Analysis Overview
Threat Level: Known bad
The file http://is.gd/BA2V8N was found to be: Known bad.
Malicious Activity Summary
Drops file in Program Files directory
Browser Information Discovery
Suspicious use of SendNotifyMessage
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-18 18:13
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-18 18:13
Reported
2024-12-18 18:17
Platform
win10ltsc2021-20241211-en
Max time kernel
202s
Max time network
208s
Command Line
Signatures
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241218181425.pma | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\209035d0-6638-4eb1-8db0-4d4cca510495.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1798060429-1844192857-3165087720-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1798060429-1844192857-3165087720-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1798060429-1844192857-3165087720-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1798060429-1844192857-3165087720-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1798060429-1844192857-3165087720-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1798060429-1844192857-3165087720-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1798060429-1844192857-3165087720-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1798060429-1844192857-3165087720-1000\{214A8D5A-FE74-4659-8AA2-6C39BFBB8070} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://is.gd/BA2V8N
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffd382046f8,0x7ffd38204708,0x7ffd38204718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6684 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6684 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x25c,0x260,0x264,0x238,0x268,0x7ff643a85460,0x7ff643a85470,0x7ff643a85480
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=2756 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6052 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6128 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6076 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,15280468347746091880,15970375014529922091,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1864 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | is.gd | udp |
| US | 172.67.83.132:80 | is.gd | tcp |
| US | 172.67.83.132:80 | is.gd | tcp |
| US | 172.67.83.132:443 | is.gd | tcp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.83.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | shorturl.kg | udp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| US | 104.21.53.241:443 | shorturl.kg | tcp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | roblox.ls | udp |
| RU | 185.71.66.140:443 | roblox.ls | tcp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.53.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.204.76.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.66.71.185.in-addr.arpa | udp |
| RU | 185.71.66.140:443 | roblox.ls | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| GB | 88.221.134.25:443 | static.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| NL | 23.76.204.144:443 | css.rbxcdn.com | tcp |
| NL | 23.76.204.144:443 | css.rbxcdn.com | tcp |
| NL | 23.76.204.144:443 | css.rbxcdn.com | tcp |
| NL | 23.76.204.144:443 | css.rbxcdn.com | tcp |
| NL | 23.76.204.144:443 | css.rbxcdn.com | tcp |
| NL | 23.76.204.144:443 | css.rbxcdn.com | tcp |
| FR | 18.155.129.88:443 | roblox-api.arkoselabs.com | tcp |
| NL | 23.76.204.144:443 | css.rbxcdn.com | tcp |
| RU | 185.71.66.140:443 | roblox.ls | tcp |
| RU | 185.71.66.140:443 | roblox.ls | tcp |
| RU | 185.71.66.140:443 | roblox.ls | tcp |
| RU | 185.71.66.140:443 | roblox.ls | tcp |
