Malware Analysis Report

2025-03-14 21:53

Sample ID 250119-vymwhaxphz
Target https://firstmail.ltd/
Tags
discovery phishing
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

Threat Level: Shows suspicious behavior

The file https://firstmail.ltd/ was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery phishing

A potential corporate email address has been identified in the URL: [email protected]

Browser Information Discovery

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-01-19 17:23

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-01-19 17:23

Reported

2025-01-19 17:36

Platform

win10v2004-20241007-en

Max time kernel

763s

Max time network

762s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://firstmail.ltd/

Signatures

A potential corporate email address has been identified in the URL: [email protected]

phishing

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\notepad.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4824 wrote to memory of 4240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 1844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 1844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4824 wrote to memory of 4796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://firstmail.ltd/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8cc2246f8,0x7ff8cc224708,0x7ff8cc224718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=5800 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5092 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6448 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6964 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4136 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4168 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17843144151037414230,12634422985000658000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=936 /prefetch:1

C:\Windows\system32\notepad.exe

"C:\Windows\system32\notepad.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 firstmail.ltd udp
DE 5.252.34.102:443 firstmail.ltd tcp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 8.153.16.2.in-addr.arpa udp
US 8.8.8.8:53 102.34.252.5.in-addr.arpa udp
US 8.8.8.8:53 167.173.78.104.in-addr.arpa udp
US 8.8.8.8:53 64.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 captcha.firstmail.ltd udp
US 8.8.8.8:53 cdn.firstmail.ltd udp
US 8.8.8.8:53 mc.yandex.ru udp
RU 77.88.21.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 72.204.58.216.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 mc.yandex.com udp
US 8.8.8.8:53 media.tenor.com udp
GB 172.217.16.234:443 media.tenor.com tcp
US 8.8.8.8:53 119.21.88.77.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 cross.captcha.sati.ac udp
US 172.67.188.152:443 cross.captcha.sati.ac tcp
US 172.67.188.152:443 cross.captcha.sati.ac tcp
US 8.8.8.8:53 152.188.67.172.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 api.firstmail.ltd udp
DE 5.252.34.102:443 api.firstmail.ltd tcp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 api-tools.firstmail.ltd udp
US 8.8.8.8:53 filin.mail.ru udp
RU 94.100.180.35:443 filin.mail.ru tcp
RU 94.100.180.35:443 filin.mail.ru tcp
US 8.8.8.8:53 static2.cdn.ubi.com udp
US 8.8.8.8:53 static-cp.akamaized.net udp
GB 184.26.57.161:443 static2.cdn.ubi.com tcp
GB 184.26.57.161:443 static2.cdn.ubi.com tcp
GB 2.18.190.180:443 static-cp.akamaized.net tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 161.57.26.184.in-addr.arpa udp
US 8.8.8.8:53 180.190.18.2.in-addr.arpa udp
GB 2.16.153.224:443 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.16.153.206:443 th.bing.com tcp
GB 2.16.153.206:443 th.bing.com tcp
US 8.8.8.8:53 224.153.16.2.in-addr.arpa udp
US 8.8.8.8:53 206.153.16.2.in-addr.arpa udp
US 8.8.8.8:53 76.27.18.2.in-addr.arpa udp
US 8.8.8.8:53 www.virustotal.com udp
US 34.54.88.138:443 www.virustotal.com tcp
US 34.54.88.138:443 www.virustotal.com tcp
US 34.54.88.138:443 www.virustotal.com udp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.134:443 login.microsoftonline.com tcp
US 8.8.8.8:53 138.88.54.34.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 www.recaptcha.net udp
GB 142.250.178.3:443 www.recaptcha.net tcp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 recaptcha.net udp
GB 172.217.169.3:443 recaptcha.net tcp
GB 172.217.169.3:443 recaptcha.net udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 34.54.88.138:443 www.virustotal.com udp
US 8.8.8.8:53 account.ubisoft.com udp
FR 130.254.91.66:443 account.ubisoft.com tcp
FR 130.254.91.66:443 account.ubisoft.com tcp
US 8.8.8.8:53 static-account.ubisoft.com udp
GB 184.26.189.36:443 static-account.ubisoft.com tcp
GB 184.26.189.36:443 static-account.ubisoft.com tcp
GB 184.26.189.36:443 static-account.ubisoft.com tcp
US 8.8.8.8:53 66.91.254.130.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
GB 184.26.189.36:443 static-account.ubisoft.com tcp
GB 184.26.189.36:443 static-account.ubisoft.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 public-ubiservices.ubi.com udp
US 8.8.8.8:53 code.jquery.com udp
US 75.2.77.136:443 public-ubiservices.ubi.com tcp
US 151.101.2.137:443 code.jquery.com tcp
US 8.8.8.8:53 ubistatic2-a.ubisoft.com udp
GB 184.26.189.36:443 ubistatic2-a.ubisoft.com tcp
US 8.8.8.8:53 36.189.26.184.in-addr.arpa udp
US 8.8.8.8:53 136.77.2.75.in-addr.arpa udp
US 8.8.8.8:53 137.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 connect.ubisoft.com udp
US 54.173.62.225:443 connect.ubisoft.com tcp
