Malware Analysis Report

2025-03-14 21:51

Sample ID 250114-yzzs8szrgr
Target https://edpuzzle.com/assignments/6786c1099c848264d3ee6511/watch
Tags
google discovery phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://edpuzzle.com/assignments/6786c1099c848264d3ee6511/watch was found to be: Known bad.

Malicious Activity Summary

google discovery phishing

Detected google phishing page

A potential corporate email address has been identified in the URL: [email protected]

Legitimate hosting services abused for malware hosting/C2

Browser Information Discovery

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-01-14 20:14

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-01-14 20:14

Reported

2025-01-14 20:19

Platform

win10v2004-20241007-en

Max time kernel

290s

Max time network

299s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://edpuzzle.com/assignments/6786c1099c848264d3ee6511/watch

Signatures

Detected google phishing page

phishing google

A potential corporate email address has been identified in the URL: [email protected]

phishing

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1144 wrote to memory of 2060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 2060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1144 wrote to memory of 1708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://edpuzzle.com/assignments/6786c1099c848264d3ee6511/watch

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffe1b346f8,0x7fffe1b34708,0x7fffe1b34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6392 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6392 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5444 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2664 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,528432581398947118,2295507632806176846,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6056 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 8.153.16.2.in-addr.arpa udp
US 8.8.8.8:53 edpuzzle.com udp
FR 3.162.38.96:443 edpuzzle.com tcp
US 8.8.8.8:53 96.38.162.3.in-addr.arpa udp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 50.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 167.173.78.104.in-addr.arpa udp
US 8.8.8.8:53 libs.edpuzzle.com udp
US 8.8.8.8:53 assets.edpuzzle.com udp
FR 3.162.38.10:443 assets.edpuzzle.com tcp
FR 3.162.38.10:443 assets.edpuzzle.com tcp
FR 3.162.38.10:443 assets.edpuzzle.com tcp
FR 3.165.136.127:443 libs.edpuzzle.com tcp
FR 3.165.136.127:443 libs.edpuzzle.com tcp
FR 3.165.136.127:443 libs.edpuzzle.com tcp
US 8.8.8.8:53 f14ab24c7503.us-east-1.sdk.awswaf.com udp
FR 52.222.149.54:443 f14ab24c7503.us-east-1.sdk.awswaf.com tcp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
US 8.8.8.8:53 10.38.162.3.in-addr.arpa udp
US 8.8.8.8:53 127.136.165.3.in-addr.arpa udp
FR 3.164.163.127:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 54.149.222.52.in-addr.arpa udp
US 95.100.153.191:443 www.bing.com tcp
US 95.100.153.191:443 www.bing.com tcp
US 8.8.8.8:53 127.163.164.3.in-addr.arpa udp
US 8.8.8.8:53 191.153.100.95.in-addr.arpa udp
FR 3.162.38.10:443 assets.edpuzzle.com tcp
US 8.8.8.8:53 f14ab24c7503.3b8c98f4.us-east-1.token.awswaf.com udp
FR 3.164.163.37:443 f14ab24c7503.3b8c98f4.us-east-1.token.awswaf.com tcp
US 8.8.8.8:53 service.mtcaptcha.com udp
N/A 224.0.0.251:5353 udp
FR 52.222.201.81:443 service.mtcaptcha.com tcp
US 8.8.8.8:53 service2.mtcaptcha.com udp
US 8.8.8.8:53 37.163.164.3.in-addr.arpa udp
IE 52.214.217.96:443 service2.mtcaptcha.com tcp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
US 95.100.153.184:443 r.bing.com tcp
US 95.100.153.184:443 r.bing.com tcp
US 8.8.8.8:53 81.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 96.217.214.52.in-addr.arpa udp
US 8.8.8.8:53 184.153.100.95.in-addr.arpa udp
US 95.100.153.170:443 th.bing.com tcp
US 95.100.153.170:443 th.bing.com tcp
FR 3.164.163.37:443 f14ab24c7503.3b8c98f4.us-east-1.token.awswaf.com tcp
US 8.8.8.8:53 edpuzzle.imgix.net udp
US 151.101.66.208:443 edpuzzle.imgix.net tcp
US 8.8.8.8:53 accounts.google.com udp
BE 142.251.173.84:443 accounts.google.com tcp
US 8.8.8.8:53 170.153.100.95.in-addr.arpa udp
US 8.8.8.8:53 208.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 84.173.251.142.in-addr.arpa udp
US 8.8.8.8:53 mail.google.com udp
GB 142.250.180.5:443 mail.google.com tcp
GB 142.250.180.5:443 mail.google.com tcp
BE 142.251.173.84:443 accounts.google.com udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.71:443 login.microsoftonline.com tcp
US 8.8.8.8:53 5.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 71.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 accounts.google.co.uk udp
BE 66.102.1.94:443 accounts.google.co.uk tcp
