Analysis Overview
Threat Level: Known bad
The file http://google.com was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Drops file in Program Files directory
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-10 14:00
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-10 14:00
Reported
2025-01-10 14:08
Platform
win10ltsc2021-20241211-en
Max time kernel
427s
Max time network
423s
Command Line
Signatures
Detected google phishing page
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\be29e5bf-fe22-43fd-8123-4460e36ac739.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20250110140108.pma | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffe7fab46f8,0x7ffe7fab4708,0x7ffe7fab4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6128 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x2a4,0x2a8,0x2ac,0x280,0x2b0,0x7ff618785460,0x7ff618785470,0x7ff618785480
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6128 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,9832875792060480733,8584908262456325166,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.180.14:80 | google.com | tcp |
| GB | 142.250.180.14:80 | google.com | tcp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.50.123.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | support.google.com | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 76.27.18.2.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 2.18.27.82:443 | r.bing.com | tcp |
| GB | 2.18.27.82:443 | r.bing.com | tcp |
| FR | 23.192.237.199:443 | th.bing.com | tcp |
| FR | 23.192.237.199:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 82.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.237.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.68:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| GB | 128.116.119.4:80 | www.roblox.com | tcp |
| GB | 128.116.119.4:80 | www.roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| FR | 52.222.201.109:443 | css.rbxcdn.com | tcp |
| FR | 52.222.201.109:443 | css.rbxcdn.com | tcp |
| FR | 52.222.201.109:443 | css.rbxcdn.com | tcp |
| FR | 52.222.201.109:443 | css.rbxcdn.com | tcp |
| FR | 52.222.201.109:443 | css.rbxcdn.com | tcp |
| FR | 52.222.201.109:443 | css.rbxcdn.com | tcp |
| FR | 3.162.38.58:443 | static.rbxcdn.com | tcp |
| FR | 18.244.28.55:443 | js.rbxcdn.com | tcp |
| FR | 18.244.28.55:443 | js.rbxcdn.com | tcp |
| FR | 18.244.28.55:443 | js.rbxcdn.com | tcp |
| FR | 18.244.28.55:443 | js.rbxcdn.com | tcp |
| FR | 18.244.28.55:443 | js.rbxcdn.com | tcp |
| FR | 18.244.28.55:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| FR | 3.164.163.87:80 | crt.rootg2.amazontrust.com | tcp |
| FR | 3.164.163.87:80 | crt.rootg2.amazontrust.com | tcp |
| FR | 3.164.163.87:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | 109.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.38.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | 87.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.201.222.52.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| FR | 52.222.201.109:443 | css.rbxcdn.com | tcp |
| GB | 88.221.134.216:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 216.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.145.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| FR | 23.192.237.199:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | ts3.mm.bing.net | udp |
| US | 150.171.28.10:443 | ts3.mm.bing.net | tcp |
| US | 150.171.28.10:443 | ts3.mm.bing.net | tcp |
| US | 150.171.28.10:443 | ts3.mm.bing.net | tcp |
| US | 8.8.8.8:53 | testfamilysafety.bing.com | udp |
| US | 204.79.197.201:443 | testfamilysafety.bing.com | tcp |
| US | 8.8.8.8:53 | ts2.mm.bing.net | udp |
| US | 8.8.8.8:53 | ts1.mm.bing.net | udp |