US 54.173.62.225:443 connect.ubisoft.com tcp
US 8.8.8.8:53 ubistatic-a.ubisoft.com udp
GB 184.26.189.36:443 ubistatic-a.ubisoft.com tcp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
FR 3.164.163.59:80 crt.rootg2.amazontrust.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 static-dm.ubisoft.com udp
GB 2.18.27.99:443 static-dm.ubisoft.com tcp
GB 2.18.27.99:443 static-dm.ubisoft.com tcp
US 8.8.8.8:53 225.62.173.54.in-addr.arpa udp
US 8.8.8.8:53 59.163.164.3.in-addr.arpa udp
US 8.8.8.8:53 17.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 99.27.18.2.in-addr.arpa udp
GB 184.26.189.36:443 ubistatic-a.ubisoft.com tcp
GB 184.26.189.36:443 ubistatic-a.ubisoft.com tcp
GB 184.26.189.36:443 ubistatic-a.ubisoft.com tcp
US 8.8.8.8:53 smetrics.ubi.com udp
IE 66.235.152.221:443 smetrics.ubi.com tcp
US 8.8.8.8:53 221.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
IE 66.235.152.221:443 smetrics.ubi.com tcp
IE 66.235.152.221:443 smetrics.ubi.com tcp
US 8.8.8.8:53 avatars.ubisoft.com udp
US 8.8.8.8:53 account2-api.ubisoft.com udp
CA 203.132.26.113:443 account2-api.ubisoft.com tcp
US 8.8.8.8:53 113.26.132.203.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 90.65.42.20.in-addr.arpa udp
IE 66.235.152.221:443 smetrics.ubi.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 account.ubisoft.com udp
IE 66.235.152.221:443 smetrics.ubi.com tcp
IE 66.235.152.221:443 smetrics.ubi.com tcp
US 8.8.8.8:53 account.ubisoft.com udp
US 8.8.8.8:53 smetrics.ubi.com udp
IE 66.235.152.156:443 smetrics.ubi.com tcp
US 8.8.8.8:53 account.ubisoft.com udp
US 8.8.8.8:53 csp.withgoogle.com udp
GB 172.217.16.241:443 csp.withgoogle.com tcp
US 8.8.8.8:53 156.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 241.16.217.172.in-addr.arpa udp
IE 66.235.152.156:443 smetrics.ubi.com tcp
US 8.8.8.8:53 public-ubiservices.ubi.com udp
US 99.83.188.134:443 public-ubiservices.ubi.com tcp
US 8.8.8.8:53 account.ubisoft.com udp
US 8.8.8.8:53 134.188.83.99.in-addr.arpa udp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
IE 66.235.152.156:443 smetrics.ubi.com tcp
US 8.8.8.8:53 public-ubiservices.ubi.com udp
US 99.83.188.134:443 public-ubiservices.ubi.com tcp
US 8.8.8.8:53 account.ubisoft.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 smetrics.ubi.com udp
IE 66.235.152.225:443 smetrics.ubi.com tcp
US 8.8.8.8:53 225.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 public-ubiservices.ubi.com udp
US 75.2.77.136:443 public-ubiservices.ubi.com tcp
US 8.8.8.8:53 account.ubisoft.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 mc.yandex.com udp
RU 87.250.251.119:443 mc.yandex.com tcp
US 8.8.8.8:53 filin.mail.ru udp
RU 217.69.139.148:443 filin.mail.ru tcp
US 8.8.8.8:53 119.251.250.87.in-addr.arpa udp
RU 217.69.139.148:443 filin.mail.ru tcp
US 8.8.8.8:53 bit.ly udp
US 67.199.248.11:443 bit.ly tcp
US 67.199.248.11:443 bit.ly tcp
US 8.8.8.8:53 lzt.market udp
DE 151.80.169.29:443 lzt.market tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 11.248.199.67.in-addr.arpa udp
US 8.8.8.8:53 7.98.22.2.in-addr.arpa udp
US 8.8.8.8:53 29.169.80.151.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 steamcommunity-a.akamaihd.net udp
US 8.8.8.8:53 nztcdn.com udp
US 8.8.8.8:53 mc.yandex.ru udp
GB 88.221.134.216:443 steamcommunity-a.akamaihd.net tcp
GB 88.221.134.216:443 steamcommunity-a.akamaihd.net tcp
GB 88.221.134.216:443 steamcommunity-a.akamaihd.net tcp
GB 88.221.134.216:443 steamcommunity-a.akamaihd.net tcp
GB 88.221.134.216:443 steamcommunity-a.akamaihd.net tcp
GB 88.221.134.216:443 steamcommunity-a.akamaihd.net tcp
US 104.22.22.142:443 nztcdn.com tcp
US 104.22.22.142:443 nztcdn.com tcp
US 104.22.22.142:443 nztcdn.com tcp
US 104.22.22.142:443 nztcdn.com tcp
US 8.8.8.8:53 counter.yadro.ru udp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 216.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 142.22.22.104.in-addr.arpa udp
US 8.8.8.8:53 www.virustotal.com udp
US 34.54.88.138:443 www.virustotal.com udp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
DE 5.252.34.102:443 api-tools.firstmail.ltd tcp
RU 217.69.139.148:443 filin.mail.ru tcp
RU 217.69.139.148:443 filin.mail.ru tcp
DE 5.252.34.102:443 api-tools.firstmail.ltd tcp
DE 5.252.34.102:443 api-tools.firstmail.ltd tcp
RU 217.69.139.148:443 filin.mail.ru tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
FR 95.100.95.134:443 www.bing.com tcp
US 8.8.8.8:53 134.95.100.95.in-addr.arpa udp
US 8.8.8.8:53 account.ubisoft.com udp
US 8.8.8.8:53 static-account.ubisoft.com udp
FR 130.254.91.66:443 account.ubisoft.com tcp
FR 130.254.91.66:443 account.ubisoft.com tcp
US 23.192.25.96:443 static-account.ubisoft.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 public-ubiservices.ubi.com udp
US 99.83.188.134:443 public-ubiservices.ubi.com tcp
US 8.8.8.8:53 connect.ubisoft.com udp
US 52.202.21.245:443 connect.ubisoft.com tcp
US 8.8.8.8:53 ubistatic-a.ubisoft.com udp
IE 2.18.236.232:443 ubistatic-a.ubisoft.com tcp
US 8.8.8.8:53 96.25.192.23.in-addr.arpa udp
US 8.8.8.8:53 245.21.202.52.in-addr.arpa udp
US 8.8.8.8:53 avatars.ubisoft.com udp
US 23.192.25.96:443 avatars.ubisoft.com tcp
IE 66.235.152.225:443 smetrics.ubi.com tcp
US 8.8.8.8:53 232.236.18.2.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 61cef8e38cd95bf003f5fdd1dc37dae1
SHA1 11f2f79ecb349344c143eea9a0fed41891a3467f
SHA256 ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e
SHA512 6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