US 8.8.8.8:53 94.1.102.66.in-addr.arpa udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 142.250.200.3:443 ssl.gstatic.com tcp
GB 142.250.200.3:443 ssl.gstatic.com udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 lh3.google.com udp
GB 216.58.212.238:443 lh3.google.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 ogads-pa.clients6.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 waa-pa.clients6.google.com udp
GB 216.58.201.106:443 waa-pa.clients6.google.com tcp
GB 142.250.178.14:443 apis.google.com tcp
GB 142.250.179.234:443 ogads-pa.clients6.google.com tcp
US 8.8.8.8:53 238.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 33.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
GB 142.250.179.234:443 ogads-pa.clients6.google.com udp
GB 216.58.201.106:443 waa-pa.clients6.google.com udp
GB 142.250.178.14:443 apis.google.com udp
US 8.8.8.8:53 appsgrowthpromo-pa.clients6.google.com udp
US 8.8.8.8:53 addons-pa.clients6.google.com udp
GB 142.250.187.202:443 appsgrowthpromo-pa.clients6.google.com tcp
GB 142.250.187.202:443 appsgrowthpromo-pa.clients6.google.com tcp
GB 172.217.169.74:443 addons-pa.clients6.google.com tcp
GB 142.250.187.202:443 appsgrowthpromo-pa.clients6.google.com udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
GB 172.217.169.74:443 addons-pa.clients6.google.com udp
US 8.8.8.8:53 signaler-pa.clients6.google.com udp
US 8.8.8.8:53 peoplestackwebexperiments-pa.clients6.google.com udp
US 8.8.8.8:53 peoplestack-pa.clients6.google.com udp
GB 172.217.16.234:443 peoplestackwebexperiments-pa.clients6.google.com tcp
GB 142.250.200.42:443 peoplestack-pa.clients6.google.com tcp
US 8.8.8.8:53 contacts.google.com udp
GB 142.250.178.14:443 contacts.google.com tcp
GB 172.217.16.234:443 peoplestackwebexperiments-pa.clients6.google.com udp
GB 142.250.200.42:443 peoplestack-pa.clients6.google.com udp
US 8.8.8.8:53 mail-ads.google.com udp
GB 172.217.16.229:443 mail-ads.google.com tcp
GB 172.217.16.229:443 mail-ads.google.com tcp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 229.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 ogs.google.com udp
GB 142.250.200.33:443 lh3.googleusercontent.com udp
GB 216.58.212.238:443 lh3.google.com udp
US 8.8.8.8:53 200.163.202.172.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 clients6.google.com udp
GB 142.250.187.238:443 clients6.google.com tcp
GB 142.250.187.238:443 clients6.google.com udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
GB 142.250.200.3:443 ssl.gstatic.com udp
BE 142.251.173.84:443 accounts.google.com udp
FR 3.162.38.10:443 assets.edpuzzle.com tcp
FR 3.162.38.10:443 assets.edpuzzle.com tcp
FR 3.162.38.10:443 assets.edpuzzle.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 www.youtubeeducation.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 72.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 133.130.81.91.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.179.246:443 i.ytimg.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 246.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
GB 142.250.179.246:443 i.ytimg.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 edpuzzle.com udp
FR 3.162.38.68:443 edpuzzle.com tcp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 68.38.162.3.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 csp.withgoogle.com udp
GB 172.217.16.241:443 csp.withgoogle.com tcp
GB 172.217.16.241:443 csp.withgoogle.com udp
US 8.8.8.8:53 241.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.youtube-nocookie.com udp
US 8.8.8.8:53 api.edpuzzle.com udp
US 8.8.8.8:53 connect.soundcloud.com udp
FR 18.164.52.117:443 api.edpuzzle.com tcp
FR 3.165.136.4:443 connect.soundcloud.com tcp
US 8.8.8.8:53 117.52.164.18.in-addr.arpa udp
US 8.8.8.8:53 4.136.165.3.in-addr.arpa udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 172.217.16.225:443 yt3.ggpht.com tcp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 172.217.16.225:443 yt3.ggpht.com udp
GB 142.250.187.230:443 static.doubleclick.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 230.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
GB 142.250.200.3:443 ssl.gstatic.com udp
US 8.8.8.8:53 14.179.89.13.in-addr.arpa udp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
GB 142.250.200.3:443 ssl.gstatic.com udp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
GB 142.250.200.3:443 ssl.gstatic.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.178.14:443 www.youtube.com udp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
GB 142.250.200.3:443 ssl.gstatic.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ba6ef346187b40694d493da98d5da979
SHA1 643c15bec043f8673943885199bb06cd1652ee37
SHA256 d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73
SHA512 2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c

