Analysis Overview
Threat Level: Likely benign
The file http://duckduckgo.com was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand GOOGLE.
Browser Information Discovery
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-29 19:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-29 19:50
Reported
2025-01-29 19:59
Platform
win10v2004-20250129-en
Max time kernel
521s
Max time network
520s
Command Line
Signatures
Detected potential entity reuse from brand GOOGLE.
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://duckduckgo.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdeac446f8,0x7ffdeac44708,0x7ffdeac44718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5932 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5788 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault0b97a814h0e21h4811h936eh7caa062cccdf
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffdeac446f8,0x7ffdeac44708,0x7ffdeac44718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,9518723995059333840,13925896990852162204,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,9518723995059333840,13925896990852162204,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5296 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2120,14602859656999507894,14421732744506596465,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6852 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:80 | duckduckgo.com | tcp |
| IE | 52.142.124.215:80 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.124.142.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 233.54.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 222.125.142.52.in-addr.arpa | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 82.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 2.18.27.76:443 | r.bing.com | tcp |
| GB | 2.18.27.82:443 | r.bing.com | tcp |
| GB | 2.18.27.82:443 | r.bing.com | tcp |
| GB | 2.18.27.76:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 76.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.73:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 134.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 2.18.27.76:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | 90.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| GB | 128.116.119.4:80 | www.roblox.com | tcp |
| GB | 128.116.119.4:80 | www.roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 2.22.144.40:443 | static.rbxcdn.com | tcp |
| GB | 2.22.144.40:443 | static.rbxcdn.com | tcp |
| GB | 2.22.144.40:443 | static.rbxcdn.com | tcp |
| GB | 2.22.144.40:443 | static.rbxcdn.com | tcp |
| GB | 2.22.144.40:443 | static.rbxcdn.com | tcp |
| GB | 2.22.144.40:443 | static.rbxcdn.com | tcp |
| GB | 2.22.144.25:443 | static.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| GB | 2.22.144.40:443 | static.rbxcdn.com | tcp |
| NL | 13.227.219.127:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 2.22.144.71:443 | images.rbxcdn.com | tcp |
| GB | 2.22.144.71:443 | images.rbxcdn.com | tcp |
| GB | 2.22.144.71:443 | images.rbxcdn.com | tcp |
| GB | 2.22.144.71:443 | images.rbxcdn.com | tcp |
| GB | 2.22.144.71:443 | images.rbxcdn.com | tcp |