\??\pipe\LOCAL\crashpad_4824_VUGQJUPGRROPIOBA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 0a9dc42e4013fc47438e96d24beb8eff
SHA1 806ab26d7eae031a58484188a7eb1adab06457fc
SHA256 58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151
SHA512 868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c81b53cf0091c2bc8fc6ecf460d6de08
SHA1 651dea783f2f42e6040b254c7cbdd43e96776401
SHA256 f7a975e2b4bafb1e8cbeb089e37fd76cbe96032d7f4a2b1c95c61f3b0ad79fed
SHA512 311cb6256e1c63b5776fac621e5b9fac1b85cfc7edc588faace842d68068a7031b06a74194b141b56f68419f5f05eea48da0067d116017da201bc467fc0d0014

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 deeae9c7452ebe5fbdcc8456e7cc8955
SHA1 7a21bc1c86ead6dd7375e2094fe0920b2df18469
SHA256 3582e5638c5063846a42a6a5a6985d82ba90f5cf9788c6d0fe98f7b90ce001b8
SHA512 8d073ddeeccf002a88b82498188ca3ec48b7144d318b40e4481269e9f60121f5a8567cf484266bf4f0f67bf69571343adf2cef4fda1017a01b2707daf1ad7589

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 004ea0574fc5860ca732add27b8d2825
SHA1 9ceddcc7db63bfeb37abb20a9da49bf402abc65a
SHA256 b56a03c464df710421b0c1ed3024dbeac69eab76be803d81505255b477196339
SHA512 11c817cbb5be0faa4e2f315c021077c6e734baba413dd86a3ddba48b688bad2b5d2ea47189ef092447c84692fea7df55306b24660746cf7bb51fe0f8d79008e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 807419ca9a4734feaf8d8563a003b048
SHA1 a723c7d60a65886ffa068711f1e900ccc85922a6
SHA256 aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631
SHA512 f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 62950b78c502668e993cc66d81f11168
SHA1 790ff0d4063332c0f5180d45963b016e10e66868
SHA256 41524726ede7a0bc0ae95895928392cd436de1905b15949d4ae17a630734f0bd
SHA512 baf8290735317c2044e4c8b7f7645e08fecd613e6d2fe17e7e6fa5c1261738a23ebc575938eb1500f01969e6ab5fbb3d5b745652a55fea6dbbf9d75e3a1ff1ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e7bce8a47ec87ccc694595c6d2deaa50
SHA1 ea74cf4090e20d825c93ad03ee2cc807d51e02b1
SHA256 76f305ece736431805bcdb9e05bbaeb6ec9472c33e27c397e75787d2a893f0d0
SHA512 06b9d6e21135cbb2421e063917f6d2dc26288d56c87a85d5259ee06a552aabde24989ea9dadfc2f067a40fcfa0aa2c7b69700b31f27868ca8920758f5f874a67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f8d7.TMP

MD5 dd7ef6e5783bfd1eaf054a586585fb56
SHA1 a922394b334f06dda542e75f9123a5de29754a99
SHA256 0331ba185016f5770e32ebaf4c3e5bf9bf7e26ee17a8d56985e05b9119af5603
SHA512 a6fcaee9c767d0200946daf57624e09f36c3baa5fa5bcb4f85392e39fb9318a2a8c3f05138e4c7e1efd0751f1c7fc8e21dc85412df7bc59692e89e0ba9283b44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8bc4b7d1458fd168d5c4696e5c6a5bb1
SHA1 745c616aa234c28c6e95ec729a2506d29d6cf964
SHA256 dec867e06e2cb59837d54ba4859bce4bd6613007cb5fb45669135d79beba816c
SHA512 d3c3f705b62dc3c629fd1cc9e65d40a2b96129467270e97edc1b0c93a0bdb78960a7f8bea2d7137e4065675069944e9cf305fa53d132e9e96d0a30fc801911da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bc41907823d4331221105a48e642e6cb
SHA1 f0392878c407b6e8201a06ba45566dcad5554586
SHA256 e23e6dc5789ec3850ac376f17a928970e2d8361f172faf5ff057c062277c9ec5
SHA512 4a70ad01070feb7a59dfc331b49027ea6575482da1c7422c77cad90f44aacc2d3eeb19d47833f418d4983738efce69744baf55519b0bd0b1da8114717a47efda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 d474ec7f8d58a66420b6daa0893a4874
SHA1 4314642571493ba983748556d0e76ec6704da211
SHA256 553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69
SHA512 344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7a0b783646af6493c197059322325434
SHA1 d2db5f355f02864872f74af7a4cae039208db7e6
SHA256 9c1651970f5c8a63446a5614b3c283cf7cdd5ddcfbcb23b207ab5da4808c49f2
SHA512 874b0a4df440ead2f08c95034d4cc12cfc8c74708d07445630936d69cdf8529d1798311f2d3703e14dc1f3f6f36af2fc7be60d64484ca10fabc58a720b4e87b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 69afd79296ff0858f8e96414353f2ac3
SHA1 f87bd3e7475b382d8e33eba2c02424e7420cb609
SHA256 d0ce6f3e6b869adf6f7311275867103e81511f268b51756ca4a0b294d6597443
SHA512 2b01c0f3dc4bfbeffa1813f0904aca451c34998fed4cfa33d5b960c7c85ea0837e95f1dba0908499d45c78444748113fe45ee4093742e08a00c2edb077be32e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