| US | 8.8.8.8:53 | ts4.mm.bing.net | udp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fd.api.iris.microsoft.com | udp |
| IE | 20.223.35.26:443 | fd.api.iris.microsoft.com | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.153.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.179.89.13.in-addr.arpa | udp |
| GB | 88.221.135.49:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 49.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 88.221.135.26:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 26.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| FR | 23.192.237.199:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | ts3.mm.bing.net | udp |
| US | 8.8.8.8:53 | ts2.mm.bing.net | udp |
| US | 8.8.8.8:53 | ts4.mm.bing.net | udp |
| US | 8.8.8.8:53 | ts1.mm.bing.net | udp |
| US | 150.171.28.10:443 | ts1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | ts1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | ts1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | ts1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | ts1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | ts1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | ts1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | ts1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | ts1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | ts1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | ts1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | ts3.explicit.bing.net | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 204.79.197.201:443 | ts3.explicit.bing.net | tcp |
| NL | 20.190.160.17:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| GB | 88.221.135.26:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | images.genius.com | udp |
| US | 104.18.23.208:443 | images.genius.com | tcp |
| US | 8.8.8.8:53 | cdn.openart.ai | udp |
| US | 8.8.8.8:53 | townsquare.media | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 104.26.8.245:443 | cdn.openart.ai | tcp |
| FR | 192.229.233.181:443 | townsquare.media | tcp |
| FR | 3.165.133.99:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | artworks.thetvdb.com | udp |
| FR | 18.245.180.68:443 | artworks.thetvdb.com | tcp |
| US | 8.8.8.8:53 | 208.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.233.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.133.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.180.245.18.in-addr.arpa | udp |
| GB | 92.123.128.148:443 | www.bing.com | tcp |
| GB | 92.123.128.148:443 | www.bing.com | tcp |
| GB | 92.123.128.148:443 | www.bing.com | tcp |
| GB | 92.123.128.148:443 | www.bing.com | tcp |
| GB | 92.123.128.148:443 | www.bing.com | tcp |
| GB | 92.123.128.148:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 148.128.123.92.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 90d9cc370060ef5ae526755155220c89 |
| SHA1 | 3d536fcef3ebde92ca496819539288686ba8528e |
| SHA256 | db4df83a39030515b39da7becb9f640e86fe6daec54296ce4fccaf9423c29e27 |
| SHA512 | 5179e5b0093b160b3f67fed92fb4edf97ff7439d970dce46c281cdcbf4589f157f7bcd1d8608cef03cc81258f3c0744f31b95db8c70f162bed255efad48e37b2 |
\??\pipe\LOCAL\crashpad_1828_QOGGROYFIYJSAPCW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6cececea-ed0e-493b-ac16-7f718b88e676.tmp
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 69cd4fbd25488dc00a347c8a390c8652 |
| SHA1 | 22cf04f96e4af55a94c87105201f08cf7ff47aa5 |
| SHA256 | 23ef6c8a50cc68d03460913947c655fb7c62854cca6108e5c85cc472edcdd5cf |
| SHA512 | 02ef1bcd904dcba1f0f035a61593dab52eff317762cebd59261b0d211b0b7f7447814ac5ec6c47481088761a338b6ea00a2865e759565980043b47bc4f60f5bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 2cad20898338fbc7fb993756151e2fe1 |