\??\pipe\LOCAL\crashpad_1144_QUQGUGROPNIUBJIM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b8880802fc2bb880a7a869faa01315b0
SHA1 51d1a3fa2c272f094515675d82150bfce08ee8d3
SHA256 467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812
SHA512 e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 dd3fba854e47a2fe5aaa13ea30a86f17
SHA1 86f84800f7954b492c79c343c4627d75b5cd86cb
SHA256 228f7f75ac9e8c299479c2799481261d19195a4fea7c9ef0b533cc216d50b409
SHA512 1a20714212c1f9d9868dd710aa0a10c5f32447edad84d1aca4f3526d5b850b8c2d5763ca5ae2cf4fe56c3b6fbf6e2266df4b899eb495ba72f7e3edd92ccc05d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ffa3139be9eebae8142019880659c986
SHA1 7994c0ca106b8f5b1fde1d7208f94a6bb457d026
SHA256 03da2008c806802761907e3a7483b71a51be7b95345be51d8b07e69a59e612eb
SHA512 7e223a1f79a4b490b809c64a6a0f9c98f2651a186b0d9928453962585fcfd4e751d7e8ed1b3bb0fab06878a2dda468d79bdc0c1e45f47c60e41cd4b86db3e7ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3696239fa6f5fb51fe4897c7ab665126
SHA1 5e3c28ebcf64e928585a396bb15ba010e231c689
SHA256 f8ded842e3f252c84c154f1acce883ab90f7c33887d1c91d0ac369a8a26b0066
SHA512 82765a7c9d327cb0f8c708680e10366170f6b14582236ba2c592c27f9f1fd6ff07b83160dc0780cc588c0cd3b875f1aceedb8e85efb218dbd9277ced421ed586

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d9ecd8026b0a86fe8e3a27eb68deb586
SHA1 9b2d299c340730bd3e413f63b6b26675f352e4b1
SHA256 1ce5e6464cfbe476c4ebb909b867d7824e16b57fa9ad994b5e0af22b44d6aa9c
SHA512 0d3e5ee162d4dc09fac513ff56bbceb7a20e7f9de0f5169d349e2ebe1f6eeb725234098701bc4e1311cdda0d623f742dfc97c210c1646fb310ec5df5fd8c8c77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a5978a1c603465c0bfe91b03c01b9280
SHA1 8957179c8c23c54ffded7ef328e6e7f0bba550ba
SHA256 3070085a77c44363c5c3395f0695ce82520da3e997f1b0ba2c8a3541c1c98076
SHA512 12672bf927981e66ac1e8bc9a92f7bfaed7b326987b6c8546d7bb1fe359837749e7f2b9555058d7e6d36dc07d172a30c10c22e1d5db91fc34bf72c5437095c60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581529.TMP

MD5 e4e60bfb2ddacc376af04ed77f7b4696
SHA1 402b616c754175d088b14c5a1d917ab48d1b6ae8
SHA256 dacb25a8d701e8c3341e837451b1618f7e626a4ddd7a5f0567fd2ca9c92c9b15
SHA512 7982305ff244e8a2e435db24a8278ca2d9c88347853c18725cfd49b780bf3e7c458576805e120b966b4c1168c53455e9d13f2d4d974347cae36c176bc1dabcb8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e9808b10d8b6c9dfb4282a2f7501f51b
SHA1 6bc259fb43fe857bd58999b1d66b65a1d9851a3c
SHA256 8e6d455651e7ab8470276a2fee54f2c2eb4e8672843e9264f07e96a98d8ae5b3
SHA512 242ef87d5a53bdb36f5650ac394c50e56d30420dc3b582b6952650e881e803bafa4d62662bdb8759330ac84dfe5894572d6ee2b88ad5d61a2aab803d300fbf77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mail.google.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 36b8930755e6be8cdae639c62e82a0a9
SHA1 1f891d2d0313a29d8e3cf20e6d68b45dd0a30bdd
SHA256 8104a8e29dd677d7b0d9ddf0085d4e941ba84193c6b036f9baac8ed889d2325b
SHA512 b1fd7d65dc5e92e9042d043883ac9d040c98e6deff7ee9260f330414bc8532c978b35bb6c24a88ced71edf49970cd4ab5803f906923586582f17e7db4b5be480

