Malware Analysis Report

2025-03-14 21:46

Sample ID 250203-wgy3waznfl
Target http://lablancer.com
Tags
google discovery phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file http://lablancer.com was found to be: Known bad.

Malicious Activity Summary

google discovery phishing

Detected google phishing page

Browser Information Discovery

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-02-03 17:54

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-02-03 17:54

Reported

2025-02-03 17:57

Platform

win11-20241023-en

Max time kernel

136s

Max time network

142s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://lablancer.com

Signatures

Detected google phishing page

phishing google
Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2328 wrote to memory of 4592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 3220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://lablancer.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc89f83cb8,0x7ffc89f83cc8,0x7ffc89f83cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1888 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2552 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4616 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4804 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4788 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x00000000000004DC

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6132 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6704 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6440 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,12362122217492305424,13920197753592926580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 lablancer.com udp
US 104.21.64.1:80 www.lablancer.com tcp
US 104.21.64.1:80 www.lablancer.com tcp
US 104.21.64.1:443 www.lablancer.com tcp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 51.140.244.186:443 nav.smartscreen.microsoft.com tcp
GB 51.140.244.186:443 nav.smartscreen.microsoft.com tcp
GB 51.140.244.186:443 nav.smartscreen.microsoft.com tcp
GB 51.140.244.186:443 nav.smartscreen.microsoft.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
N/A 224.0.0.251:5353 udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 51.140.244.186:443 nav.smartscreen.microsoft.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
NL 23.109.170.134:443 jifflebreasts.com tcp
US 104.21.64.1:443 www.lablancer.com tcp
US 142.251.173.84:443 accounts.google.com tcp
DE 216.58.212.142:443 www.youtube.com tcp
DE 216.58.212.142:443 www.youtube.com tcp
DE 216.58.212.142:443 www.youtube.com udp
US 172.67.141.38:443 gwopboyded.com tcp
DE 216.58.212.142:443 www.youtube.com udp
DE 142.250.185.110:443 play.google.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 7bed1eca5620a49f52232fd55246d09a
SHA1 e429d9d401099a1917a6fb31ab2cf65fcee22030
SHA256 49c484f08c5e22ee6bec6d23681b26b0426ee37b54020f823a2908ab7d0d805e
SHA512 afc8f0b5b95d593f863ad32186d1af4ca333710bcfba86416800e79528616e7b15f8813a20c2cfa9d13688c151bf8c85db454a9eb5c956d6e49db84b4b222ee8

\??\pipe\LOCAL\crashpad_2328_OXNSVRONDHPIPHMT

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 5431d6602455a6db6e087223dd47f600
SHA1 27255756dfecd4e0afe4f1185e7708a3d07dea6e
SHA256 7502d9453168c86631fb40ec90567bf80404615d387afc7ec2beb7a075bcc763
SHA512 868f6dcf32ef80459f3ea122b0d2c79191193b5885c86934a97bfec7e64250e10c23e4d00f34c6c2387a04a15f3f266af96e571bbe37077fb374d6d30f35b829

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1e587275b3741d72cd156a0723aadaad
SHA1 c93c7fd07b30aeb366d020e5c6129f51ef910c38
SHA256 97c109cd357d9cbdc9018aa9abe4d4ec7afcd5cc00e3289d5ecc1eb2cfd6e335
SHA512 159cfc11153c039b28c0d83ac570510c9bea63710dc58c7a2687921a49d3503df0af3ae215b78f1343250698dad907a77820db342b30b3d582801ee9013013d5

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5cce297bd4bc418e4e7a2d4554efe9f2
SHA1 bf96c08dd84dcffecb65df91660ed100fd87d72e
SHA256 62b2107958a45719d02a889dece226aa3dd79aaa6c4036daca6de21bad7d79dc
SHA512 4217873828a3cb43bd60a07af99354108e53730771edb28e6d0288446c09606cc9b4f7bd67703c54f359f736eda6772898c38ba3e3fc739901429bd0236e6bb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 04f615e8f8d5a766a46c646fb5abb196
SHA1 882cde2c86915c0461a6e8af3f9eafb64ffa5bb1
SHA256 0c2d20de92e7a40be918ae7fbb97f012cdac12c5ae01e890dcd421f37e29e47b
SHA512 326600aab7a02dd8182efecf73a5deb85654f7bbb448783513e3bbe59e4075aead8d1a5a711c39eee4884b49317ec482de464b1c7faa537c4c662934e0f684fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ffc7143b0a034cc981bbd1480ce8fdbc
SHA1 a66fe5e98cab7a19a6c886f9464f875f2c7e089d
SHA256 25a5bda7fbe5e6719d1359743a654c5d396c43012b0259267fa203a22f8d973d
SHA512 0a139380934b5eb23c15bb49567c0edefa372de8360e8692812bc895025042e6e3619d0a4fc369ceda87d0323cdd21d9dd708fb8ab5344c1dc8654ff0c82ea22