| SHA1 | 740566d988a46b18920bbb42ff71eb145a931aee |
| SHA256 | 4c2f60eb2a2e891ea30a7eed7813758fb7d3200f5938e7012a22233b26b9dfa6 |
| SHA512 | e1a82109629e89a57d803f1bf0433c07d01a1fcc9db30ca81eff4a415bb4f36dd772bc05272538fc0db97a20f7475f172164fbe3142d507088770a53ec1a0796 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1b215bf836077e64928f9f6c4c47e7cd |
| SHA1 | baa061ca4b3ad05e01175ab40eda63a959ba18e6 |
| SHA256 | d24f320d2989361b0dfcf24c70dfc855ec436084c44d9af85456ef0f9797a61b |
| SHA512 | d3f3e0cf81bd94de82b516837774fd33659fc5cbda553831a7c462fa0abd41ca5df4a5937d371f4080d8809d04c206eee185e10cb7ee58d470d3c3ad8f94a278 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | d79b35ccf8e6af6714eb612714349097 |
| SHA1 | eb3ccc9ed29830df42f3fd129951cb8b791aaf98 |
| SHA256 | c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365 |
| SHA512 | f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 52ad7e59c15520283fda01693077657a |
| SHA1 | ea9da5258e8f3a01ffc0cd61c5fdb163d1a4330d |
| SHA256 | 16dcdf03ea620cf7a77a7fe50b3b6ebed1fb0066e3b5428da1a0f060684c08e3 |
| SHA512 | 8151ede268ae884e53e8be86c87ce4b20cb752a098f290e0757889f71fd250f12bb3f68d5a7811d4abe76b7b1b952b90a6adcf47abfea42f9b0a19c1cad36a1a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9091a295361590e2c14636ef0cce095b |
| SHA1 | 17f326fde05f7cbea2d1cdb0f51f8d35974803e8 |
| SHA256 | b5a9a7b451d093ed6d7bd3036c4c39dca81d1e529cfe3857dc2ce41be6ed7fc3 |
| SHA512 | 54a0aa726d8f7b3311565a3f92fdc50c6347299e0496bd4d0b50c75b4b6e001b6ce2bd28af9997d6dabf2ac1925087b76f7b6257ad136d29f6a6571f85397b83 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 2079a7666ad85557816de3439270d894 |
| SHA1 | ecf297f84bd3407d15bb903190937b5eb01e5d99 |
| SHA256 | b80d7d6d12bd715032c8d0cc77ec0e47eb4cad363c5e16a39a788412203cf9ba |
| SHA512 | 4c9f1fb1cd8111066c25e57b6b0164ed931ed427f2a3666348075c1269f9b666c14a45e81f345f18474b4edd1acbbde849619e1c9abd22d766d7a5f120aa6881 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3d1b8f79a16b8866cfc735c143e2d40c |
| SHA1 | 6c7489c727cef630ede7653e94f4b5d491a28bf0 |
| SHA256 | 3a3f3e75be9f46178b5620d5671399375dcbd17a133f5d9f38924b48be3b2e54 |
| SHA512 | 2a174dc2aa9da7bc28610f8d7ecab3b950294fc1be03fcaf1cd83231497d2f8929f924dc891703a86244e90345ed6b8318164ed0edd2bb2a18a7502919b40aaa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | d8c86e7d523ce692226bc2731ee03459 |
| SHA1 | a63bb7eba70e607d9557d5f59caf383b5a66161e |
| SHA256 | 9c2edac30eb6825a955114fcb679842a742cbba2a06413d3976047c8f1250261 |
| SHA512 | e2342039ba773cb0121540b8eb2e2b421db155384c7e48d4e40267f95759120782a905cfcdfc96931f1908f24d0d7eb5179e15e121592c3efd3e812998019f3c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | b8ea14fab9636714d0ae31509dc82bfe |
| SHA1 | 2362389d07af2e7a6aaa7c9e22c9b85113a8263b |
| SHA256 | 91085b90b37df92f46ba9880a28d2da80fc3af6d677956ad043fbd4a9d78fa81 |
| SHA512 | ef9f3718b5a8ed9dc1ff7037e5e927b0051fe6d54bc5e08c92073542fe7c980a08b908bbb2b0c2efd9a3912c10317aa28319a8acaaf6de1ccad3e7824ef8cbfe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 65a00d26af93fca6aa6122007e49b63b |
| SHA1 | 2f937fd3b0052bf934b53980566834d94cd1c6b5 |
| SHA256 | 3727ed918a15665d4fed2df8d91c9bb195d70ac71183094b38739690110f8fd5 |
| SHA512 | ae70229a9d10878770279abee6354aa75fc025cccf268aa888c3be163a13b424414496cb24521d880ad9ec057d92c823080a5cd9c15f68d35fb103709f5f2574 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5 |
| SHA1 | 6dd8803e59949c985d6a9df2f26c833041a5178c |
| SHA256 | af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725 |
| SHA512 | b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 69df804d05f8b29a88278b7d582dd279 |
| SHA1 | d9560905612cf656d5dd0e741172fb4cd9c60688 |