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt

MD5 69de5dd9ae93ae0fd0449e545a634118
SHA1 8e264b216c4a960cdc82adb50f767045246cdc37
SHA256 4c5ea5e8066f7d7f29ca04a80d364015865cc4f09e9771014a844548aca3a6da
SHA512 ef11f20e0118e114770739fd4f45046e064cfd3502c5dcf684606b0dd1376430e461f8cf85062a28b0a6fac3c1ae65243df7ae1578422a2bbb2c45605bb70c9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt

MD5 e993776e649e4a48f04ac4528da64302
SHA1 fbd6730ce309b838e6b3dc32c06e85676e189ce9
SHA256 a0992bb35d43de0ca55249414c01354c0cdb3c442182c24d617d3ee738b86c66
SHA512 6f32d01c788b6fa264429d2af63ca4c0193d43b6a5aaf45be6fe5d78ed5df08fc409a36d780517e97049d538cd6be11b1158e833cea725e7a60bfb611757d5b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

MD5 7204eab07fa5d538e9df0ca413593d2f
SHA1 621148272d65490d9ab624369465bfa9aefb3fd2
SHA256 8cf1a23e11aa74676aaa381f4c7109b5a7e2fbcc7acf137e26dbc42d7d53fac6
SHA512 2616cfb2882315fec387e2cafde0f178f55ce74634cfbcc61708385f04d6c99576429422953af6e382e8970e54f36ada03feafd64199aca080d1d56750d4c3b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt

MD5 f1f6919f7605724f65cde76e8c753613
SHA1 fe4432c66cad4b3b7c66c133203c82cab40381ce
SHA256 db247a9c27c47835a8e47f39b47e9f9817e537e462bfc99d70fc0f9f4e786603
SHA512 8b6cc2baeecc75b170711ee6ca236a1fd82739ee0bdbee703e98c74c761d72b14a370fb38648d664c7288f76516320dd6644f56f49d4f2660d11c8b8b4f20b14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\12ac40c6-8aa1-4188-a4d8-e483214342b6\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt

MD5 3cbe0d9238dc5e225d7212396d3b4975
SHA1 d42973f0435f072ad109ae89ce4ba8a923380e3e
SHA256 c1fafa7db833915c80c7497f9ed56a763a84d594f26594852158491918f89387
SHA512 f89fbffdd072ce0c8d24bc189ae24cd7b23bc00e68fa739536f269c5828aeb76880e7c24da3193cdbc8bdea6324f30028569d2a3877a25c8ab4ef3961624cac1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6e4bee4069334ad774ecf23052046d82
SHA1 c3622ffa7af84fc71c55b2e481ea1aa46ea5d946
SHA256 985278ed48c3338051debe87c753c101617e44d64ff1bdf1b01fcd22015382ac
SHA512 105f9bf31bdab15c9e9b84bae5892d0a3cf112869bb6fcb8874d94e84eb558d096c06d22c23ecb52d156f7bc8ac3923b505c0e9c1085f41dba13ddac59f9f3a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Bookmarks

MD5 a3faaf0bdd89c86ef776b9a6a82766bd
SHA1 e61bed9076089ad5292377d28d6cfb919370f098
SHA256 7275c027a97eff8043453292b6ec3702b0a085aa52a8ea69ca6a446a2695e7d9
SHA512 bfc45796357747ec8f40c2c45201b05084ea69f3ac8c326314440ef6b64afef059b234da6cb8825afa043b4cb96b1ed0e3949a844b038de9ef6ab963213e192c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Bookmarks~RFe586f3f.TMP

MD5 12dbe9b7760fb5affd7b8f4ef1f4c7de
SHA1 fe3b397d2023340f339f613aa5b9f882d7af7738
SHA256 72bcd981feedba6c2b1df56d8dc482abddfa4287fe965bbf77d8f017fcd3f952
SHA512 cfe732c565e1eb4ebf177635e42cb6180df2106dae1b03035afa0b4e603c5f4ff9aee73369274c2f08d1e155f94e7a9416b79b8cb1d0f59a7c6fb7b8a7031471

