloudfront.net | tcp |
| GB | 109.203.102.247:443 | robux.center | tcp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.102.203.109.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.47.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d13uyjvmsvkesh.cloudfront.net | udp |
| NL | 18.239.63.201:443 | d13uyjvmsvkesh.cloudfront.net | tcp |
| NL | 18.239.63.201:443 | d13uyjvmsvkesh.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 83.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.63.239.18.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 2.20.12.94:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 94.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d39fkvblvwpxa1.cloudfront.net | udp |
| NL | 18.239.63.43:443 | d39fkvblvwpxa1.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d266key948fg17.cloudfront.net | udp |
| NL | 18.239.102.124:443 | d266key948fg17.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 170.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.63.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.102.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.130.81.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | app.cloudtrks.com | udp |
| NL | 18.239.63.43:443 | d39fkvblvwpxa1.cloudfront.net | tcp |
| NL | 35.204.100.195:443 | app.cloudtrks.com | tcp |
| NL | 35.204.100.195:443 | app.cloudtrks.com | tcp |
| US | 8.8.8.8:53 | t.afftrackr.com | udp |
| US | 44.212.154.81:443 | t.afftrackr.com | tcp |
| US | 8.8.8.8:53 | 195.100.204.35.in-addr.arpa | udp |
| US | 44.212.154.81:443 | t.afftrackr.com | tcp |
| US | 8.8.8.8:53 | nationalconsumerscenter.co.uk | udp |
| US | 104.18.20.83:443 | nationalconsumerscenter.co.uk | tcp |
| US | 8.8.8.8:53 | 81.154.212.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.cdn925.com | udp |
| US | 104.16.247.135:443 | www.cdn925.com | tcp |
| US | 104.16.247.135:443 | www.cdn925.com | tcp |
| US | 8.8.8.8:53 | www.clicken.us | udp |
| US | 104.16.242.248:443 | www.clicken.us | tcp |
| US | 8.8.8.8:53 | fqtag.com | udp |
| US | 35.190.72.161:443 | fqtag.com | tcp |
| US | 8.8.8.8:53 | cdn.fqtag.com | udp |
| US | 35.190.36.172:443 | cdn.fqtag.com | tcp |
| US | 8.8.8.8:53 | 135.247.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.242.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.36.190.35.in-addr.arpa | udp |
| US | 35.190.72.161:443 | fqtag.com | udp |
| US | 8.8.8.8:53 | stun.2talk.com | udp |
| US | 8.8.8.8:53 | stun.botonakis.com | udp |
| US | 8.8.8.8:53 | stun.counterpath.com | udp |
| US | 8.8.8.8:53 | stun.budgetphone.nl | udp |
| US | 8.8.8.8:53 | stun.gradwell.com | udp |
| US | 8.8.8.8:53 | stun.nas.net | udp |
| US | 8.8.8.8:53 | stun.jumblo.com | udp |
| US | 8.8.8.8:53 | stun.node4.co.uk | udp |
| US | 8.8.8.8:53 | stun.veoh.com | udp |
| US | 8.8.8.8:53 | stun.voip.aebc.com | udp |
| US | 8.8.8.8:53 | stun.voipzoom.com | udp |
| US | 8.8.8.8:53 | stun.voxox.com | udp |
| US | 8.8.8.8:53 | stun.wwdl.net | udp |
| US | 216.93.246.18:3478 | stun.counterpath.com | udp |
| CA | 216.145.109.98:3478 | stun.nas.net | udp |
| DE | 77.72.169.210:3478 | stun.voipzoom.com | udp |
| US | 69.167.127.106:3478 | stun.veoh.com | udp |
| CA | 66.51.128.11:3478 | stun.voip.aebc.com | udp |
| US | 70.85.220.74:3478 | stun.wwdl.net | udp |
| US | 8.8.8.8:53 | 18.246.93.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.109.145.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.169.72.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.128.51.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.127.167.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.220.85.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aux.fqtag.com | udp |
| US | 35.190.13.203:443 | aux.fqtag.com | tcp |
| US | 44.212.154.81:443 | t.afftrackr.com | tcp |
| US | 8.8.8.8:53 | 203.13.190.35.in-addr.arpa | udp |
| US | 35.190.13.203:443 | aux.fqtag.com | udp |
| US | 35.190.72.161:443 | fqtag.com | udp |
| US | 216.93.246.18:3478 | stun.counterpath.com | udp |
| DE | 77.72.169.210:3478 | stun.voipzoom.com | udp |
| CA | 216.145.109.98:3478 | stun.nas.net | udp |
| US | 69.167.127.106:3478 | stun.veoh.com | udp |
| CA | 66.51.128.11:3478 | stun.voip.aebc.com | udp |
| US | 70.85.220.74:3478 | stun.wwdl.net | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 61cef8e38cd95bf003f5fdd1dc37dae1 |
| SHA1 | 11f2f79ecb349344c143eea9a0fed41891a3467f |
| SHA256 | ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e |
| SHA512 | 6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d |