| GB | 2.22.144.71:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| NL | 18.239.83.98:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 127.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| GB | 2.18.27.92:443 | copilot.microsoft.com | tcp |
| US | 8.8.8.8:53 | studiostaticassetsprod.azureedge.net | udp |
| US | 13.107.246.64:443 | studiostaticassetsprod.azureedge.net | tcp |
| US | 13.107.246.64:443 | studiostaticassetsprod.azureedge.net | tcp |
| US | 8.8.8.8:53 | 92.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| GB | 2.18.27.92:443 | copilot.microsoft.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 20.42.65.88:443 | browser.events.data.microsoft.com | tcp |
| US | 20.42.65.88:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 88.65.42.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4c76084ef5a62345ea5fe42f496230ce |
| SHA1 | ab677a8684211939ded110b61dcecd68d3e0b606 |
| SHA256 | 1db95ee6e5eb9737bfb6df17177540cd05454c27f4fd73c916c39f690f749c76 |
| SHA512 | d0c3578750ae89785645d31a931c598c8dba7035a17b6fb9bcd3ceb76a69c8dcb4b23ecc89ed85be30599382db72d167bf91313ec44b59778247537e14cba66b |
\??\pipe\LOCAL\crashpad_724_NTKRKUICHMFNAIYI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 37d04af7fe040412c05f24f2c6cd8f2f |
| SHA1 | 2443f06f4525f3d766514f122857ecc74fc2941a |
| SHA256 | 1ab5a5199a050f7d642f1d2793d42657778c954a3fc31a799cdae6b5439cf725 |
| SHA512 | b3449a38062566d668b5823876a48762e67959723fd1ee37168f58d150269e25300e43342611a72052b956a2602c44ca3ceb452eed1a4ab12b5f752461e32555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1b2a0799-396e-4cfd-9bb7-5c33731ed2f8.tmp
| MD5 | 38e70f33ba7e2c1eabfc0c693c4f9f83 |
| SHA1 | 179543ed7ab797d6d01d4f0cd58af50cd7b5d8c8 |
| SHA256 | ae27cccd09235636ac3f2cad53d24a9eaccdc849dd9323b554fa166836b39903 |
| SHA512 | 417d87ff889fa5e4cc6bd3b0544782f5e5a4237671ae665a46e8388f5ce71e4941633530ea36ddece8d40f785cda83344a83c9cf06d85ebb21a4cb083fd2d867 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3291d1acb84698415a50a4419b1cf3fa |
| SHA1 | 17730a20768a9d4c1cc6afc0e7f7b3cc4bc058f6 |
| SHA256 | 44d9e3dcd34919f0415760bc2281b01e74fa21b4fd6ef92ef43f83e4c5949c6e |
| SHA512 | 1d9c3770db2cd0f5c2777fb1f7537e46e1d68e88482c17654167b85d998323f4359f7a61b032f1f62e27b924fdb8430697763627baada55d4bb03df5f4361ae9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 90a4c64907eb4924d4ad80a0e7de6419 |
| SHA1 | ad2ce7621b1a1c44a70a4e34ec2b8b61da50dcb8 |
| SHA256 | 5992d52a80b95fca570a217d5f4dc6bcb8b51914694f67aacf3c2fd355f2ab06 |
| SHA512 | 2c5daf990ca89856f9cec5f3480db25cc6acc278575930f54b52ae351bed2cf8106475052ed2784cf906783f2572fbcc317483e53bc24992226041f09a7044f3 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ea968ba40d20bf1d774403e43156959b |
| SHA1 | 8deaa1b5eeea81a57db50c9b56340354258e7eb2 |
| SHA256 | ebc293a4505f96ca605370085abc22cf30eb2f96adf13a1e576ec06bf5329857 |
| SHA512 | e29087359db08526935e4539e7c15c7b2a0abeafe62839f141ed5d85e3c41ac31e1191b517fa1df8b9ec059af96e4ee31f417ea0987a4fe91699d70be03993c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57db3d.TMP
| MD5 | 1de7339abb7d762abc5a5200fca3a5df |
| SHA1 | 79e8dbaf9be54e010f4f8290fa1de4957cf60513 |
| SHA256 | aa937a6b0b287c0c721e567ceabf1d95120e97d030c416d3c2349ff3c15ec0fc |