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5889bd.TMP

MD5 0247a606c802d3c24ba1741f9e756fb3
SHA1 0cc7da92d9eeb425d296b0b4ffeef04e523137ea
SHA256 a514bd629367e2021d4e775464fd1dfa95c21df7da78d48f5bf5e6c99eb0611b
SHA512 0f31dd8a9348e8eafb3993d1592631411ecafb4fbcee25a23e2d214b51e5a78cd9b775de7b4f4c8f66f7762e6fdd2c348bb345a7b665e68e59c9f1a9b7ed052d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 9496898e3280e69cd23f5c6b689c9174
SHA1 02f9f22fc5416749bc4250a7d7b1d5e9fceae942
SHA256 ea1b01f9f4073febfa231478b27c4f7fcbe77676c312d3f1ef69142a0b89c4f5
SHA512 e917541d8de862b1a3f64c989367132db3dd6624a4fc41ed57b5280351438a078894bf67e701935c240b0b11f1c7b5b7cfca042ab306fcb2dd4f710a7bc33ce9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\e3154313-104b-48fc-8aff-9bd346c02e65\index-dir\the-real-index

MD5 449ff10c269f1a63952eb6857a1d8662
SHA1 c55001ba051da578ae411f54038b2b7e3df38ff3
SHA256 9727d2f747b8d3130fbaf5c0c67da452fc830956e0a178cd5df0a1de35367e65
SHA512 ba40aee90da5dd918e8137516c91c935665b3b61c50a043a5b33a8299fc2e878eae24156636d2f66d0a5438eda4f65e3b60cc4bd88f8c9cd50cd5f65e5e208dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\e3154313-104b-48fc-8aff-9bd346c02e65\index-dir\the-real-index~RFe588c8b.TMP

MD5 e43987e3fec0ecd0e2369821745ababf
SHA1 f6765ffccd855b039258d13f7cef1740dc758f89
SHA256 761f2350c95d9ac3779e70ef95d337462d40614652721c3a46308d9aa8bdc89d
SHA512 c95d2b3453c204c369846a63365d796ee0c0c8245d2effa293734c65f9c46233afce3524a47c62a2118898aad2f15bf31468966e7fcf54914068d7d71e92fdb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 32e843798010e27488ef1b79586e7440
SHA1 43b6d5be1d0abb6dc430113fe35b6495cb616e24
SHA256 dbe4b9bb39939dabe57a20912d15a674decc0c9b361dcf6a2f89921a056dc681
SHA512 3e8e7d50b806598e7569bd150093d0d903c85fe8f345b7ea694125f785834bb16b9b833f016f02649280faa637a080fa8395a54651731b1bd75c76ead5c66937

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\bd99e2d3-35f8-4210-901c-b9f62ae1c3ae\index-dir\the-real-index~RFe588f1c.TMP

MD5 d35f67b573e0992b9dbc1c92c44dfd25
SHA1 40d2b8242d39c7511cddc0cb0f894bd355db33e4
SHA256 cefa475d3db11322bc89b336c0a1279aec67b7aad30d1587d7ea8cfc654f5bbf
SHA512 2fd0598eb0872e75fbbc006577315f20da2f6b3dc7d86a239e3d4b31d8faec2a70e43647a9124f4ea5c74748a29f2da21fd11926404e788ec5c5a07ac0c1bc23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\bd99e2d3-35f8-4210-901c-b9f62ae1c3ae\index-dir\the-real-index

MD5 2c2f75250499ee08bca33fbe8ab29136
SHA1 e6922d2644b40b1f79394e18c8414a56f5502db0
SHA256 047609c8763d374433c233cbc910e685d7892748ee7c3c6ff6e0cbc864e9e875
SHA512 adedf76a628d36baca7511e14c5efc1074b33dcb5c7773e15e5d765138fa792f5a77f0d6de3eafc054e8022195b5c6145ce2df2bc2e62dda2a6a34b472a5a7e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\c2108011-3d1f-499e-b27b-491911503546\index-dir\the-real-index

MD5 2cfcec83393f6aada0d8c703fbcdb044
SHA1 bedd2f3e518677ea0e301abc93b2ca025e42a460
SHA256 3d24e85bf6818fd740bd158246df5523e8a081872023a7124407d825aa33ff1c
SHA512 f07adde602819e57abc54ab1d01fd9f666b662a8af49aceeaa16fb96f7935d8922cf068e058be1ade18286346961e072d12c6b45dbd398a21a43ea2c93ee62a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\c2108011-3d1f-499e-b27b-491911503546\index-dir\the-real-index~RFe588f2b.TMP