MD5 3bc2b6052ff1b9feff010ae9d919c002
SHA1 dd7da7b896641e71dca655640357522f8112c078
SHA256 483a3494759a05772019e091d3d8e5dc429d098c30007d430639926c3ffa16e5
SHA512 0b1632b73fd87e8e634922b730f83b7950e9a39697a46a3429f0bebb3f1ebd14c815a4651ee8f663a437d00ecbeb6ddaa47b2fcad719777edf1b1de8a7cad0f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 de7f972b36cb92fa2374bd12b8b67975
SHA1 296e6bb14286b81cf84a15078d03459a87c92613
SHA256 c5b1213af940efd38e829d65ff3270b218d89fda23f247f49558c57ac3b798d7
SHA512 aa3975a556bd14e2d42f6e898631a6e1bb14c6cb9566b87990f8686180f1d61c6f8eef0b280db6e53d270179c58df32f5523651cb545c34f426e2e3bddda7f31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d8621e3009aa0601aad571d7ab41f4df
SHA1 47f6293bb9c19a3df86b03f6bc996e2392178afd
SHA256 87b07504cc9ad7af6ff629ad34a92a03806ebf64cea03f1a6b3cda828f83733c
SHA512 b0a7b5f7efe1be5e36d672be653ae88be859878b0ebcddef575301cf98609f44023ad26154008b18cc01a36889785eb670d4edda7c9c555aa32867643b7df101

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f1debd6c35c71fd7d69dc07e807fff68
SHA1 e11d49c15031e462b3e2cbd0af61e5a164442f01
SHA256 70c212c3c4f9290356d3ff7748808f6811c6a2241a532adc2739ab1c45fbaa55
SHA512 c7a1336717819eadbbb63b75621be66a4e2b94cee82aa27d05055dacfebabb0bd666db3e7ac8817a3e475174cc11b128b02b476c34ceb166f20577506bb678cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58a498.TMP

MD5 85affbcbbf88294c433e7b35dcbe3755
SHA1 b5809f51b2cb12eae26a8df1765276cd0cf66b57
SHA256 9ce7b4d457358b0af94a4392ab91e40c7bcec68a46be95f3b0bcf56c4731d3d9
SHA512 3b8151427f2104c5fec7fc15dfc9a56618aa2eef9428602ac2f7d35b06e739409a3caeff76ba5f4d32de965bbfd135f402a203aff9c48290292ddd7896ca95b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 9eaadd4b0f59952502158afaa59fba40
SHA1 96724b0fa557d3bad52618f6d7edcbf7ee65cc1c
SHA256 30cc2386e9f41c6da4182530e9e550ad05c4f96caf9556ccd13caf128ab100df
SHA512 28318dfd05f69be5aa5e74c12c0e3d5ecaa4343f8e4a109881972b4b31297a582ac3f785e9944722760b2e207d6adfd84e035ab5b9d83e9e02c50e37f14b04a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 896142ed133d9b747dca006b3168213c
SHA1 01405339448afd2ba177ea97189a3600eaa27bd3
SHA256 3ab020d61d4c159fbae5c1c95ae7db7c808758b2fc17c24a9f288c61d3b4670e
SHA512 8fc8cb229bbafe284dfc34f74c6eb505c56c53fb752c52c1b64eaf937a3f05ad308fb9916716fde017599071f00eef24c78dff488d9e1b302714a3329cc39010

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6667b5794e17dae640dcb912d440baa0
SHA1 2ba45a3b11bc8982ad3e8a9397bc8f4be2a07965
SHA256 b1b890dbc2e03ceab7ce461cffb1785025b88449e21416a382a18ac97a0c139b
SHA512 f4a79ac01153655fa9b3090f04bf08c8a669f278777fb2060dfb7a530b41f98219aa857a51afb905f3af7e82ef86020e711ff22b834066d94f79edf88c100535

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f878ae09ce8c3e8e97c17ea0d25decb8
SHA1 ee225f7f2ae768d72bb89f99016d29b9fcb7375d
SHA256 fc663550ba7236a9be25b86612d2f0816f9da7d458d3d113337ef01a09dec644
SHA512 c491141b4b6849cf9e5da414fa8d5ce50dc1b362ccd83e3cbba16c41613d8e3344e2dfb7740fa924d71310fdc1be7b4738951726ce1ad324487fb96a5a0d3b5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1a6ae5c55a9113d440c3f8cd80c234ff
SHA1 389ee1d246f8644f011040bf999b75c1d8259b41
SHA256 c71612f15dcaf0ac019a72c29b531f5e10f8347b0a937128eff751ea5be5e6a1
SHA512 2c2b5489d5cb758ce36051e8d9ae3b7136a33b03d4c731ea1257a0cdaa2df6f13735f0ab34e76cf3d3953c3333ca95ca0d8375aca7c3fd0f574d376b32673b29

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 07a35b4495f1fde7859788fa1ca7353a
SHA1 d9312e815e66de2874ca42d895cae736274efe2c
SHA256 1eea0271726c09f3a8af45d213022f15d8e3a6b34c0bda3958de3294299208bb
SHA512 970586ecd20c62fabd628f130152e1b6d511df25a524eba233437d29992c7dd8e9d2436812acf788b5e2df80b4d58024534b0faadec998ae9b62a026bbb1582a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\603e3591-9df3-4537-9543-30912eb55ad5.tmp