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ca41b64a6fbfd533dc267671d8969c22
SHA1 f83990c1362cc707b1dcec188f1d14364ffbf681
SHA256 1be1d84265ac3ab1de11b01673abec56ce5d1d7e58b2c7e308fb7d9f0bcff7e4
SHA512 fe56ffcd0cad954415d176741d1f53740647569a4520fd479fb487edcb5f9eb3eae8fb7f7cf801b391e80ac9ec005ce844f4a17db5734798908802803bbb60a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fb297afbc329472bbba153f494cff476
SHA1 fe1f606cfa69c0a715a3b1d6a75c38e08f9ae26a
SHA256 8d7a27b9168e7ca3c57a2e5da64428d914519bfb88b42ab8884b2cc5c5a958d1
SHA512 564984372c457b0940abad9e2cadc1aaa5f565e16b466b6b0450d93c30954006f6da539db396cf3078c08cee956f216a0522727701720c3023469c5709d22f90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5834c7.TMP

MD5 c3711144a9c6d42d16a09c093826f98e
SHA1 4432cb6b827c02f5e77763c7940d19939a7378d4
SHA256 26630cd1aab3a0a4727e591216fc8987105961af92826adf5dc38ff2bd7ad5f8
SHA512 b1a8329ded037d55f216d98cc06545d1ae505fdfc443bbc7b3e9a1ca1112152e77e0a8bd156be7fa9a3fec071b8e2ce408dcb4c00a3acd0ea0ab03951b36c4e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3ad809d2a5dfb0d40ccb4dab3929306dceacc9eb\index.txt

MD5 4ee6b8435645cccac5234ed5163ebcca
SHA1 9adec8821713050c5c88277e8807d82cf905fd66
SHA256 d4947e6b0e9c51e7097a006a899c2d5334d6dbf37e0db4868a1d14fa52da952e
SHA512 8f1881ecc20e6c04e3148803c52bd1077483b473dfa9080a92e2b735a66756ec9308f37f68cc72088e9a5674dccf416051bbfb20febf0e0317f744aefacf8d6b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3ad809d2a5dfb0d40ccb4dab3929306dceacc9eb\index.txt~RFe5846d8.TMP

MD5 458344b055ea1289f28261f4b2878b7f
SHA1 f2a85f0916dcbec18f2ee0181a46e82c7d9bbd0b
SHA256 209c6dc9e02ae8c7eb6133f3035332e7a1bd6708fd6e11db86850d056cd8f22b
SHA512 ac4daf13fa7735c2516e2aaf8354e6aa34779d8370a02f1b0e164fa5371cb45d699212b26b5eadbfe35a88c3b1cc4464c12fdc214dd3f911c9d279b9d5948576

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3ad809d2a5dfb0d40ccb4dab3929306dceacc9eb\index.txt

MD5 fc0d2dc8994b04a63e71dac9554f140a
SHA1 0e8b2026a793e7f59abdffeadbafd0012b1ad8f3
SHA256 0c80325eb13b64d9b8fefb0fcc9e01ffce416a89dfa40f2586adca679447a39d
SHA512 89719dd07571d81962ec3b36b244318dd69f9297d54a8663ed55bf3c929ceb891fec01d426be899311b023d1e8f972f79785d7ce321c79877ae52590da2005d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 411902761ce02ed757e6bc66e6a84be7
SHA1 350bc198b40570b5a3202f4b751c3ae82356a8b2
SHA256 2b280eed72f5631b17cb2ad188b9eba35d033664ada77b0ea33dd1edd4d69aa0
SHA512 c43e94e1d577cb0fe3dffb33498b65e6dc6efbc31e779633076d6377ca6d6bdc93e646afae644b9892bae745445960bfe2110a60dcec755a430a936f5eba688e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 608bb581a1100bffc88983fbc9544cf8
SHA1 edf556fe822d3e4c80d3b4bffc6eb11bc41a62a6
SHA256 066a5af39511d6babfe535e9dbec23abb4fa1002a24081888bd1cc36ad59aeb6
SHA512 700fef8ddf76c627b463bb5659b5760cfdfbe70b78d92a0f3542857ddac98cc409ab36d604db4d00e139d69de4fc31813e8e63d38f0af3d698955f593cd5e61b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 42a9f29d6860d2da14c153f7f68466c6
SHA1 97fe3598fbcb85ad8d279f48868385e403c3076a
SHA256 35257c0d458827c120fa68e5da4e4ca286dc839abf404f7801a5723c4ccb8045
SHA512 2e3ff7834ac455a0547fc560c28c1cabd24ba3df9182484e8fac2d88f0ba08167848f7845238d86ce5ed9f0c110504db3a256fc5567c18370af9b4a84f8aed52