MD5 0f06162c821465ab3e48a82007fba868
SHA1 8141e19a42c0c585606e7a450efee22dfd7cc176
SHA256 434627cd638ccdbfa8434d0d1d62c9fe7a59faf341d61f71a34a23df4f77d1e1
SHA512 fcf5b9f932372720c17bf128202e4b2edbdb8c6d7996ede5148b26c958cd28bab16fbcf1dd119d2880b1427eecee06fbbd457337880a6d8621af0f91a34fc0b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b0480bff382ccb138fc2b0c8a97f93c5
SHA1 33eae7588be46505c273e5cdf0154b4d5e218565
SHA256 3e4bd74ee4ee7eb563923304bdee0ce0aa1abffdffc9c822982e0a4eff5bf3ae
SHA512 e62c59f3d8e5ce4c76a70e19fc1463675272bd9f705506bd558ce0c32b8c58964ea7000ab0b45f6899569ba8dcaaf70af7c4c2bc3f932a84c30ee704df486e9c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 f61f0d4d0f968d5bba39a84c76277e1a
SHA1 aa3693ea140eca418b4b2a30f6a68f6f43b4beb2
SHA256 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc
SHA512 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\b83df0e93fd18ff75bc71615a01bcd30dabd5704\index.txt

MD5 4e075fef575216a5be604ff489007bc4
SHA1 07be26bf727b123395be443a9245bd10da60ab12
SHA256 f2065536beaee87b9034834258cecb9b53a30f0c61efa4749583ff59c5e79b64
SHA512 7cf1df56abc2e10d8785f387a0df7cce9688c6c829c467d8a07e2edcf64d2ce38ad3bddae50cdfa4c81bdf009501ff4dda0dec9096c057ab5a452a0b2391c292

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\b83df0e93fd18ff75bc71615a01bcd30dabd5704\index.txt~RFe58a8dd.TMP

MD5 58beb0055698c8446280d02288bbda3e
SHA1 a6e7db1d5c973e2123d67a4f7da00365e346a347
SHA256 45020923386b2e7a46888b24114305939345d9564a1e6aab3359e4b04a677e11
SHA512 0c072bec0059ab759008a3de2834a9ebcf878dcec32cbe12885564f3703db760370301c5e4a97d34c32fa65b5da5b88928b83627badcc5136b6c68d14654a63e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6acd2bd8e9989dc6ba1c36b47e85f7bf
SHA1 ded8b851650742f0d5487c34867076a9e7a0a46b
SHA256 2bc8a7709d63b6c5ab13c9df4ff05315407109dc500740643497741eaf4375e3
SHA512 d1a756e78de44b1f3691b00457b7f13bd84dad9bda3f3560eb8f1500787ba889c93c861cb28cb48c0fdadde6512b86f4205f81f1b90d6c485fff9c20e0789c90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5ee0ce1324626986c88281c5f8f0b9d9
SHA1 0fe1c601e430a69a346043bbcc0bbe68d819e37d
SHA256 3a84a1a1b3aba044f5c126ce98e177fa356d380ec3dc7716885695cfcd711f10
SHA512 7eb1d2c7544ed4f62d8330469499d022578d1048328f7743c9b83f12648688da8f389f8d64e724d6a223ae65c0cdffc7109efaa6ddf6aaac98c6d7c5692307d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt

MD5 343859b4ad03856a60d076c8cd8f22c3
SHA1 7954a27de3329b4c5eefd4bdcb8450823881aad6
SHA256 8c79b653c087618aa7395d5e75198da7d3b04c08654c39e56b1027f9ef269c2f
SHA512 58014a4e7f2b4b0d446fae3570196b8fb95d0d1b70bdab0dd34a74d6c62cd8d7ca494a486f19c1a829988a3af83a08d401f18d1769ce1799a02ee09807234254

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt~RFe58cec5.TMP

MD5 f95bced674c8ef73d9ea50b5644e3351
SHA1 e1715f36532d528140ee1d5f909fbcab39ca91af
SHA256 dd3e0ac08b8169a76ceed2a5443fdd2fc3bddc4c4cf9ac6262c638765b0fb5af
SHA512 b73f8a8b3eb2b05c17a2f3e47c937ab38654104efb2de4087549fd1f8687f1b8cb3f68aeba256a806dba221a7d33b3152064510fec3df075685315027688e8a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube-nocookie.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 8b15bc7e00318f2d99cb5106f7d480d1
SHA1 a50f85850d2dff9fb00c92f8ae3687608a5d6024
SHA256 397f4ea90f2b9426f4e675549b8e5dbfb7e24a81dc100d6bd597796000522708
SHA512 adb704979fd7fa45e68d38cd5b13363ad26d025aaaa7ff18968a1d813c8915b177cfbe9b7c14c45243d32ac55feddb739da191e0c334bc63e383c312f010403c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058