| SHA256 | b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608 |
| SHA512 | 0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | c813a1b87f1651d642cdcad5fca7a7d8 |
| SHA1 | 0e6628997674a7dfbeb321b59a6e829d0c2f4478 |
| SHA256 | df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3 |
| SHA512 | af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 226541550a51911c375216f718493f65 |
| SHA1 | f6e608468401f9384cabdef45ca19e2afacc84bd |
| SHA256 | caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5 |
| SHA512 | 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 0d89f546ebdd5c3eaa275ff1f898174a |
| SHA1 | 339ab928a1a5699b3b0c74087baa3ea08ecd59f5 |
| SHA256 | 939eb90252495d3af66d9ec34c799a5f1b0fc10422a150cf57fc0cd302865a3e |
| SHA512 | 26edc1659325b1c5cf6e3f3cd9a38cd696f67c4a7c2d91a5839e8dcbb64c4f8e9ce3222e0f69d860d088c4be01b69da676bdc4517de141f8b551774909c30690 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0da70985540832a5e5c822b40b816ef0 |
| SHA1 | 6dcce217441e8147494906aabdb4ba8d15587961 |
| SHA256 | ef92b3c8beac96b1b76646c2edf15515a95fe91d36c9f6d9ff47ff799875168f |
| SHA512 | 4cb8b5a48d9b1444e0034f9048ceb7b5c30ea37b9b5d9eeffbac137d55ecfb992121f1fb670c43c42d3d03bef146a89c123ec412ed4f9f9458a9a4bb0d9869ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e4a3.TMP
| MD5 | d1d7b0181e0edcd47a68338f6e132b01 |
| SHA1 | 6d244a43de4dde5b5d4a1905bebd2fee0e733617 |
| SHA256 | 8b134f22c08f7c4fa3b6d0bc6c61b2a612a36d0e4a3920de5396a61074c3f46d |
| SHA512 | 800a42862752449426c4b479223e237a83f1a78f2efbf82bae806f211fa812e4daaad24108b08d14154061d10ca968ff2af2905acce87c6132e8c661a6d01acb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 37276ae31d315ba905ecfa8dca968f9a |
| SHA1 | 6813fd593a535e17efa35e9dabc5d5d5560b274a |
| SHA256 | 3e0f73a0310af93fa00de4552b76392ee85c4fef2b5e13ee683eccb0acf33c90 |
| SHA512 | 93167bc38f4973c960a66dac602e02cee18a3ca94e0f95cab14484aaab041484e7ef043d08ef8a719ed662ee88007beb63efef8eb43d0bf509cb6543ff96c1fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d0093cac86f5625a9cf55453e3bc832b |
| SHA1 | a9cca511f32d269426843733cb072477109fcc68 |
| SHA256 | e8141e4ddbd67b46516334011847b7ae53c33ddc367332e4c1d5e96853d215aa |
| SHA512 | 9101fbe989ebc8f592e801f162e6f2a9437fed3a44f0b40302b730c8f8d14c6e5eb50476ea007cbc49955c704b26967b4e6ca78bb180d3ac5a5471e65628649b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8da7f78ac1f43cd90c5f9d3b5e506bfa |
| SHA1 | 9654f9bf70583e18a354019ff25e9a696ea58053 |
| SHA256 | e9cf4a7c44c9e32879547f5831f6bc1e7601c405d0c64869e51323e1f5714aaf |
| SHA512 | 32eba184ece1099937f50e963aac1909f07704100c1bf43072b212ed121388d06bda1ed5dc6631be65e2979d9d76ef378d51c9101e874d9aa6ce3bc583ff48b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 69bfca9b950b3340317f0e3d91dc4dd3 |
| SHA1 | 8c490b888b2efcb034c8511fa1771d6394202327 |
| SHA256 | a894e49d03a9a540ded84dc24bfd6f12ed51d8d949fb3234784bd782b81e988a |
| SHA512 | 9c54b81a4e16ace8ab46250bfc3bbb544c407efae0fa6ed3650d24c011260a941cd5e1869045363ff860901519c06fcc9db9e2d4d3c68682b46560fe4154df62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe588681.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 206ec056574894bfb197e3f14480d0d5 |
| SHA1 | a6622e01684cd3bb69460d8bde317ee489cd33a0 |
| SHA256 | baf84f2dbdef8b66e64659026560dc63c2ffcabc1e4c833303b0fb5b602fe09a |
| SHA512 | 144faab6619544a1bc56041c0a941495daff5111f6df95e7c2796db2d12aff81faa56300a27a02b6cfdb9ca2568447e26381c6da4ccf4fd08526d682b700c284 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a4259a0181983ba_0
| MD5 | c6cfae54ba8db86c7b8af79abb93d116 |
| SHA1 | 8d24158226c2e7cd525d21bd2addf740ca17edc9 |
| SHA256 | 5e05920a473468ac7f6d65521490e9a041d6275199808e55865bc4137631ac41 |