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f157dc9a235472a7648645d28030b36e
SHA1 0a0a728cc559b90f492ec690d77afcd5842567a2
SHA256 6b0e7b5dae12808c6c628ee155f8ababb6ec23354f6138ab5dbe7fa12b11cf42
SHA512 d20e2b85c9d8aff834496564934bba0d2f88fca885f1181157f5a96cf86d85531cd74e398e130b0aaba4592195e0056449e4763ae4419d075cc046d0a974b951

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4b600c47aff5029c0e90cb058d1d8ba9
SHA1 ced3a28b72490f08f4bf13186028305f405b381c
SHA256 36e8d45603982e2cacc532e4a68aa1e9e8884398e66f372c16eda295aa6c0bef
SHA512 56f0c0ab1a54816b495aa99ff8a4dec88ab5d4cbb99aec9bb6ddc35ed977a63f73a36051f2d4e6699d4d3cd2ddc7376b50b7acaa8afcc6ac54cba59cb13db9b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3ad809d2a5dfb0d40ccb4dab3929306dceacc9eb\ce8f8a2f-1229-4704-b97a-3fd4ff844af4\index-dir\the-real-index

MD5 3f00adfd389e35442adaac6c27242aac
SHA1 5e07d632b171c4c0228c6e0615441d479c2e1561
SHA256 13a85cc4713f1e50c94d2e062656ca1664917ec9606feee94f78b9829499b42f
SHA512 6f1914402fb20120cb330fab01bcaaf939389fd1829b399a76f17842bd64e65244f651a6f97585d269704acc1839acdd783817bd116e66e99632209344ffa5e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3ad809d2a5dfb0d40ccb4dab3929306dceacc9eb\ce8f8a2f-1229-4704-b97a-3fd4ff844af4\index-dir\the-real-index~RFe589e2f.TMP

MD5 dd83b31af38db8e724d5bb1444c3431a
SHA1 cf64eb9b72f9b76b6e506ec084f79fcdd73f6225
SHA256 fdd844e6a9306372232e4abfd5036174d06178d57f7c8e576205a7d2d684a9b6
SHA512 a579788e94930f0c0ce705a2c52ab375217fc2feae794271a3ae26b8b980950c14d166b40f462ce20d86eb6ec20d1a9aa39b7397b43a052c660fe2d7289c9a4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3ad809d2a5dfb0d40ccb4dab3929306dceacc9eb\index.txt

MD5 6e502f339de54678886b9ea7ec394676
SHA1 4b78e3b6c03dbe39183a6fe09e4ef99acbac965c
SHA256 0308a5482f9b77d131646bb1dd748f5b4dd3374541b97d82dc469dafb4455dbb
SHA512 595c8aab1fa2003c7bb4f4690efcb592a148cc1a62a921905b896105d93a851b5b19536dc438c4841b6526a7006bf6653dc4726c69280db9c9a9ec6ff67bf754

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Platform Notifications\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3ad809d2a5dfb0d40ccb4dab3929306dceacc9eb\index.txt