| SHA512 | a99476e546f617c97cd683cdc78a256bd8474846999ee617a90196b1c6900e3b5fd706c3411829e9f1ee2d182366ac69af363163cbb2b0cf62e11c0bbe100281 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a395ff28a419c26abd0d11747475a98e |
| SHA1 | 2dfa1e694b9eba8aae4cfe4799c655c9d629d485 |
| SHA256 | 8fab4ef5f94dceba09e5f6804fa278bbb5f1b6bd3fb7d886f4db7f667bf5bc57 |
| SHA512 | 1f5d199a3eb9a33c7763236035bf3db12314b363660163f5324420af7150efa7f120a14dde71edc080d77c2f1276f15cedb743026e50c0d9cd8cd5c2d7441c4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c3a9f4247e48422b8a0f3cd37591ca4e |
| SHA1 | 1d191124412b56475ca6848154cf5777230c5509 |
| SHA256 | 7c7581a8599c48832112599fcf4c4467aa0cade0454164de0d88d16889487b21 |
| SHA512 | 0421498a561507ad14e27eb51d1c60e4f8204672dc781c8a236c80a923627129ce0e83caef5fb12809e707197c7cab1015f813bc6e943e55ab3f6c8dd95b5766 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 952bbdeea997520992e403c6dcb0fc73 |
| SHA1 | 44b0dd24c25bac3e58545ffce1493df5f8b67433 |
| SHA256 | 0a4a4308b55ee849564bbb453583958f0e73c3e74c1542feb675fe46dace8689 |
| SHA512 | 150c9fa30e5887ad1c5d626742b955973ca759798916d3cda0e3d12f2333f19fade2de1d193894c29a562f754f3de6958ff05c6fa43a0a77557d9cc5ec500384 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4ecc6962ed7248057f3fcae7f1325417 |
| SHA1 | fbba8c355f5f3da1fbd55a3ba5dba5ebdd8c57c6 |
| SHA256 | f5d9b64a303040bab6b98e545eb90d2bb39a3fe04429c5239ed8f5268492d525 |
| SHA512 | b2237fb90965b0cb3f54067b453f9efc701e005e6ef1795a7dd9a74ceb121e085b03e10a8a9f15ede2251a1c3d469d8bb37786056e31ceffd8f815ace347e92d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 2e75d72ab7e620b3ae3193ee977bba6c |
| SHA1 | 74a10a224e973c535bd7e90439280a8a92a6c5db |
| SHA256 | 6c740d43db977dfd1820d14059935191fd1fa7a82a186887e3ede70d71b3877c |
| SHA512 | 0d592fad5bfceaedc45406764ad9da38626794d9460d5f08a6c48ec1e86cbd2496a0aa9937cb2ce9d3e6f3fc3353dce30fcf76a485ab3a67a9efc1b7a7816b27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cc4b63bc571493ba7a7aa63f2225a0ff |
| SHA1 | c4392bf00a29dccaf926e7054bfe4d34686e1662 |
| SHA256 | 0ede4aa688832c234435b40745ff3e8883922a5a7acc029b709ed9325cf5f691 |
| SHA512 | d82d470020adc4e7ebc315a464615de8f3a09029a56d7d156228e89b6eaedadc384484c3b4c1bb0f2aab322e4e995d6ffa8a54054667fb1ca7c4ea536d9cf2ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ba6323f9bf4e9a7e22a1a829629e30f5 |
| SHA1 | b5b98f9b58d2b75407dd8ff57cf4ca113e29529a |
| SHA256 | 0a928036cac1134a02cb8fed1df2d7e97228f997bded31da3215bdc33bce62b1 |
| SHA512 | 5f8f0e6c852d1c390b48c0ee5b98538e49f86c253093c909416f729922e25ca3ccfbedfb00aef6441285575ffd3b69b46c6cc0d74aaa1fd81583c5a198dc0b0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d814b200a4fef0e02ad7c5056af544b6 |
| SHA1 | a2bd58046a4708b81065f6fe975e9f451a202383 |
| SHA256 | 8dc4ed87fb8e475d278e790b6e2ab0586173991515cbec6920c29ce93f7a02d3 |
| SHA512 | 5defecd7401d650db8cb5204e58d09c133a98349aa6ad0ed998a810deba78b7c36c49d84a9172b7b534d49b2a87e2bbeb20db5e47c0a7ed60ce30ebad1b73f7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5ed8089b21c06e1a8d50643864926d1c |
| SHA1 | 2cf434771f6b7d7e1706374daf1114d92670f978 |
| SHA256 | 844bc886a015b3a490d29e02ede9657520321e8eb678f8f803157d61536e27f5 |