\??\pipe\LOCAL\crashpad_3480_LVYQWRNNNISAQWXD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0a9dc42e4013fc47438e96d24beb8eff |
| SHA1 | 806ab26d7eae031a58484188a7eb1adab06457fc |
| SHA256 | 58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151 |
| SHA512 | 868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | acd93fc262b39b92fdd00b814119ad8b |
| SHA1 | eb16ffc8d5c000068e14a83f0786df71c340b623 |
| SHA256 | 1b0f016971857d81388f3989be3a9cb4093d03c9bfbb19118e631bbfba33b715 |
| SHA512 | b0871843ceab35b2dda7e9b3bc321e32d305302b9e9a1ea81e8dad2c04eaa57b2071242602dcc955b8ed9831fcc8cb2f1c78a9b8583044470f648813151d474a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a5bb2c795f97e3477f2ad3789f7c9dc5 |
| SHA1 | 2484efadd1c5bfc14b8c66dafb25e3348a0c3c6a |
| SHA256 | b6b6de4ea9f83938ca4a7fccdf48b437fa6ce8e4e800e05412ba8eb691fbc7ce |
| SHA512 | 47b244a23e467a49dc1c170c1ee4cf6b82a9c44f94e09bc4960a741121d7c9f23dab427672e2b81d2fba7d1b25d092cd8f7ba9ca9e2f0ee6a132ac701067d256 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bada3b439d07ff939d9abea0c52be824 |
| SHA1 | ad1ac43731321a6397168dfa754e501400ee0460 |
| SHA256 | 2095e44b7ee7318bb268e2f2f99f43b1b10075f58e8ac43cfae167176a968bab |
| SHA512 | b4f2a4608ad3384a2ce18af5bbe1275620448534fb9a93a987c323df58f52be45cfa288022e29d654c034c18b7ec6fb40377b76b1e38d03aef772c2be4aa5a53 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a5b434c920188c99c7f9dea2f0f7381c |
| SHA1 | 26c505a1bf2d396f91ead34de6c5cc2906ea460f |
| SHA256 | 58ca0ef173de5f87063efb0d19d764bedc1cb4b9507974135d01c5faa8942d9e |
| SHA512 | c340294e8f0372363aa218a32cb8daa8b56f671a94363e0ca8e69393015f2e126a8d2911621f81fdcec30400b38285bf675cfa9a17d70e99971a2d2fb0e0021a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 466878705556bebbea7df26dc0a74d8b |
| SHA1 | 8b8ed3cb67748c8b1cb4a733f9533551b9357472 |
| SHA256 | 2d41aeef0d6cf65fda511c8996d899520a4615c1f9a6deeaf69279eb47eb9c4e |
| SHA512 | a46923df978e099aeaa8fb8dafc08b691fe7e896aba670fa22397c4caead31ba23c8af294a130133e48d0eeed0a5c1905d9b31fe50969e9b6dc0e76f1c5e5c50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5821ac.TMP
| MD5 | 4ebc0dda2ad761dfc896ac673b7887a7 |
| SHA1 | ea07e13c875d54c73522f617ade5c72d2e82e57c |
| SHA256 | 5882b7a4091d4b6aad751452ebef7a724668fe5d43fa4f61bcb514e67aff2dfc |
| SHA512 | ca0858b83ca873ca2b145a9587c079191a32f9ce4cd936707702fe9a5e2bedf4694bf432125933effe496df859705af65d7c1330e1624019debdb0c178a0c686 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fed1495a092363bcdb028344e7fece45 |
| SHA1 | 23d9886fdb5ddbae0370f6f180b0bf05c4b956f0 |
| SHA256 | b85555e2ec18c9483a8edeee4ae304e378d9886335677cfe6cc92596bd022182 |
| SHA512 | b15aa9152fef263b9ea6748a3d266c9dd32e6a722ba97576102560c8f9b997b646a0c353e5f72003bb7d78d91cf796d958649a55ed451f392c8424bbafb085da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0b9c5a97-2aae-425e-b38a-de3f1fc60fb9.tmp
| MD5 | 6adcdc78931f2bc4c6c0c4f2465a4eb0 |
| SHA1 | 34c9affb16f0f5f65dd2e7dd258454ff0647bda9 |
| SHA256 | 22057e60a369ecb5111daa920c306ba64843d3773f0cd93d56239d1750ce49aa |
| SHA512 | a6f6530321315a5555d15e166f37a3040f353ac68602ed52e231b57001f1db46e87cd5f27855643a46fa7731cd8c9b954428a063466d724f7bffa4255eb8842b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e09511569966c5099d6d73619f1a3f6b |
| SHA1 | 0a140e323afabed777f60695de66872b5623166f |
| SHA256 | 56053b9fcfb10e03ba51be36415a85938d89666712cade939bdc7f388047fe19 |
| SHA512 | 85c6a4fea728cc39ea44e9bb700f5af9af1f776c18a8df9862d98d1ab008aa5323f9401c4488c67976c1d4dc8692bcc790bf3216780be1f981b8535712fcc741 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2d7bd3ad97404c066138b5d84b8f78b8 |
| SHA1 | bd2cc97f0c3b00732d43140a162f05ba7495d2c3 |
| SHA256 | 96d5efa8e5e2b0bc52f1bdb8934052c50b2a4aa06e7a25a1dab8beecfe6f6239 |
| SHA512 | dcffad111ed98f2c3204d1ce5fe3dded84f819523ecef92d893d035ba20a9db86440ddfd3a3a6499b23aefef392aa939bbaa45284dcb1d2a1ed564e82c30079f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | be4ec9b15d62d903d9bfd307db12a0a5 |
| SHA1 | 73274a200894e4c11963106dc55688e164845ac0 |
| SHA256 | b583308a5f95d7148854e65960454770c9e83e1496ef858f2fae49bbb54a0c90 |
| SHA512 | 85a35a1ed463c40365c088b2a239810975a45ee24b6301915136e90fd4b46d16368c1c6194920fca6e7f7cea47e3094212497e9b6519d0f1fc0700339301655c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a5d8daa1e9518c80a574d5e43b6f1d9e |
| SHA1 | 2b266e9262a466109bf0faa166d9d1cf0e8384ac |
| SHA256 | 35929f519433ffcf0122793b41e306db797ea2b957af956ed819976693290e05 |
| SHA512 | 78cf24a96547c8480fd2e84aefc91c6372cb2c68a24af3346b8d044f033ed71d214009326974a0e572a26cd9462048373bca023401533f37bea1dc25bf87c858 |