MD5 65da8d6932ad74d3b51694b5a28dd0bb
SHA1 aa6e37cdacda153f499c299299a4dacf50c93765
SHA256 309ec80a404d5ba8c9816e0932bff343c8e205fe36819908682289ed7c7ae482
SHA512 bfce7ba0e18dde7d6f833709e565f704701d7a51b14d7c11b06cdce0b057290a334219c9aa4f7ea098c097eb779a2ceca397a9ad1ede0784348f78c81fd55015

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059

MD5 7607a872f76eb038cb790227e1dbedf8
SHA1 63de777e6f0d0aef1399688b0717f2dcfa4bd438
SHA256 a0bdab3cd1ff40b86fa6da1f202cc94dd36e2070e935de7a34940dc64bc5d4c6
SHA512 77e05f5bc488ff32e0b689be52453a5bdd6e125378c0e2aa546701bcd6e9748509ef10115f7d5bf6b58b858ac31e4fa6e66138b86187633476da9ba7c71ceacd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

MD5 0a8bada670350e0f338e378a494e58b7
SHA1 15f4fd25197e2b492cababe12b0eb142f6b9f2f9
SHA256 9e4d6f6e470008bb34be4bbf35db6aa06779cef26ef26acef13a49fd1ab6fd11
SHA512 4288922844fdd428c738d292f31eb42141ce6b3c8984e4fd2e5bda212d48524ca6209c0edd8d41f664972f0404099a063f70e69969130b1cda023c9b6d417421

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b

MD5 c0a053d5cb8160124a684a9a1cacd12b
SHA1 8e473639f9b01ec520d54a77f43225e814f56d16
SHA256 1242cb9c4c1e9a840baa2a6d67a4fe7f6fe349b5563d56a0088822c0fb0c7e27
SHA512 1cc56db0e7adc985644b34e54b774603eb10f66aabc0853657977701a8a6387aa10d2a4f48ebee707a20127883d22e02ce22524f5e6327bb899ce3bb779d698d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0bcd886182b134c5593d5127806f2f0b
SHA1 dc0cb57e04fb84901c8d480e0ac0d5ce47f5caf2
SHA256 679013ac8455d6ca204bf2382ddc195f03d3ac3adac0312121683fbe69b291a9
SHA512 00f48f18021f220d497be6a813be74054199c7fd9a7d4d4f4f6b0631ba2a09410dcaeb63164ca9d747a28eb681c6a799ada06bf0b5f7917087c52e3ca8b52fa6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\12ac40c6-8aa1-4188-a4d8-e483214342b6\index-dir\the-real-index~RFe58d7ec.TMP

MD5 b87b9bb8de9297f1b6ee38bd99a053d2
SHA1 e9835635be2f93b043266329e49749989ed0ac6f
SHA256 dbb96e306f4d320c9df3cb376af252b0304607b8fc7ec67c59f6dc185bdd3d38
SHA512 866fcc9e49c013c284ce1a46ea3ee51f0ec6edae14b86a2c5be3758b953138a8613de5e9a028773369dc8d2c848f1c191095f51eb7de8661dc29df9eff0fa149

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\12ac40c6-8aa1-4188-a4d8-e483214342b6\index-dir\the-real-index

MD5 b3c3c3623027b446af28db5dc4c1d603
SHA1 e851693ad83a4286213d48cfc0273d43b43aad4f
SHA256 6303dab491196866f41e5873d8b1f62baa845587077dbc0b1d725d931132c11f
SHA512 829e49b489484a5be0a38c9f801766ac2570688781d88f027610b18a11156bade1026b2b486319318f684843a0e51a513e8e0e362d1bc77e6f8c797ab6f963a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt

MD5 0107445969eec19d07dac61f1f56365b
SHA1 f03ed56285014ae5156e644f91ea8f3380b9e3e3
SHA256 ae2ff7cff31217d718c646201df38531a7987b3c1b1a5b0bdf89a36b008cf0ab
SHA512 1be330aeb1081fb08b3cebcc881cf3dc6bacfeb1cba490bf9be604d6f5d8267bb6f8f91a41e73a0c435b32a4f53cb0c1646dea34a783d3e2a30e5e4d37b266a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d57f965b34f384d1a25fc116d4646266
SHA1 a03f1fd424ed68d45dea9b1077f98d43d9cedbf7
SHA256 d33a88413bd36cc56b51f632734ba237aae057f24b585c3f8b511141e747e9a3
SHA512 12d09e03b637bae6d9e4c38027e7c402f730295de4fe1ca036e4d1f6dc5fd83ecb0b54bcc0c0de8d16eb77c7f08e08ccda087b990b5c6ed5ab07c87fa3d3754a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\da9f2bfb-ced0-4055-8e2d-7b497dc464c7.tmp