| SHA512 | f52735c9a282ba6fb96c17a1f60fca902069cb5e2363cedfc46240c4c614469d6f6ce394a031994d2af16539eb619decd80f962cf6be0430c881ca311bdacd5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2565c469a26ff6b123b1094c7f25c3f7 |
| SHA1 | c3e3ccb22ff1007dd67a454e7661cfb9e5643771 |
| SHA256 | d29705f630039b8861fe8cb4f230abbacd57566bf9da65c96ee9c844797da13b |
| SHA512 | 6f35dce4d5546d43c1ba113b705aa134d8f8af3e4a24da259b84b33a5aeb6dcb144724855d20c04c254221333d87082e195cad43c552b5a30bca7089bd1cbd6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 08e87b15e4445cbd46b2a788a740a124 |
| SHA1 | 3970b486a4ddb7e384723f5c5325dda0149cbd95 |
| SHA256 | 7f2a43c03d920a3cab20949d4242bb773c0787b7a0aaf5a5cb3c7780978dcebd |
| SHA512 | f2d22417a8a460831da039df4f234f1519ac71c0b0ed0d04673c442e0e58034e76c33efca0b9c9ea8103f511654931d2ab1576090272aa76d2243f97de26f0ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 91e1d5ba0095f90e3a2c0643b45352c6 |
| SHA1 | bd7615e559fe3bcc3fc0958a7eafa42504f836e7 |
| SHA256 | 1aa49b45a3615e1b248100774198986a54c2475ba4217bc84712856ebf140926 |
| SHA512 | 0ca994c96f0d965c9fbdc4a8cfbf6cb6af767103d13f1304611118a53067ad58cfc28bccd8996e6555598326bee2b83ec5d00e4dd3ef12b01ddd63358bf66d74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 91e6d88947864595191497bd1142cdb0 |
| SHA1 | 1d60e91a816b5745b24280e60397feae7d3bb239 |
| SHA256 | 27b44640471f74576591c7825f0090056ffe35992bb52ff57e41ae402aba4481 |
| SHA512 | 5ffbd621bfe141fc8b578f14fe87473e17eae3d84931b33f57affbfe4d275a088433e4957288a9ec362cc016fcf423606c31c69aacdb6f44a2fff7d123bb6371 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032
| MD5 | 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5 |
| SHA1 | 6dd8803e59949c985d6a9df2f26c833041a5178c |
| SHA256 | af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725 |
| SHA512 | b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
| MD5 | 3b06aa689e8bf1aed00d923a55cfdd49 |
| SHA1 | ca186701396ba24d747438e6de95397ed5014361 |
| SHA256 | cd1569510154d7fa83732ccf69e41e833421f4e5ec7f70a5353ad07940ec445c |
| SHA512 | 0422b94ec68439a172281605264dede7b987804b3acfdeeb86ca7b12249e0bd90e8e625f9549a9635165034b089d59861260bedf7676f9fa68c5b332123035ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033
| MD5 | 226541550a51911c375216f718493f65 |
| SHA1 | f6e608468401f9384cabdef45ca19e2afacc84bd |
| SHA256 | caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5 |
| SHA512 | 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | c813a1b87f1651d642cdcad5fca7a7d8 |
| SHA1 | 0e6628997674a7dfbeb321b59a6e829d0c2f4478 |
| SHA256 | df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3 |
| SHA512 | af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 22f1594c033dc374ca5938845307db59 |
| SHA1 | f6bb37c5c719150dcb24550bc8b7e10c40b716a1 |
| SHA256 | 40551c539d843868a2b53a459d587c2c401c2cf9fadfd1b387549a69f408a83a |
| SHA512 | f7700bec3de3dfd839aec01a6dc113e2de501c4d61e0ca2ba677631f55dc4a16441be8cc522f716fab20814546be82c600be1de152c4364dcd81c98facd30922 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a4f9321e43d9187dda19da24971a1c63 |
| SHA1 | 6e4808523214975207842134bdda7b74105255b5 |
| SHA256 | 4b58fde3dd68a4e965468cddebf97e7963c1d68a080620e6aa3adf639e4d5d8f |