| FR | 18.155.129.88:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.204.76.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.201.222.52.in-addr.arpa | udp |
| NL | 23.76.204.144:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| GB | 128.116.119.4:443 | roblox.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| US | 8.8.8.8:53 | 168.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.139.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 164.20.217.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| US | 8.8.8.8:53 | cdns.gigya.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| GB | 23.208.255.133:443 | cdns.gigya.com | tcp |
| US | 8.8.8.8:53 | 66.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.255.208.23.in-addr.arpa | udp |
| FR | 172.217.20.164:443 | www.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| FR | 216.58.214.174:443 | google.com | tcp |
| FR | 216.58.214.174:443 | google.com | tcp |
| US | 8.8.8.8:53 | 174.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| RU | 185.71.66.140:443 | roblox.ls | tcp |
| US | 95.101.136.201:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 201.136.101.95.in-addr.arpa | udp |
| RU | 185.71.66.140:443 | roblox.ls | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| RU | 185.71.66.140:443 | roblox.ls | tcp |
| RU | 185.71.66.140:443 | roblox.ls | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 95.101.136.223:443 | r.bing.com | tcp |
| US | 95.101.136.223:443 | r.bing.com | tcp |
| GB | 88.221.135.17:443 | th.bing.com | tcp |
| GB | 88.221.135.17:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 17.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.136.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.23:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | 134.130.81.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| FR | 99.86.91.104:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| FR | 3.164.163.87:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 104.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | arkoselabs.roblox.com | udp |
| FR | 18.245.175.87:443 | arkoselabs.roblox.com | tcp |
| US | 8.8.8.8:53 | 87.175.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.129.81.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 88.221.134.27:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 2.19.252.132:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| US | 8.8.8.8:53 | 27.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | usermoderation.roblox.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | lga2-128-116-32-3.roblox.com | udp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 8.8.8.8:53 | dfw2-128-116-95-3.roblox.com | udp |
| US | 8.8.8.8:53 | lax4-128-116-63-3.roblox.com | udp |
| US | 8.8.8.8:53 | iad4-128-116-102-3.roblox.com | udp |
| US | 8.8.8.8:53 | ord2-128-116-101-3.roblox.com | udp |
| US | 8.8.8.8:53 | lhr2-128-116-119-3.roblox.com | udp |
| US | 8.8.8.8:53 | mia4-128-116-45-3.roblox.com | udp |
| US | 8.8.8.8:53 | syd1-128-116-51-3.roblox.com | udp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| US | 128.116.95.3:443 | dfw2-128-116-95-3.roblox.com | tcp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | lhr2-128-116-119-3.roblox.com | tcp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | 3.32.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.102.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.101.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.45.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.95.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.63.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.139.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.51.116.128.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 95ba0df0c4c417ae5a52c277e5f43b64 |