MD5 7cd9168171918ca48ae475f8299bfdb6
SHA1 a1ce8377d688d7834b307b30915f022274bbfabe
SHA256 2fdefdf1296d4222b9a19d9409222c609c43a73c867fd41126f49ed943d804d4
SHA512 1d7a545b14912d948616a2a79d85b327aa7248029c8d49b5ac2c5b269c3b229621dece527e36303f9165eb820f5ced3e672ac868175c6df4c94af46eff9bd18a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2e02831188a6c1b397ed2f2bda1d3273
SHA1 59bf6c0bf2874388151fb6f8e4650db3f37e5862
SHA256 3f82dca3012fd8c4adc4e4f3c8e0dfcb80f6a3aa9b5a71a94efe1e9b3ffed558
SHA512 5d446aef8d30940e5c4c41aecc43965ac7025fba928fcf11059334c25961ae016e6a16d4dafcc1ee627c044004ef169f76488bdbd2dd619c2397c1fc9939b553

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e81bca2dc1752a2a2d795773bfcd0d49
SHA1 400f1e065bf443e9bc60eb141708c6dfc5daee19
SHA256 3de9b16a4d2baf88a3487fba5244b1070a67cfe839994b569ded52fd7b7c1af0
SHA512 765438738650fde21a5213ff8de27e6aa685c84cefb7354be906809c5fa976ebbb26c3105169d737f9efa3763e0f3c2440a1e0f214e511edc9a26a184f2867d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e485738c2abe435b7ee59621c8abc546
SHA1 991196fcf2aacd702a7a0c82186fe06ea709758f
SHA256 078807fc2c31ff798295a546616b5bb70deda2e67e83b616d7dec2e5f59c0ae7
SHA512 f74a736ab1fbbbcec14a71b50ca674d88f313037672cf367b00da34e6daf0d122b5bce4c20ce655761a40229c376dd972d0f02f65b3704adf469080215965712

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b3e5011565938d2868ec3157e9c05449
SHA1 d8678e4688997ad6cdacca060b9174b01bedd66f
SHA256 3d9b5ec35e1cfed2ca1d4369b7a7f5ca257c46267ec2cbd0952bb40d2faff4ad
SHA512 764e781c176609ce9e5aa41a96ecd6ae0128350effc50670297dad1501f5f876c835b844165eec2f39d768d64b2201a7f4cd1b3e664a573cdac599e994c8956a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3497b24e6126bf5aba3a95b84c4d474a
SHA1 4af8d35842ac652ca1674111124578f917b9bb7c
SHA256 b865870661defcc8a36ba050f990e004bdb2268c8461299988e3140f22883118
SHA512 16f8d72efc6ead80030a013fd3af97faa704ad32b18ac1f9afa1f2d5ccbf901b566f027cf7358188d1659d3ae3f8f3fb64581f2c3bea2c76601303635c545110

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 30f48225a8205b3cca90631cc0eae8b9
SHA1 2313a3d075923c794c7a48e2a9d1480473df4f70
SHA256 4a8a48b3fbd612408ce3c711c2a0eb11544c0d01217500b749116fd0bb03c8eb
SHA512 69271fc4cb6412420b5365bc5070b0630f665e92f0243fa930b1836acb07270b6251636c73453e91d8795f6d2b2de2f2590292587ad12dfeb6b43da90c8d2dc5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 8903ac774f16eb284ca15023f6a6c9fe
SHA1 2ddcc17d5675a6a412ed4919524169104172c8a0
SHA256 37479ac1e3187afc110c2fefde92b7eabfa241442c19f334090d6b80d8ae8bb9
SHA512 57e812f91df86818e497890d05a30643d25c9b28c613d81a7c4f5e1dd9a5bfcffb6e9ba613e45463ce173319825973bf7b4f569e9f629f6256b54890e5728ef3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a456030aef723868bcb9347aa24416a4
SHA1 a14f331ea4eaeeb360b0f68aead3cc2f09b6380f
SHA256 7a72f228de4dc8feafb23af2af4c01fa8ed609398de7869a69c4b7c9270f61d3
SHA512 332b6bc1e858a8b07153ad9afd5555e6c441db60fd92fb1cfb528a79f58aeaddf0058590828910201474d4b6ce7353c8421e146eb6d9a9199b20b5413a3d9352