| SHA512 | 51688459c655c9c3d1407edc2f9f1b71b3b2af97b5c03fe07c4315e82d935b211c57604065a8a9ce3ffd96347c4bc76392ecb7c03d68d131ada77a620321b287 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9725718eebedd630_0
| MD5 | abe0c629f9c18b4e6eb4f2f6e20c8f4b |
| SHA1 | d72499a9a7564664773047586e4e9640c6cd981a |
| SHA256 | 147e6d66ca1ad07dd1dde9083a99ce0478dade0acd1d3d70cfbaaea0b20cef5b |
| SHA512 | 8c79a335cecfda9d2d1c5cc84f652c9ec6f14e3e0dc06b949983c814a8920503170829f4c75f6533c4a52d1298d4e227ef5d0e2a0204aeea225c3aba6c1a0f0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1a914eb5fc51fb84_0
| MD5 | f521adc3575a174edd1e756931099327 |
| SHA1 | 7a8408d6ccb3ad19ea4b977bbea78e7859de9ff6 |
| SHA256 | 74f49321bff421f550e7dcc0642912ac828261daa787ad4f785b00e2f9facfc7 |
| SHA512 | 0dc1ab89ec0bf32c73252e73f4439ea4d47ba2ba3428ab713f24aa4f4eb61abb0a69f3ed66f988dc6987f1dc9a352a92d853d3ef615e5fe98b55b55656cc9166 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | 6a0a04475b5ea570990ca1c7448f62d0 |
| SHA1 | 366824ba7955e3299773c13f3407c552d6fcee5c |
| SHA256 | 5b2b69647641e647226f4e439a5ad80c8985af4cbeda57aa16af3fc5c1a959e3 |
| SHA512 | 90e2014b707151abb4516a86255f2c81f894fc93695f149f9bbb9a8cb14846d1293e5a76afb1d514d99f98b5cc95eac11c8d15008308890b12e63b51ab14ff3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\61a0b4d20ae0e222_0
| MD5 | bcb9a15f38b389e2129d9ac1eaa8f543 |
| SHA1 | 1a6ffa236f492a5b58b91f1d4a77afe782b2e537 |
| SHA256 | d878bf8ddf0d0241a02ef620a593f88474e2dd2113218bf26ab621d481e414a5 |
| SHA512 | e8bc4826dc5281676512b9837e8231c3d7cc84a905741f2cd5a6347d21f7d7d9149816784cf2c64067063258c4584749c77b79136bc9767fdbb2184c0bbfd4ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4f372fac69ac089b354fbc4ba04b4749 |
| SHA1 | e277667aa2e2ea6098d9b2b7e777796febef2b1c |
| SHA256 | b9a9e1b9c7f64dc2ab07d16dd087476f58ea4b24d5fd147127d74c3fd422c637 |
| SHA512 | 34f06874d04d3f74432d4676878fe08caf8e10a33baa0b39bd89b016705cfcc391aecd7e2756fa9db8ccacd5c232bf9735566280424bb2ee8a9d926fc236eb01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e66d675c0311adc593b748e44cd4e4f7 |
| SHA1 | d0bfd78799323f49fdad1aa635c8360cd644c02c |
| SHA256 | 420ec901b73349c95a8a2d065949a99cb996d39cb3edbe57c3ceb3684d7892fb |
| SHA512 | 15860e3baa9fd50f837f9d97bf89a5ef70c3a83f7da48a13181b5ce41dca93667fd44a0305734911f4efe010980cc94e810a0c7b5dd08686c39a64350320e77b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3eb16b10f80d9131acbc9a4cd51cf590 |
| SHA1 | cd26116daa331c3dd58179efc3642c5511bf23f3 |
| SHA256 | 95987e79ef98efd6df8940cc874cb6e884a2a4562edc675be051177d743bfb94 |
| SHA512 | d33e0bf80c2dc97b7da0479c59e18b23e7069f8a2a71efdad32013a1d8e5e33f5f4746c4b6a1694df477f7b0b123cd307516bc69e73725aa2940f061190f2ecd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b25ae54a39dbc3d515428a6009c89528 |
| SHA1 | 132c3bf3190ad25a7696c93a47566f2cdfc5c7e2 |
| SHA256 | ab84fa8229abb29fc5441cdbd86716f84cef6f90f92eed7b71b5916f6f8ca0c5 |
| SHA512 | 9f4eaf19549557f9c7573187a6f88a034d05f2723de2e945297d2cb129f03971a077b8f39d12a840378d14b09c2782ec7d158cbf4822b59934c2a63be1f78c99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fd9b90e5961c7d9f6e8aa1647413b45d |
| SHA1 | 38af869066d2b44217af82a5ce7f03f8198c8cb0 |
| SHA256 | cfb673e0b622af1a76e339f902d66a7792ec722dc421c4fa7de8ade6fd325ace |
| SHA512 | eb4d7d8c9da24f725d8e11bf9901b90c1ede0fc18bc2abad0a663d44cec244e45dfeba81847489e21ae86d61d4d85f53ad42a6d17c21941005c8ce8322d9daed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b6494bb118a883b920e8856791dcffe9 |
| SHA1 | 857f30c6a2ce982f3a8071015cfe2ee850feaa88 |
| SHA256 | 48b4629a0d32ec06ad1c27952f68cf4cf1093bd811bc8c1da8a54c72b8871486 |