| SHA1 | 7c3bf3447551678f742cc311cd4cf7b2a99ab3be |
| SHA256 | fdaa82c65558793b81117a66acd5645d4072f6b71f164ed2717a17cab6e727ea |
| SHA512 | fcb35a1949664f218ae40c25fd6eaefc4ba6417034a522f0800c50ee78e530c33080faa73ff9ea82f35749d404d6b9c94fc7e8e224689503e699a5ec2b0d5abb |
\??\pipe\LOCAL\crashpad_1736_NFSSYLBABZKITLGX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b03d78ec6b6f6bfc8ce2f6e81cd88647 |
| SHA1 | 014cb7dc4aa1bc5d2cb4ec25ec58470baf5b6741 |
| SHA256 | 983928a84fcf0791614cc3d17d92d62ffbed0bf0f141d7544d0cc762977a3905 |
| SHA512 | 4699916bdfa5776d72ad2643fad072a7a19783900608290bd1246a19624d61b58a1d80eceb74215b7198aaf04c526fa8703d38f3c5fdcc1add19b87508685ce0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 93c0735ca8c29c5c638745738565ff6d |
| SHA1 | 95d4baefe182daae306c25fcaae6d17a11e29e22 |
| SHA256 | bc314644a03965e7327d5458a0210ed365632de2769b619caeefa9afbb8d81c3 |
| SHA512 | 4fedb69f9fd8a5b0b6e08142f270097d0aa8ddfe19089a85e186c8f8878c73fb19221bc2db4754832df06e199dbfec751e20c408f80b58c5917171557c8f4c25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 0493f44576fd7d9b6216b7387a26543e |
| SHA1 | 47d35c7f2990ec4668ecf1c01e0e5f623153a3f3 |
| SHA256 | 0679b6900e2118e17164159f449fdc1f6bf20c0cc0b056cc9aedfae42a830ca8 |
| SHA512 | a519962ffb281d471bcf63c0bf75bed19d4eeac591cf6bf8565af14dde1d57fe8cabfc05bec52b2087ce8c6f637dbefb438ce22054895dc116b31bffa18e9cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\f9747787-baad-4644-b960-0c661176556b.tmp
| MD5 | 113b5d6568cec861881b836f8367600a |
| SHA1 | a2a5a6e7b3506e098bf92c76303ef7b1242069c8 |
| SHA256 | 8ddfe8670da0e425c942fed3de3fbd050a5ca79f8513c566b30497fd703d2740 |
| SHA512 | 9ede2f0b93748ec8968a04906288b73ca708a1507ad2795ad25509c1c716777a8fb701990f89c75e85f522f8e54611026341e8e95e400da13fee57fd2a56ecb8 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 365b6fc1613bbd9f1f56afbb88ab17ae |
| SHA1 | 98d87c40003c297d222c2f96b4ba4fa59822c913 |
| SHA256 | 991eea187adf98a95dc91b8bc96b90363845f3b03b87981cbb571ec268b76a2a |
| SHA512 | 47b86fd7785b977e65ff7fb89a09fcc38c891f8ba138a58ca9c1fa569680f71f8327161ae88b5127b063b00f01574fb8e58a50cc7bb02211df83b6ad9659273a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 1c414e54fe62745d322166b8ad8ed5db |
| SHA1 | e807a5144baf965dca992fb8c4dd16f36af54fc4 |
| SHA256 | 089f9116bdeaa3120d8cb82ec0fb416f4249c06da4f86ec4e696358836991fbf |
| SHA512 | 7a69e355bafc9322782f5279673dbf90159545c066f053cbf6c40913382fc0175ba3598503b015076d0195e78e5088ea5f0d0062aa7a1417bba4751745a4d375 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5e20cade2131a6954bec71adbea488ee |
| SHA1 | f23522250f31a08083d374e667c9f5f175d7b490 |
| SHA256 | 61b44508f3ec291c6b6d596cc4deb822ff53ff69ed57c210464386c8f55a27fe |
| SHA512 | eff42836b79ea1089a56428f953d59decde957b85a572f767c06a6144b679da999eedc7f33b4dab5a5730ef804cc7f9d3b87450b1c261b5aa2854994c3b56c73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 1cc3bc2b1c52831cc0b972d856888e8c |
| SHA1 | 9ffa8cf55aa29f6cbdd5ec39b1b33938b29e9990 |
| SHA256 | a8f894b23c518e04d94f1bb51343443de8121366171d2f05441283dbb1cfdd2c |
| SHA512 | 85bd6789da57c911f9cc35929ab302829614a4f03b3de30e28ab16558279ed02200a7db802c9bcd6b2e5886ea3c323d6a39eb8c3ee309d8b5702be65dab7c3dd |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 51e90ca37055acfbec478965855f84a7 |
| SHA1 | ed9d8d2ca69c357904a5eebb8b22cdf387b548ed |
| SHA256 | d8613dd06a0c9b8fc455b4e0e015ba65ae27156d832c63f9ba96840ed03f0336 |