MD5 f3fa5a10593840fbe471f5551d54d4ee
SHA1 9751ca1aa68c682bb0b2a1e66f63a634ec0222fb
SHA256 d66aaebe195398be760ef4524a55ea893d48ec456122622a6574c67b2228d471
SHA512 1980660c344950a0a9769bd551cf1b915a2801c801f969903ca3431e6beaf85ec7a821960ff9e07b4d05948d75bf1286ddb612186df525c6c43dde528befc6dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 9a4ae63043d04b6b457b9e3a3ddd5262
SHA1 9637c3bac3815730f4d95f1448cc484c1966e387
SHA256 e6da0afc8654edad7aede209534b5a3177aecef706a6442394cda6eea35c53ff
SHA512 b82bbf13ffebb2131410402b804e8c756b72aadf50198a0d9114a6ffb7a5b65fd2ff942588f8b961ed48758a4fbca9bda1a3107a2d9b65c2764ba0df3a7be0a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 02e9da7989b7bbb3e93750680cb17210
SHA1 9eb79cac9b80be1aef57250b6834ef16278314f5
SHA256 e15b9dc970c3bd2d0c64b41e1ca9ffcb1fd92d47005c7420731e928d283af9bc
SHA512 c7e16db195d7d9d7d9ea4866194ca0c33687be9f4819d6f513a39c013595ce36c4b69eea9a8175b7734d7aca45bcec752322cf931b861550b4f8ae85aef76e05

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 55a4a53788d3f55368be4f5f74eae59c
SHA1 0051c963b1ed1f482f96fc52f12ae6b8fcdf92d9
SHA256 15483fabe204b3f1d1e80224f056286987ac95bcbc5a534a35edcc00c2e2d9e7
SHA512 9cfc20a97b372b4e5d6f2378a2a61c5729a370485ffa5e183a32de141d1abd9156418f5109b6171b6a0606282ab17f63575218b92724f51edba158f3e46bda68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6f11a4ca7a6f24539c66d5bb14a52062
SHA1 f5d861ebf149e59b0159c5b7a19117da603021ac
SHA256 68b98a4e34f9df0b0ae95217754a235c23274abaa87529209d2e68b8f273378a
SHA512 14ce2e8d86505c11f768473d2764553ee6424f2dd283f37ae00722dba4d038ed62b7f1f45b343bd163b34290872f50e523c3da6f0ea6c903cec20c9de36159ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b4a0727c64848d1489f5cf2fd0672170
SHA1 de508efed9263023fe5b884ac31646bbd7efd857
SHA256 c444fe446ef89ef2876a6169366ff9bd46ab02e69a98d05603f65faed2ed6697
SHA512 ca7593ad82230b0276b59db800af4dc5a46cbe0bef862609735fb0b7665b53aa07a566b3cfdecb136e62657899029ed50af5d43cb01a914225fcbf17b347eb25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0e3ad5a80ba7db88_0

MD5 cc36502afd1debe2ecaebce817e61929
SHA1 ac180e9c5c5189f0b2f2b5e7df3db9ef8b815004
SHA256 7412cba7e522a4c265eb24a7fc3e7d0bc4dd42874ea642f70f7393459033d30b
SHA512 7b924662776c64719c28b9db09813f3cade2f39ef1bba7d8c4a977320b5a00667fb752466242ec5e9b49cf6a04a009b7491c9bfd3beaa497dd5c06d51f6049dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 58515c5a824d955d1c358fc9960dfafd
SHA1 25fda59e91fa687ed034059cb71e83f59103ccc0
SHA256 c6e964af1bcccab6f7579261981de291778739b923f682184cde28f906019581
SHA512 327d8e8a6ea21a30b542f4b42434feed53b43e7715cfd496a43be34e103adcc8932b8317bc63646e72ed7c7b55dd98999bffe15caeb37a9621dedd0f53e7c9c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 99a17ede4f09ae96a37d288e6b0a88fe
SHA1 7426e2f2fdf6cf962c60a971e1d87f6b2ea680b0
SHA256 f5b07b05ea6a6f8c3e9e1c0191ad92be3186ef1ad14db59392db329ca9aae751
SHA512 9b48e44ee4b7021793057b79ad1c4ce75445d1452fab1a9cecdeb5fe6b47c341c2a7e9b16faaff410c85d74da8182307aab53026a4dc346040acde55b22e30d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d2a4d4595dcc6732557253ca2ae71c2a
SHA1 6ea5bfd684f70964857c25d5a09b34b0edd3d7b9
SHA256 cbb43cfdfc3f20d73b03f53ecf7b453f330c366a1ccc58c4266ed83e46d640f6
SHA512 153346a5c79441215fadbcb469efc5383e98fd1aab408b942dca20416be5159f747c986a6c8631348b663ce5186db2c713274d259cb0624bd690c4014bb03122