| SHA512 | 4dd422f9453febb4570eb363abc07f47c6518783dd0f7517eb4f4b57ac7bef4f1da3719e0a3648cdfcc4b6d09d2af2f08dee7b7ab7753955b525beaa7ab994b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 603b034ed1044c7001c58bcdb036dd71 |
| SHA1 | f7560b252879d1e782c93c79aa2941e4358547fa |
| SHA256 | 33709577dd283b90dc09c82c95b6a51e303c2a13c38d3786ba25e97c497445aa |
| SHA512 | ab815fafd5118747f30307e124663f7a47de518433e609ab2f57a395780d78c9a72ad1cd3ee855bef0b1fd03012cbed75e9c73a4ccd4cad5929cf5cfd123f6f6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | cb258dc8caf21e418cd29bb98ffdfab5 |
| SHA1 | 6e8da3cd83b5d2823cae5d09a59549a9c7f83ca2 |
| SHA256 | 026121e2837fa34a1e700450c6ed411167b33809834d9c25c19290b7afec41dd |
| SHA512 | 7764edc256a83a408e55c688c99e561ca275c956f1feddbc5a33b33b4c81d940fcba7dd25c001c5d0a8cb976727a316544a692861429ef70db5b8c3c7676d311 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9ed03f543925299edd5b65e74a04b074 |
| SHA1 | 5a74b02c6eab29a906d38c5ef1c3901d1d78a8c6 |
| SHA256 | f511865566abf71ff5c7796ccf943cd41d8c698105c02a3058580106efddc66a |
| SHA512 | 5969903aeb1099dceab44062736ee7e0972b4d9d435032c9b325f6ac820088990e7e854631cd95ef9b5d2bad62649dbcabd8b89c7eb40db182a43d183a4dba35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e7ed55f87d2facdd93c0083b4ef5cfe2 |
| SHA1 | a9b13e520d55ef9ad2dbdc6144c42d57dcc5dabf |
| SHA256 | 7b2b60c9e5d9f15ad0f6e52c27c3c5df10c103de561ead8e540797fa1a007896 |
| SHA512 | 5238bfd121c3d22c265c11ed7e634b9b46d50aaf56c408931aff27a75007e496108b253380c74c2f0c9563dfe2120df39466ddb3c521d7b9377bac11e6cef322 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d2661fb6cc368285738429311ba18f5a |
| SHA1 | cca64fe858cfb42cfbc69b0ab0a5c35985a27ec3 |
| SHA256 | 085a67243859ff8ad68dec6a754dddcbd9652e1c4c39a1ee5e9e1941d03be102 |
| SHA512 | 545cb296ba94a8d1d91ca3307f071e7547a93beeca5cc736fe361d3e19ab74648b5aabd2ecff4a625edf16d90f23c0d99af9e6714ef05034d0d4d6a340fdf250 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d0a0ef435b92ed9c6a0ce7856ec95337 |
| SHA1 | af82664234e6441b142347b3726eec6fc3054b04 |
| SHA256 | a8c7caeb60d5b13f392fe60cf77371964041e3d3340c2455fdb14d665448b074 |
| SHA512 | a8454be90ab8eb3a0b9a8b0cb94c7551f858355c0dfb9d5cf78b29719efaedb99b60847cb5343d9488d160f9b5f03465004f1c1416f9fed43c3cce0371805f2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bd041f5c2fb1b3ad2de869ee7bf55241 |
| SHA1 | 2b0086aa24845369586f9785b5f454b04f675571 |
| SHA256 | 0a27803eebe4b8d234d2bf4bf2686e215421a36f1fe6627281dd92597396fadc |
| SHA512 | fee45609f80fb20357e85abb5f3e8f37e62e20aa1983fb163513d07c934125cca2f118c5991b21fadecbc9190cb9c72f04aa25c70b50f723f7dc3a7555489106 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 13b909f439ac4bc6fe4a8b10b4b75bc8 |
| SHA1 | 0fd0476e59e65b9d17bb7f55c8174061259a19ca |
| SHA256 | 11b51565d4e2935f5302725ea462862a73f6f69c884510e831716f1657581e0c |
| SHA512 | e47af38a4b8a107740d0db5e1968cfbb7f53d02ceb4287b199ccd4d3432e30edd9138077d5896d2f22734738fbaf72b29737a6873f391b5615e142230dd122d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 53509de57e9be428d500462c215b03e6 |
| SHA1 | 300dd8d5af51e4f45638ffc0fcceac61d743fc74 |
| SHA256 | 88134613cf5ba3fcadad79cc896d5f199e368a3139c1dbe22de690483acb848d |
| SHA512 | 79d325f6cd004e691dd7f7e6a74f2d74e3d0f4732c1ab3707f86ce53f49cba42a832ee21faab83d562d6cd01c37b6abba2c5660bab57a568d5fdba6a55eca8ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 76e47dd06539b4ae48be2cb2e0bfdd38 |