| SHA512 | d7a34a717e232945c5efc7526904a5eac1151aac38702ff2ecd561112f7610aeb31ff8cc19af1c570f664c82f18605306d3cda9045f68bc8af520206cd8765be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d4c2620b62f72fef398afb2b72de13cb |
| SHA1 | 75278a2c1a65c54359cecb448c6a3bcadf2e7b9a |
| SHA256 | 74db291a625124805ade6641a4ad079371c274fc4a05b43b39c5b410c45353b6 |
| SHA512 | 37e5f8068d12b5c1f170b957d10a93a1356370073d1022476e7d0574b78b5da4c6f7cabc9ca7108c7363f09fd546ac2d629192b5a5523ab819ddc14d2d169924 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b853.TMP
| MD5 | efbf37b6d9dbf0538d5a5a16ea091f75 |
| SHA1 | 685a09f6b04440292338578cfb03c627f0b52769 |
| SHA256 | 7b56867e27b0f5c741afd7e4d9dfcc950158e3e57d22b8311c678d9de1c5839d |
| SHA512 | 733dc8932db8bb0a21be021ab135bf512e987388842e0204fbc35dd6592a8721c4856522bd8375e814a59ed6035a28c21762002b71f4547c130211d5cafbd807 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c525.TMP
| MD5 | c57179b0f0beb963983cfd2149b12d07 |
| SHA1 | 9d6781cafda8c3cbb5ff8db3cc28811d3652cde3 |
| SHA256 | eb3f937dc9f7150e9d746ebe7d087fd0db919e4b86afe02fc3fbc77a531a391d |
| SHA512 | 8fb1567ec4cec09fe57319c929adf70bb315a8622f7c37b5000062b3fea501d2659924042efb29cd788bb093646bb0e0345368808de0d32c80597d57414cae5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e098514c6aab7791a1ecc51bc6317202 |
| SHA1 | df9372c6a41dbb0005f3387b406b0e7e1ade776d |
| SHA256 | 5e4e6deae536d0c8b035432ee4e5759411ea26364d794277145fa618737bf2bf |
| SHA512 | e7f0b49e4654624d280ec34e4fc3a95d4692467337c2552e456e8cf67cbdbb93a4bf2090a40261610ad7672e65f375e470cc944b8bece166976ba2263bfea28e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8c9d4c90a827d60e0595734c31af8ebb |
| SHA1 | b07ba026888d8097b85e3a2c7f7c68545850b4e7 |
| SHA256 | 3da89c0470e6650caf2f8cec6aa7a749adc7dc2fcca68dd1114dd30201cf6824 |
| SHA512 | e3e3551cac215cf5982b5c66cc9b696b42826fa272a119fa7b11570b02b586dbb142804bf4e2a5dc559ca026976542094d7ba7946732053fffce2ff8d3349a6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d1004c823cc05a53745824c7b059ac2a |
| SHA1 | 5ceefb83f1fd4f233c58f1de08480d88341e105f |
| SHA256 | 203613a562273c340cb136da147b7db5b326be035ed70515955d4f566058abe9 |
| SHA512 | 36c5741c06f5e2908596291b31241068ef77e4db458ff954cef13a49a172a6601a16ac447c26ae39879072c243bf266ce12bc8d441cb740ea657f82d39eb80d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1dfbad894ae92d30d07ff906cde75c3d |
| SHA1 | 0ae5262d5016710ba9b904542413f81fcae38791 |
| SHA256 | 7efbb490f5ae762edcf5a27350d533f15ea52add8b6a395231b8ea55009ec62e |
| SHA512 | 5aa9bb6d50cd30162c14bd652303c1e4be046f2256108c6a099ebdfa0795351a62c622cf91853069ebe65deb9faac85e434333c0d01a19c1a4da6bac446f8242 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d6e1d34ce5e3816069b8e2e0887fb2ff |
| SHA1 | 7967e75887b6dd29d9a5c605f362b810f82e7c7b |
| SHA256 | 4f99387b3ab2e1e95d430b3087c7cc522f07de41803ea30ddd7787f2cac8b35c |
| SHA512 | 779a694bf8186809f48b07d7a1bdafc7ed185332fba7446b71cd30441ab6082023e70daefebab08e7d7e455154a4c50d7ffdab7bb67243d5cb5a1b06f62b86a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | efb3f5132797ad9c0d7df0179ec4ed07 |
| SHA1 | 2d71dece4cfbbed2ee4fe388691cb3781453b626 |
| SHA256 | 7c079c4bff8277eeceaadd96770d25dcdc8c86f2f2010b809e6a534914e704db |
| SHA512 | bed1de6a54997bb224b8e12b2dc762b3c36a311ccae558c77acbd039c634523f0b49cad29bc13519f55ad2603872ef5cb930c7946438886cdb77db48e7092864 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 751bb294cc9881f2f4b82fa96927e2d4 |
| SHA1 | 54aa124424a2e349a426448c944eb95bd4a8643d |
| SHA256 | de3af1e21c5821bdf140ae026624ed8f48ab6d74e4a2d24b80a9e91dcb2637e4 |