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 54d78dd8dfb155859143959d426158ed
SHA1 e0650ead18ce57bebc4cbd0957dba105b54bdacc
SHA256 537162f785fdf0d4341289f949300400e449a65b17a042e7013dbf1d93fda380
SHA512 13b900ead2c940211ea2d628ffc9fbfde94189f37fc7befa52044c81851ca8c85ab84565c6eda712200c5689bf39dc0f0d97517248e17ece450c931c8daee8fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a910ef55840f0a702012647041786be5
SHA1 4b9216563476dde2ffe71ff591ea08a9bddbdcdc
SHA256 d94edff67db4e25c26de8010a4efaf621cf6a1df16f39f2e9d6cea21e82d7ad4
SHA512 c547275947cbcf7c8a4edf14ec73d6da66af7368a11396fde52f2532e64b47b6cadf1091076543e729b1b4b6f3c78281dec1b9e3f43a150d901a1c9538fe0e0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d28eac9d4551dcbdcb6ebafefaaf782e
SHA1 56693b11e14808201d1b8608f03d01f36c246199
SHA256 bc8cdbc0060f18f5d7478d02d37a5237c4cb175bc20856ac330eab4638418819
SHA512 76a0fd5062793f16809890700a2093933f838185bcbcccbcc9ec91e34dc88fd79134a10a82b15c30e8f57e8dd8fa8dbc2c37eb64facf502637f6e587f192d73f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 051ef9814b34c80c176266436ead2e48
SHA1 c51bc03102485f668440171a8f55cfe71806c061
SHA256 6b1933bed61f79f6e1de0610acf347b612597d000855ac8871f8ce8338c7f96d
SHA512 44701e0b7211131a219dd5eaf5472c7570baec82ac617850380cf1ec36c71559cfb0c5946779e5bac15a802fda0897b3c14dc36e372c7b4a67ab3dc8c23bab50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6fe6dfa7719d9702f69a9677e4e9f302
SHA1 d9e326fb5529b505cb1c55aed69268461ba52fd1
SHA256 df75a5d90c36056c290f39dd6544bb9961af511dcc13acd9c740ae97c6e89d76
SHA512 fe924922185a080b0ca03742aa5123adc54469cb44da1687947441904f09f20e4f54a6366d2e654310ec0074a7456bd7fd946d0cdbaa1289576175146cb22d37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a8c2371286cc4b85dd16157bfcef34d4
SHA1 7436b4a81bc95f19fc8f4f48add40b639d14b59d
SHA256 d4c2fd45e34dc1e8d0d1ef1686f67ce0dde95d51d0311bce712cfccdae536040
SHA512 30daf1e1205962394c1f5732d9a7a281b402baf70c90435005d53e698d4fd9040c7840882608dda2a0e046605e91df44cebc298c1b8eb10155261e0da2555c17

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 efb96e77bf77b2563b19a2d0c35f7329
SHA1 ef957207fdc5c8ce891ff0a4663d96b1e9892adb
SHA256 186c9bfce0863e9b7b8620ab7b0d5ce78156ac20039c8f41fdf9fa2b610c4482
SHA512 002e97ea142fb55734871e91d1252881b19eaccdbf4c17eb91a09ab8acf84d5cb5337d2229c2b4ddf34fc339e39d596f9fd294401245328887c1118a51252e0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9425da4d88ad912fef16406fad0d364d
SHA1 83a39a32bccaeaeacd263d39c4f75d0bc88456a1
SHA256 6e8e7b70c241880f53c555151008a69d2bcdd6c220c16fd94e53410032e77aae
SHA512 c709c694db52d32e86e79577f503cb22ea6a1db9c879890bae6ca70c86e5f44f4ee25a28cb916b7081ada18bf74bf321a721e8508dce4a88db94cf80ed6b2b6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8366b739f1b91fb2e04630eefd01daa6
SHA1 4494f928e9154662d7fabdd75f8cbb0d8312b1c0
SHA256 7ed55ee7dec42a644eb2be36cb548441d0bd7d24e10693b23c53b85bf27195a6
SHA512 06900917a7ed9d83cb6b39b918ae7607054fe39f28bb14d08ca2620a95553af827080ad41fc670b2d055822fd3fbd2c8efb59fb7de402bced4ee634a175fa895

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1f991084ce34319f3a58caf53cd72658
SHA1 43a35728bf77e4465ebdc2550d8daba0eb6c2158
SHA256 417d442151a5474bac711052bfc8c60f124d219f67436bbd0a48082b7f18e675
SHA512 84cb381ca1f9b84c86383beec7b93985419762f995de64efc8ba7f4fc21a407485f3d64461361418f96958fc29117a0ba92d6eb7746b4d623eb6efe2a19b7168

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 005a50474a812d0eb7825904d1cd248a
SHA1 00e90d7ea40ddd6a980ade649626ea64fe9a7e46
SHA256 97c69f5feb09e2e43257c1f56ca9cda75ebe7460bb4da3c7b9d6f658c9aab839
SHA512 9afd149fd4111f14288fec2b82f13feb162fd9565e45295e8f3feec9ea7cdcfc7151fa823dcdd2ad5582ddc91f022f246cae8477743fe1e7eb01b5af3f97c8f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ffc2ef616a2e358c3c3c82e4620a4074
SHA1 aa8b1db08e8a610a285a0f8aaba8ad4e89348d37
SHA256 f33b1d7350ddd645ba5214b691f0e22158c13229b44815af471d42e255f2281a
SHA512 8800cf16242e8c36f9c1b8d4be5d8dcee16efe7aa797cf92616f8e14c52ffa94a82f66e91bdb62e5557774e5368d0e79263cd908110a4acbdd88f0386dd08938

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8d11e0e6c7593f496c18933da4165de0
SHA1 21e6dc55843049ad09c807a0ba10ba0bd38ecde5
SHA256 4547ed809da6b11ca370345b1840905903109470500a12525f36ddd1904a847c
SHA512 b96c033dee848615bbce6bff66a410bbfebcbbb07b782da47d9e81718ddb3fd411338bbbf080379ae0b31eddb7de5b4150af3c3a36257537967dbc7fd4bf098d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f95ec15f04a13360b5bb83dfd90dbdc5
SHA1 5157d479bbfc6141db31f3a8c98a711fa04dc7f0
SHA256 3cf0a36124060a5305b8f41b4aecb1db04f8e39fcde9c505251a527ae926ab70
SHA512 f60529fe95b07263a885d03ff28669902bb288ce023d8e19cbf0de3ea2984935c2d8422eb392a2a6df4e3ce3603c88c7a0480a9470e70cb81a86bf1ac85f96b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c818b05e20cf9e0ef4b8f6819f07c1bc
SHA1 3502776506184c791e10ee3daf4265d11d3beec3
SHA256 d1c1b24ac692fb643bef3db3435d6f8ecb15c77ff4b45ca0725fde2a54f2044f
SHA512 a96dfa6b53aa2f96ea6da7b90a561d3e992625e00abde73aa93dca0fe20dcd88394d77697c6be9c8b2322c39b0a4ba31b21531f5db4c2fbc29e019c407131001