| SHA512 | 7fd1c482426ab4a58f4d8a14f5e29aa20989cebe8d374216fee0b63143dcaeb9f52cff9a32970d61fdd1d2d3565ebe304d59696ea9ca7970e3af35de65de7ca2 |
Analysis: behavioral2
Detonation Overview
Submitted
2025-01-10 14:00
Reported
2025-01-10 14:16
Platform
win11-20241007-en
Max time kernel
840s
Max time network
849s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff983b13cb8,0x7ff983b13cc8,0x7ff983b13cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1952 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2652 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3148 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6004 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,10473017538185024948,2577780649779396484,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.180.14:80 | google.com | tcp |
| GB | 142.250.180.14:80 | google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | support.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| N/A | 224.0.0.251:5353 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a28bb0d36049e72d00393056dce10a26 |
| SHA1 | c753387b64cc15c0efc80084da393acdb4fc01d0 |
| SHA256 | 684d797e28b7fd86af84bfb217d190e4f5e03d92092d988a6091b2c7bbbd67c1 |
| SHA512 | 20940fee33aa2194c36a3db92d4fd314ce7eacc2aa745abec62aa031c2a53ba4ff89f2568626e7bd2536090175f8d045c3bb52c5faa5ecc8da8410ab5fc519f7 |
\??\pipe\LOCAL\crashpad_4172_WNQZFFXFNUXHHIND
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 554d6d27186fa7d6762d95dde7a17584 |
| SHA1 | 93ea7b20b8fae384cf0be0d65e4295097112fdca |
| SHA256 | 2fa6145571e1f1ece9850a1ac94661213d3e0d82f1cef7ac1286ff6b2c2017cb |
| SHA512 | 57d9008ccabc315bd0e829b19fe91e24bab6ef20bcfab651b937b0f38eec840b58d0aed092a3bbedd2d6a95d5c150372a1e51087572de55672172adc1fc468a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1f45e745e919b874a4d3917c5239638b |
| SHA1 | 6485149a9e1648144dca9a2ecdce6586aa4aad60 |
| SHA256 | f63a5a6d077ace6920ccd9ca6bad35ccf49e0b5233d1bd815b2bd5a17c16c2c3 |
| SHA512 | d2467c107f81c546f0f0fffb1c9777044156f83eba3fbd749ed9493f90a75af0f2999a528df550c6d842ddd3b7776f167a0317a46b6059ab4c804687f8fd9eac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | d79b35ccf8e6af6714eb612714349097 |
| SHA1 | eb3ccc9ed29830df42f3fd129951cb8b791aaf98 |
| SHA256 | c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365 |
| SHA512 | f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d27ae0627e8cbf675ec67b85733bc99d |
| SHA1 | e8b8adc988dcde9a49e11e33b71147dea7cde279 |
| SHA256 | 9bdbfcf1af86cf689340cedf6b8d51131461b4d46c1ae5da23893de63f0a4ba1 |
| SHA512 | b9b5bb8a85a5d683a3b83b3a550e130b184e5559f875286563f6005ca0d8d85ad104ddfbe5498c4eaf186cac60285b2456b99aabe3016a6a4cd1d6735d6cbe40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4871b5e9001f468ffaa44fa39dfc8c20 |
| SHA1 | 67981367b4d271df53cc82e7151fa83ff0499b8b |
| SHA256 | 0760ceb6a4287268da218b4193b29d90150cc922ad4eafe0abdb54ceb392a8b4 |
| SHA512 | fcb1d9e4393f6b86aac1e3e260f78c73f4214a3c3a1a8d4525cdb6a001379f57d2d793055a38030e75de8b755672b7db8c27680c24297cc58740ae3dea2c9375 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0b6308bc0322eccd07afbe0edf50db70 |
| SHA1 | b9282624c12a97a0fbe68d0ac236364152ce6d31 |
| SHA256 | 0510f51ce52b87388f5eb0f87892e9ed94e41beac1ae65230fdd25a79327d327 |
| SHA512 | 9713dc39ed6254aab91326be03d22129181bc515b7833f23e457f0ec626a5db375356ae399614ea7155bf562640971b51b751a60827c3c540fd4e3f6b45d7ae7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2993b0b4ee646ea3fdab57c937e3880f |
| SHA1 | 7dea6e908384efe3c9f6326103a38422cc1e7e54 |
| SHA256 | 28fb7e9e683f3e23fd8c23d42722e917e51b05b596a3bfcf4d1f88d17844d8db |
| SHA512 | dd7601542ba57b7239953083b18f8a2ea44b7c84b8ff59720a29edb96c05dc3db13fde282f3b3dae2e4df99e1ae485bf81f8eb19c3f35f5bf9d8bb090e65453e |