| SHA512 | 2eed9391041d2db648279e59e52987213fa471a46c8d9ccdd519b7db9d73fd9c9d22e0c345c849c57b7342764a24e4b10d823b2ba1db6d4a587bdca7dd0e2432 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 32caf4ac865f74b073e5316503c3ebc1 |
| SHA1 | 363af17f356749e8a197deebb4fc2a590110620d |
| SHA256 | 92a2bf5341c84d8521be570fe00d64395577af86cdc105821b60d4463d68a9f9 |
| SHA512 | a5e7c6ebd56843151ec9640c6623329ee23d36f157b46d9d907060a1d2a335f1dfdac61913ba87a8ea101c6f24b8ba59cae71992641b4cc4b4a7ff193d93cb1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe586d5b.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5d4eba20268914ee97dfa413f3a955b8 |
| SHA1 | cc630cf5473761cef595bb4bcaa7d4db1df064f6 |
| SHA256 | 0c39e3a9d07f5a0e72e9038aa6b560061c76481a1a5344ad2647b09e463da99c |
| SHA512 | ddad2a45b57953500b73695e276b1e0e7cf12e9bffbb20cee4e65f76528bf53c7cd6a2d8f8c0210575200f8153629491d8c4103fbe5aa757fc774edfe9b86afa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 88f0fd8de1337ff110976799d098d5ef |
| SHA1 | 5001bdf7225728ab4c2c240bc0f11599945bce13 |
| SHA256 | f362b1aa3d6d07cdf6bfe6a5bc69de8c44bf7c68aaffa252e2ec04f87fbffb0c |
| SHA512 | 4e573baaa59143e6c0b0aa9ed9f01874a0b2ec10896a4a8dd1c09699350950456e8c69bab20ab71ef501ddb05734d9aa0f3be9d9a8c4def933b28048e0f80ef6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a
| MD5 | 8dff9fa1c024d95a15d60ab639395548 |
| SHA1 | 9a2eb2a8704f481004cfc0e16885a70036d846d0 |
| SHA256 | bf97efc6d7605f65d682f61770fbce0a8bd66b68dac2fb084ec5ce28907fbbdb |
| SHA512 | 23dd9110887b1a9bbdbcc3ae58a9fe0b97b899ad55d9f517ff2386ea7aac481a718be54e6350f8ba29b391cc7b69808c7a7f18931758acce9fbf13b59cee3811 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e
| MD5 | 7fd069146ea79b16633bc8b45f90482a |
| SHA1 | 98dfafac54f6f5db51e3baea698208833ed1b642 |
| SHA256 | a746ba588555b584fe98e42ac1a2dfbb92c2831b54c263f51fe91d124b9214d7 |
| SHA512 | c31822f497ebb35a5da455e77965f16a83e2007215ae88e64bc21019d8d45fff4671ab4300d9cf518bd2b652d071cc582fdfb99b4807c75e2022755e6c60a06c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7deca4a33c887a53d9d46c5473f13f2d |
| SHA1 | b13c255fdb1d266cdfbfa37dd0285b8b6093725a |
| SHA256 | beb98c70e68bb88f46132195bee4f32c19cebd7a2bd57ec134fabbe3cdff6c79 |
| SHA512 | ceaa72b80b29cb31af90a4a7e7e248c66551421bb18269ac3566c21c35c391213938b37af107abb99bf5a43d38e22e8c0feca1cdf9bcb55f26d586eb9b11f3b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ba1abbc9e3e8eb8ab596e9310702a6e0 |
| SHA1 | cc62bd58c89b8bb0a27b78f5679063ea86ba33ae |
| SHA256 | 2725eaf4bc3d2b6cfcedda1308d229a60501b8e300e37536389c98a0db3cf7b7 |
| SHA512 | 4746d5cd63e689c2a64dd2cc188a288382981f6884e7a264b849c014c53440577b2c198f0970b201f2ce5986d3edb3a148785b90ff0bb832758dd5941e8e777a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7ab4b4601dfba2d7d650279b11749e9f |
| SHA1 | 4d4df95ffe9808b20665f7ad0f8f6f4f25c11ac7 |
| SHA256 | 2fa209ae4a81c9f2ebf99a9f890db3214b512121daa39c7178e601ab049b4d98 |
| SHA512 | c119ec792710a6af9fad1b0571f5ff2760f214aa03eac43cca24b6021848997ef4f36fbfbecb04f4de0d36d18a436d4107e255239be03e683e062b93b629b4f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6c822fdb34714ea8263e752eeddb6f8e |
| SHA1 | c0fdf6ff9000e7c81f8a8219c2b029237d3adefb |
| SHA256 | eae7f662d18c3d6742733ec1ae09d1cac33294415d44656dc48b34480e83443b |
| SHA512 | f95345912b8f5ee091170f04fd69a8066a3d0a6a334a81716ad7de69d0654957ad5e719698243d5205192261a9cb5ea1f6f43077687e558fbb6fdf49f0fe207a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 22ffbdf4bb5447733ba123f645718f4e |
| SHA1 | 535b4ba4e16ccbe076de631981aa7f9e3ba850da |
| SHA256 | 2a218dc01de6eb89bce89b70647bc803e1959f41a1753fb5056b71a44ed00bae |