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 36d35f843844625a1dac27f52c2e3380
SHA1 3579e0772b91469eefc509f5e84053c85e0851d6
SHA256 22fc7593c3ed22e30302879bc09086d39892af11bde36e0299de2e7d7470e267
SHA512 09b2a212bc3af07824b014ef29fb23d2b22b3812b73cf2bb6b968bd7a5c9200716e125119e4fa3ca75375e8abe8ca97d2d7bf987209fff571d41d4ff880106b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9ce2816bbeb868202d9010f738512059
SHA1 3f3e625260d0f5b98b53dbe2de83024be954e29f
SHA256 0f10c20b3d94a8f37e577f02afbba5bd5bdbd8faa7c3aa823c733d6a5473378b
SHA512 3332aee9a87c2757ede8cae2f30eeb089027d8e15bce35027136a04c66a6c22a3508897a852a978d2a8ba871bd65b9eefd4829a7192640886db9df6bc507b378

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dde5d287bfa3f37c256fef5745988d7d
SHA1 8a42c450ca0be0a5a807e56327eb00929e0954c3
SHA256 0b7e91c4aaa69786624b44fed710e75c0f968bd49ca8a492a8a4ea1ecb9dc353
SHA512 011377133e2c843a71e6df52147f1ac4f78ef70bf0da88477205a935f46699a51246534db48d29710f63f409a3ed5cc1f9083cc001036e1cf1172633dafa590a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 066b317d1a6fbf44e77cfc41b2e08b2f
SHA1 6886daeab7e998ac3b6fca5c1d40a38e93e25ad1
SHA256 aaca32d4e24c436d554596597d5eb1cee993d21e2b6d4f9463ab899df7f046ab
SHA512 5e96a0d83a0185f8422f91fe97c6ae5c6f00e9e6f5aed4cdab5e0bbeda898cac828fdb9b48b38ccff9f734a689f38c9e72f9111d1d75e6538d8c8338c97b04f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b636eda774c5d5f6bf7fc38705843c9e
SHA1 fb7b03d8bda435814540be004c3c194a69b80522
SHA256 a931d2597b6c0d7188891a8eb100a39323aeb46db99e76a591be0b72a0f5b51b
SHA512 ecc54043d9bfd68df18b3b6e0d8d3c74e78cd5b4aab0880330142f2903fa937a6460b5d4b42aa6017fd3c56c56f0c2888a16ea92b5b186527163f5321f930645

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 57d9452bc37c9458bc4b91d6cd81b37e
SHA1 70505b8f6f560a1b9c31b18f95d20b43cb861e74
SHA256 e868a11d0329a9e9609c7398453c7d2840e71c5d5bc413567b11d2575b954a8b
SHA512 9336ca32154a0e01ef465ecd1966d4249c7b98cd97c83eebed4c7f3de5fffd214e6c6ba2ba843a99ce281e323bbb182b8912af937cbbe537d6f27d8db36b2267

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 65c9685d6838723a161ff9946f9e7e5e
SHA1 ddcd7c85ecdd71a424af3766a26d6496e65f0c6a
SHA256 5435df923ba22e3b2f5dab26ac30ea967a7c03b36193829ef50310206c671021
SHA512 2f2668fe6762908c32b30271ef4c1f77a7e66c1485a11775ad0b588a1aafeca1eccdb01782bfba63f569d8589152da4d31d0ffaef3b0a274d0540496aebad6c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e218a4e1649363129b4734eed2da83a2
SHA1 bb6af864d570a5c3c025421f2de16c3fc713e16e
SHA256 d5d1059f84188aefc5bfbe2818663fd30554c7e80f26a0dee7a00d6db6fd8d6b
SHA512 296a2e960989fda798a2eb00b687b7b34c6992d89ebb1fdfe33a89d9af21338359fd2089a75994040f556c82d08452bf3f640e88a2f9e9c49dd9dae28ffd67d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 927a8f3a15df81c45ab6604845d6251d
SHA1 d2b5fb10d09a8084f3fb42f8a8eab8d269042320
SHA256 d2bfe997e9e606a4379c419ee4c15bfac2e8ebecac333c382f5f2ea7890abcd7
SHA512 f26a733d3791eb649d5a72f5975b56c920be670e15526b7fad918d23182545a46b6c90274b0bd994f94a99c615eb2db1c68c540d42b49952ed44d72495daf6f9

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 b163dc830503ec60674265546a7e6c3d
SHA1 96ba4011acd96a3efccf3dbf31fcc6b523fccfdf
SHA256 c6c0d9cdeca2993e46aaa17e10d5cbbd61bf7bf52eea9740f962c9ae6c1b9bfb
SHA512 46acb465f65b85519b45daac9751c10692802cb2ca97dbeea5504653bd26969aef34c6ba79afa62daaee77e9a8757e971d4e81aae638c834cb3b942b5b74f8f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e6678c756e637196abc5f5a566495b10
SHA1 ccae6ad18239df38735e2e943c13c6de638678ac
SHA256 600f6195a734e630d3eaf8136ef5f662245bff59c60ca6f2a856d438ccfb99a0
SHA512 877e76922424ca9c9bfd9eae7dc312fc33f0d6ded4a39f28b41b1b488f0134d986f405269e63ab21c8e87e3cf123d95e68484b3bc2810cbe768647bcc3f1575f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 299f1043c6b6507093d63c3ca579a552
SHA1 d1dc3debf41387de58846a2c87893c07a9c73ad3
SHA256 2e6906f16b912244a1ca9519c5c21312bc658af56c352b1d7a48aca3cfc580c7
SHA512 e1fc666f4fd26494a65fd718b9b133e82a552a0646c5c63f44b30f5ecf45bfef89436cdda0e6edb142ca0598ef02776995ecee00b25bb03113a2d206cd3a5a21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9401f155b2512ac8b4001b0bdbebd49c
SHA1 a6e81ed9da4e78dd1efebfd72fd54f9608444780
SHA256 97ef93876af6d35bd7a7b9088f124069d3d23dc9599be12a953977689fe8ded7
SHA512 747e86fd12e5c5ce7bf4718cd6e05f52bbface168a840485f087bc1d2769661308a05fdc9bd2c3e73d3761b02ae103272b77acbb766b8358fd58be737c8e94e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b600cc1ca7fb286342fe327c0bfb0c09
SHA1 20ba1bfafb94b6593abae1b0cab28290ae9e120c
SHA256 696f1254eec9f80e7c200914a56643c0809d5109c1c0f99355c0e44ca2d819fc
SHA512 e974f566d74cb4dcdbebc03057e4ca175e662b2eb22dec173aa864eee9fbd379ee50e96c136fcde34f8b0e1b10d2071d792a6545754135867cfff3335cd43150