MD5 26048ee115b75c450a1e274bea367539
SHA1 9c6b22b1ca2f2c153043583671c57d0ee4545040
SHA256 92811cc8e7d99b0e54accafe5c24c5eb7b399b31f5e7b4648ac422d54f6fa4c1
SHA512 0ec0e4d838231758235142d747b96347b414e83ec2d247c9eae62e8eaafe77e7907517851963074c83b891b9b542d999ee05cc1059b13950ef1f01765eb4df7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3ad809d2a5dfb0d40ccb4dab3929306dceacc9eb\86bfbaee-766c-4690-9a3b-098a17a8409f\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 429ad8239a955eed7282b16bde34c5cf
SHA1 459a7fe487e39a36050969895feb69b618e39df2
SHA256 111b9b04cce2d055a257a5b51240f0205fc578501a7a73a928948ae43a22571b
SHA512 0c11cad0799751dbaf85c62a9687785a73bb0ee929e6499394648bc7723b6ec97ebd0e09658fca7bb5a6d542c317714cc283084e642ee4670bc15634b7d8f2df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 caaafb61d42f21fb48e7704b3e3b10bc
SHA1 c31b769d1ca5d0a3b8fd825f2a84a6706bde446d
SHA256 b94347e880825bc2b4c8c7841c7c4eadc10a33adf8f025add6ed48cfe2377b44
SHA512 1401969add84fc72b7942c6a2d0bc804f912f57a48aa7975669e3a8d55130df794055df2dd75e2ebe5af1dcc3df924f7644420fba4a3c77dd0227a03db7346a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c721e81b3996875a56608451cb275f7f
SHA1 eddbcd531c3c6b6619d2440d47184059f4bd2f77
SHA256 11f98d8cf4dffb2097c721f6d997ec97dcf79af8b0861890c6b123da33d1e9f9
SHA512 52a244d6835d94979ec03786fa1a5542fd8d04bed51c3a21c2e0fac200f61c5116f3592e2b7e3f353567e26ee9b06312c77ed1e477d1d9c5d92c01e4561d6b24

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2e1ee8844f96f2441fd3624f4edb399c
SHA1 f99b29d009108b4d7c4fa473ffbfea22cb9db037
SHA256 d99e57b9c863ea09efdacc0fd69f86ac761eb0162d2589cd7b447abe6b33043d
SHA512 f92cdd0a0acb73572a4fbb4a8401531bddd938835fa0e98334f83c7614b7056f8e25345cca3f4272f0e71148cb23ae9dd395a66df51f065f5d6c18b22e4d238e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 e036113357ce3bd588ec25df21432958
SHA1 dfeb1477f598a77e8bf5e753dcfa36bb20335d6f
SHA256 ae1053d1ac4ae4dd53b1577fcaa474b1de399dcdca8be67fbc04e4f39f01025c
SHA512 e1f280d325ca7c8d5ef5fcf9d4cecd4e9cb7f9775becae1dd4c204474a0820cb6744a246c4347095ec7718804c6bcf836b86004d959c829f595a7662f1ee87fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58f112.TMP

MD5 b5b3e35ae9ecf1dd7997c7abce8836c6
SHA1 9c9fe3d197ddd339fb166de77f45c29ccd87a6d0
SHA256 b37e0164b67751dfb5ed272d2e22be76c710df04a7da0791c1dc4755844fc8fc
SHA512 ad896d5471a8fcc6c3924a8138c5ab8a77aef853a1441c1e55ae85a7f7bd256510be8e068740a77a35d410f2f739241f1d0963cd9880e354c66cf713fb598beb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b0d7aad72bcff38d07db9c6f2803aae4
SHA1 2b5eb2c92f909567abd4fe0e56af296a99017570
SHA256 4de3167bb70cd7ecd7867059cbc2ce8b019485a18798c0f2cc26e8b1605b3119
SHA512 e44f719c8cdb51b7f19aefa81547a53f8785f9edef11fe9e32defe2c066dc4ddc0d5d5808f51e5e7effef23e0507e0cf449f0bde5199f507c38552634227ab74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 15c0a04553f500e2ea1b0d772418ed6f
SHA1 0984895ae59b49f86453309f4cf82c8f96eec668
SHA256 c02f9a51d06129c2e99badc9797520d6c8060f2218946ed6e9253be264c4a1d1
SHA512 b7c89643745c587e7d84e4ef9220828d26d1e38f164c9c2cfe7c4b35d9095691af9649a4dfc90e5048591da402048123db60e718d1526a0e1717bc665316579f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 47530e758baa811c7ad017bfb18ccf3f
SHA1 d320219ae9fd5bce3aba8b25ed51737fe020dfe0
SHA256 df9fa768ca34a2dd992e0d02266035725a82cdaf649ca1a64c7357e6feaa4d2f
SHA512 365781d9a51a02f47a426df3b31b173d67af52398892e469a46a57058d575b1f4f1fac17c8d237c671c96efb900416445451b2dc96f73be3c8a153ce8582855e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3ad809d2a5dfb0d40ccb4dab3929306dceacc9eb\ce8f8a2f-1229-4704-b97a-3fd4ff844af4\index-dir\the-real-index