| SHA512 | 32c7a3ee8112b31e477bc21edea356cff4c12a7fe855d80c9b0b93895e0c253c643880e4a5a6e94a6fba565602c3bcecb947cdd4f991ebe28acbf1ce0021df4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 766c1e8a90fc92334ee424e8e99b840b |
| SHA1 | 4359887a0dddfe6d82ad49eacebcb0fcb1574d99 |
| SHA256 | d29d4990e1ccde7f9d470eda8998ac7f9c96b21d700333c06fc6045d984ee3a8 |
| SHA512 | a06f4c5f6c1ce76270ee575a7fb7a7c05d0169311ede30b433c3cdaa844d5bcbd090aa68dd750164767f45386ccec10d22fb77254ee6554e142695bdca2485a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6fd1faffdf9030bc41a6d2621fb9ca5a |
| SHA1 | 765742c415c487ad8d3bcec688b7b9b436ea6fe3 |
| SHA256 | 9ff927f3bcd17f3e21b506dc34c6be3a8d5ad61deb72ef58eb9766e7baa4ca8e |
| SHA512 | f679e3594af3fab55a6302acb118d5d0cf5a78fdb7ff2ab7b1fe49c503dab1ab6143ec436d05889315e25514a1ef93c0ff716604da254984e38cae98125c48d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8080f9e6a23d3621c2caf4f4ae409aae |
| SHA1 | 7904584ff606bccc26ef7214e8e6f550b43a3a46 |
| SHA256 | 17a6f1de4425241ca0460c95e820a72b3c8aa05ac539749f8d7fec9842dac6b4 |
| SHA512 | c392180212c54595616794c89aa05c12a435396444006cfb79e99a3eca8f15443bfd42652fdfe8c7e9211c0776ed7e460f162308782bc33b52c58da653f9dd4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bda918df4146b40931e5f14d1d0a0402 |
| SHA1 | 2f87672e34b8de66f81bf38aaf9a751c97be092b |
| SHA256 | dd47d6fda24238dc951f2d63971d0eed8eb8d60ab309b1b3e6819bdc89be5777 |
| SHA512 | 54593172c63820b934d9d071550a738e4ff359b7e789c585e02587a8e56ef8e799cdbdb17423765e03ea63bdec714081aa0a4bfcccaf0498092834c8fa9696ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d99438f2ad491c425a008ec00070442c |
| SHA1 | 455936604993a720a5e27f36ced141bb9b6a58ea |
| SHA256 | b106659b2daeb73263f5f658b82cf6c860a9fd429736d84c356439b2525a024e |
| SHA512 | a98d59f8126c3940d230f1ed6522287326927533d63293707137fcb3e4e370cc0adac622475b5ad53e062866f64a6f9b7d796b34367b8b7f7e15ed123c13e7c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f81531f75ae0010cf4187229761a48b2 |
| SHA1 | 55cf44dba2d7760da167995030c13400b4a4bb9c |
| SHA256 | 86b01669796162371b4b96b5b11585211fbc40123573021292321e5ae0020504 |
| SHA512 | 3cb7190a4c87f13c8b4240453042725465d34f8d3a90d7416d4e44fa1aa6d227e925f66c57aff4ab5fc760526fde26d1616a4b7ce4a1e88e2e2f7eac6ea533bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5702bfa09b0f1e0838cbe2b6cc432657 |
| SHA1 | 1a037d325851f7ad758d6e0d2a356ef36afdb778 |
| SHA256 | 788ce4af407985a5dc93bd138b9c7347649e82c0c1d71596ea4c36df15fdddef |
| SHA512 | 86f929af9f5368a8482e49737f6eee2e634f0c12377a0f437bd204d0fa34f9a07270420ebf3bfdffc2d1438669fc6e1d28e16d4aee8cb1ee8978374eafa67d34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048
| MD5 | 70f6a1e1f287ec962c89fb8e4ed38bce |
| SHA1 | 65fc137952b567815f00e45e5c1bf7e1de661b72 |
| SHA256 | 1b455a005fd6d5dc5d8239834e08a68437761ad748ae521df0504c7b2f134907 |
| SHA512 | bc21c6d2a568b410d1ebf9d3c7313c06dc7106d0dad4cb2dce050c6de6775fd0cd5183a71b8e3c6cd4dc7d1cf2fdef34e790bebef50b5419ac5ca6eb9abb4820 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d9c328c503ac37726576879645e04dd5 |
| SHA1 | 836ebe94bf317a2d565f33c083381c2a46a21c30 |
| SHA256 | 4ad55f6e00e42c925360b9bd371ff729129f6ed6b4b84b1c4b168fb31991b6f1 |
| SHA512 | 3dd5cfcb211bc5f90c0035a2f4d0fff2384cd175cf7b8d2a0c777a488a062d1d0d5ea4510bad789f80674f05275ea6eecfa6b13742ed5ed9604b8efba9f371ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5bf018d4bb08bc8c7047fe3db1422aca |
| SHA1 | 8ff27082062cdfb857934a19a5f6e11f3c16dabb |
| SHA256 | 00e8c4c81c53f12a19c97ad652adad15ffeab80926dc9a79c1b082856e1365fd |
| SHA512 | d8ba37c5bbf84cc2d5e62744fc3ee56839750007a418ff1b833e763c21b32867c68fddf40f2c48a025d586b52742406e95f0f575f67cb35fcd6f02855793252f |