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 09dc6e53d657f167007dfbb035231004
SHA1 0e24d81858c91653045bece7e6681d5de5aca2e4
SHA256 c869fb748031705913146f944b0e3d713f8bf9480b768d54b05ae7c6082c0a02
SHA512 d8e0a12a3fe5a52b80afd7d64443b2a738e11df85f2c8975ff4f3de3970e6dd2e8c6236a7b65399d9fb545b058df68d8e2fece257a421d7b53bd04bc7f59fe8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8d4a287f968089978a7da8fbf617700e
SHA1 355c8f5422843ea8b3d778474b77eb9d65d775fd
SHA256 5c3949192e4b65eb05ab4f3c6b2a4ca960d2bf7a3c18871162b1470f067ac893
SHA512 17910208409f4e6f5546fe9a4b2ac966003628a25cf92c7604704a81f802e73b1aed89557776312106439d4d7e247c5e778cd1610494d1a2d08987e62e64ce36

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e216c0ffc370d5f1ffce8f8ca6139436
SHA1 7e43738754bcf66764aad6885930b8488766560c
SHA256 0b47d324bc996aacb4dbf166981240d7f5dd2a899e4029993b1685d3c4ca1da2
SHA512 0018864e6d481865b6d4ed40c1b641512c23f9b94e0c08a15f58a716a24a772d7123cf26f15f543ea4f53afa680cd41695fa8c3acd6a4db2c702cc28605cf381

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 09762146fccf3ad1fda1d7449c4a2ff0
SHA1 250b85c73b2c423ed061738190cda26dcf5d3ebc
SHA256 fe2244c236e16f5fc12f51e51fd20c044a856c9e58aeb05535ad96427864008d
SHA512 eae40318f13797c35bfbe260846dff4ab29f363a2bac856ed9fd11f424d64ef5b5383f043bc27ed919e3bf173a088715c5cf07ec445b0c1366955acde2792dc0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

MD5 ac724ffc8af35c132b53cf4d9ee8ff5a
SHA1 e17a6a10da177ae4d2c5049f71885659d4a1d36d
SHA256 d644ad27dac11d1d706ad73e6d29b9561afa391109b3bafa91c327c5cd2496cb
SHA512 f2e1758b76d3bd06a2f75e658978cf2f686bb6ee5585c1659b0bc9f81ff27500ddf578373364bbd5b6aa24f56b6d06740a59e4cfe58b55b8a92d3e5357c92248

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052

MD5 f460b94518686b2699932e157cdb905b
SHA1 4a910f308933c03a1cb937fd4e5ee4b46718e89f
SHA256 049fa57c0cc6845be07397b99ea6df7275a469a6258d6d5fbef9c1514b117825
SHA512 7a7dd1df8436324c9f8ffd62a1cc8dffc44753a7d30fc8bb638bdbf6eefe37106d60b6556b13d5ee291b371f093f141dc613e92347076a108ee6dcfbaebfd215

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 438b9e3d736e53901d2d7dfccdba4dd8
SHA1 b23f957794378733ca9d58d524f08f8c4d0ddc1a
SHA256 3e593bc99976f5dfac363f7192e962b8d7cf12fa5991fdb65cb382870eb3087b
SHA512 1212a10c9dbde48e1f386d300dc2e4cd7a1f039a06b7e62f86a0bc9057285c74165dcf9b8101558ba21a462d6fbab6394fce1058089009a2849da00d58aa5d5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b500fd474db77135c48eeb2aee007a38
SHA1 d6cb7b78487170f872d211cbaae17f7313a31d73
SHA256 dd6f07d5aa7612c02a897b9431674ca44fbf00195b29acb65f09fe3cd9062d80
SHA512 239b34b5d0224ea90d76098c96ecd0c5049ef85ccd818d85cb388e1255e7f516f417ee97c9e4646d5631ebb13e60e3b1dfbb512e9aa462b45e6682c11a93cc5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9128124325957c51e5d4c31c871950f2
SHA1 8c7eeb7b8015640c7f09b196ee992ce7c5aac910
SHA256 cc56e1851f5324bb83768afca514b734761bc605f38634dac1a95dba4e59633d
SHA512 3bf7b1a84d919c94617dda9f7692c979040b61e31e96d88fc8e03db4285fab35ea7a5edc4173620c8497d0d419409fe2dfe295b52a69af7b4ba934d445cefd88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 aad5c96a74f26111786523c7593a98cb
SHA1 d23d8afdcbb7ba325a743b8731ed278426e69abe
SHA256 4308f7b1677e329294744b147303b08ff55bb2650be9805e2f8982acd134924f
SHA512 1de758a372d29c01fecb9824c97b98f226d38c50732ecb680611d136759e8f0957ac4113afd3146eb65a8699d3e1a60cbf34c6d831ff7ebee52e04bdadabbc0f