| SHA1 | 5abc793d854f26ea4bda6213dfb0b25e7056bd8b |
| SHA256 | 9f0c2d02633cbd642501c2a5853efd74ce20c34172fe5ea9fa79a768f4469aa2 |
| SHA512 | e29ebc185a71068531a4a8e423e03dcdadf4861c913e64cdb0dbf4b081718fcdc03fdfc5093fdb060239fc7e8f62901af56efd841ff6f41a5bb0b302e5423f90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aa18521740fa70e76cbd2f2b8ce2e5a7 |
| SHA1 | 57ec8ec40f98ae9bf3a4d88bc9446099be380ebf |
| SHA256 | dda265d9e6add36573fa8d39071b04844937ec75c07bd952e0dd6379d9c8085a |
| SHA512 | f4ce40898612591cb85ad6f18e034e613a14bb048da436443e9251946794ba2f069f7f71ba052fae168c63af91603021506635f7bc088148ba9e697829bc4a19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7380d0ca8f91cee39308521352f7bfda |
| SHA1 | 22823678dcfbb5dd825d52ec7d9461328f254278 |
| SHA256 | b6ba68f8b522097f5c5b60bfeb1a910ff79de2afe1a88f52264085a7576f6d09 |
| SHA512 | d833e5dc6e3462fd59b71fd794b67ebf051ee910bb09aea920130b1f133f257f2fb0ee9335b0695658f6dfb2e7002a93f4ad6ccc0001f60a5e7b1272b9c7e90d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 610d431fd8deb36395a4e04571cc58c3 |
| SHA1 | cd905173fcf01b24d4e255a4d6ea2ec72707cb79 |
| SHA256 | 7bf8f030c98107fcae9a78c41e248692cda2cc76eb126aaefe361ce66c31548c |
| SHA512 | 05d68e44a34fdc009c9b335fa71d16456f8d17a0bbf2d9152df6476632b1c1244bd83849ac76e4a80945cf5054dc336a0073ad6a06c2da6b03e624b7a786b14f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6a336413498592696969ecaca6dc3b6c |
| SHA1 | 87d8811879e5a71debc93d24e33e320c1d6a20c1 |
| SHA256 | 8ec9d102bb374017bbb87afebd4dd6af9288472b811f0817a7434aca6f0d0bbd |
| SHA512 | 12323cc522e613119d8373dc4d72404d9edba4e3e5df040ef15d2bf55e99bad266c8a3fbc409f54e73a781aa8d9f86ee396ae5181169d3554cc575594c89dd50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4d6f443ac711bc474e8bb20de57bb473 |
| SHA1 | ba77a5a04abdf87b9433511ba99427f7f4a3c6e8 |
| SHA256 | fcc084fe7f03ace7c8666d306aa2381dab6a093ddfce5f5c7720bdd414e44fbf |
| SHA512 | 29156bf442b628198f6df3bd08af3364fdb807a5633b1711ff064ee9d6e19bebc46a9eadb6f9f14500ab8fe15b25e1467371d91455546315b95c29f803add614 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 77cdbfd89aea9519768265f43f8de19a |
| SHA1 | c95d9696267ba8c6161e82b633e6d31472377f67 |
| SHA256 | 8e1e8a8a05896005d0bb26cf0b843b88db29b7b9da10733cbe534239b28591a5 |
| SHA512 | 39a74d2e5fd9977753a3491ada1d4da056f3f304203139a1be5467fe8d84a1d8ef652e08c4d1e4a404a2758a83bd647231b5f3a1202d0e17ca44c2f2ae443c70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 34cc1d130acabc28069a73f1067aaf3e |
| SHA1 | fe0f74eca635bb20a3987654b26df34477c87ecb |
| SHA256 | f616e5a68c02ce77b88dfaf05496b5d47da4e809b91d7b0ef656949f456e780a |
| SHA512 | e3d6200c93be817c5f1a71ff365c1c9057b8843caae26c25666c084e246d60e29d8516e2025622a2671db7098ab9c49a031b3c099f61f23d57ff29af47df6836 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f724dd150be669de8cafb54ce59b16e7 |
| SHA1 | 9e461f14d4f9886b3b72a79bd792332e8f3d7425 |
| SHA256 | 229f8bc4ebd082645697e6e3a7ad5f4ac245180ec2a9570b45c267458b16dbd5 |
| SHA512 | 29c472275813639a3504b6c11462a2ea9360dfeea65233d6182edcf2b55dcadf5ca2ceebe4bee046d0f9f312ed99df3f848f6e5b9385a8ff52bb18de58ffd7bf |