MD5 7a159625dbd405c90b84bbc138cfc636
SHA1 41fbdb4ec1ccd3891b73bac9bb7d9ef8b3d555be
SHA256 9556511afc4f51f5d52804fd8a9c6c1133decd4b0938e9b53e33659e2785c7f9
SHA512 eda967d06e33ab0c4b08a53ffedb7494de1121e8083d0133e7abe3ef68d6c087b66119d9a303c95b0c04087981d635bb1269f7b7e42ac91ea2137629d6d55a59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3ad809d2a5dfb0d40ccb4dab3929306dceacc9eb\index.txt

MD5 467aa029fae9c289d74329b5b22a72d6
SHA1 405b5d42c19cb65e0330f8f006c0d4b8ab2ed2c7
SHA256 693d9d00c8a4cafcd18e99f9df189edf057f5d9d28766cafac601032984b61d7
SHA512 ae0a4de346c3bd114774c13fc50dc0f6a96431f4addf4a02b4bd80706bec64c2ef3b7edcfa964bf46b77b29dd5287e2df1efd6d86fc61d7c5f804536358d182a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1802274847dbb26788594980d7d957f9
SHA1 76509435d29976e5043a96917aa6922a065e00a4
SHA256 aee85ba321dd2bec4a44201a065a45a6948215b7ec0f496fdebe0542ccfb798a
SHA512 d0c1abe9b4fb7b9c5662d00b9824bcf7a9afb9d3354056073d029dc1cbe6af672e6f23fc3cea3d2474180f57eb38bedb00f1605d5891ffb8f915fef0fd146359

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d3391c8d59b8ed1ee6ca83fbe3be76af
SHA1 0dacb011282a3e50dbb57473317dba6d9619c041
SHA256 ee3c803a34a49209eb98a46c567880d0fb2724bb52561e2821c8d8ce9d4071c7
SHA512 be35360c2b1169128f91d007b2acd57039accc116619e6af828b722dbe371a4e8b2812976d2946c4e8efab3f957ee0c5a95b91a4d6084323232e08615579d546

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 154f2fc2c4bf19559c78b0272bd1c74c
SHA1 11e19af36bc9848f29f3068c8fa31fd39d169fa7
SHA256 93c2b5e11d5e6508bcb029b4105e8ab9489bdc355f02284675d9c82e974994dd
SHA512 2379ee5e808d6be9914e8b098a75138734183fee33dd48141763d388772a3c359462b4388795a13b87756f626d7e5460afb15655c88b095afcf69a4eb80db91d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 550d6a3102a8c9149210783c7672d5e0
SHA1 406cdd28ae53ed998f359ab43bd3b953573b21c2
SHA256 e0de35f7aea225658dd49a1b8fdaf53fc7ca898795bff3208db76235ba04a611
SHA512 dda72c4399fde3e1d0741a05bb890e8ff0e77aad07a69fe4a07e807e92a4b253d8b0660974da616b4c11a1048a68b48b93da5e326fae0a6fe8ce191d9c803b34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 778c51377c0c4055b36e9e4f79d3987f
SHA1 9e6ad6b262fead403a7855262d35da033cee694e
SHA256 230b50f06872fb4a976ebe5f7f11d8f54440a6242565741ea67fe98097b95ba0
SHA512 080ac13972a173c6d6c38da45ffe193e610c420cda5ff5dfc12997dc9e140cc52570bdd1b2ef5956bf34f64bef42e4e4ddfb2fe7df12c1371133db2a1fedb303

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 9164416c8b3804aa2cc20cc105583278
SHA1 9ad6886dbff8ce6fc3b66df4be11d6728c468017
SHA256 22fed7566cd45222a3f43f38f1c0ebc67c6c2a00e9ac7ae0cfd62b518910c207
SHA512 332a7c155b936080758ef8fc2ab03433e4a0dd02a8a741275d1e8e6dd49045e959a843663fb06278bf5c993be3b9e81c65bc5e4fc904019556edc76d06761038