Analysis Overview
SHA256
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Threat Level: Likely malicious
The file database was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Disables Task Manager via registry modification
Executes dropped EXE
Legitimate hosting services abused for malware hosting/C2
Sets desktop wallpaper using registry
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Browser Information Discovery
Modifies registry class
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
Enumerates system info in registry
Checks processor information in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-05-02 05:22
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-05-02 05:22
Reported
2025-05-02 05:24
Platform
win10v2004-20250410-en
Max time kernel
149s
Max time network
149s
Command Line
Signatures
Disables Task Manager via registry modification
Downloads MZ/PE file
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\$uckyLocker.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\$uckyLocker.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3027557611-1484967174-339164627-1000\Control Panel\Desktop\Wallpaper = "0" | C:\Users\Admin\Downloads\$uckyLocker.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3027557611-1484967174-339164627-1000\Control Panel\Desktop\Wallpaper = "0" | C:\Users\Admin\Downloads\$uckyLocker.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\offscreendocument_main.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1898077915\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1776532225\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1432382767\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\te\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\zh_HK\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\ml\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\pa\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\my\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\en_GB\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\gl\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_750176987\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\is\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\af\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\da\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\ru\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\128.png | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1886838597\crs.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1886838597\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\pt_BR\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\kk\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\bg\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\bn\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\en_CA\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\fr\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\no\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\km\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\et\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\lv\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\zu\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\be\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\sk\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\iw\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\de\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\hi\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\ko\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\pl\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\sw\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\offscreendocument.html | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\am\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_750176987\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_750176987\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1432382767\data.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1432382767\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1886838597\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\fil\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\es\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\ur\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\ms\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\gu\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\service_worker_bin_prod.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\page_embed_script.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1776532225\typosquatting_list.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\ja\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\id\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\it\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\zh_CN\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\pt_PT\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\si\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\ca\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5620_186181632\_locales\en\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\$uckyLocker.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\$uckyLocker.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133906369397141057" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3027557611-1484967174-339164627-1000\{1779876A-C3A0-4071-A2C3-AFC1F8A052A1} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\database.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x360,0x7ffd7575f208,0x7ffd7575f214,0x7ffd7575f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1912,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=2212 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2184,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1836,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=2428 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3432,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=3492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3440,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=3496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4812,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=5036 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4828,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=5028 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5684,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=5700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5684,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=5700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5728,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=5796 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5984,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=6116 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6132,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=6116 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --always-read-main-dll --field-trial-handle=6332,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=6352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=704,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=6460 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6436,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=6340 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6444,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=6504 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6456,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=6484 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --always-read-main-dll --field-trial-handle=6872,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=7016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --always-read-main-dll --field-trial-handle=6920,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=5940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6344,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=6480 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5268,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=6908 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --always-read-main-dll --field-trial-handle=6472,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6168,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=6236 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=5264,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=7204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --always-read-main-dll --field-trial-handle=6236,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=7312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7520,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=7316 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7352,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=7660 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=7804,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=7824 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7720,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=7856 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --always-read-main-dll --field-trial-handle=7768,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=7888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7656,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=7716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7364,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=7592 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8232,i,12769157043737619719,18132083250674574738,262144 --variations-seed-version --mojo-platform-channel-handle=8160 /prefetch:8
C:\Users\Admin\Downloads\$uckyLocker.exe
"C:\Users\Admin\Downloads\$uckyLocker.exe"
C:\Users\Admin\Downloads\$uckyLocker.exe
"C:\Users\Admin\Downloads\$uckyLocker.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:80 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 95.101.143.218:443 | copilot.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 88.221.135.25:443 | www.bing.com | tcp |
| DE | 142.250.74.195:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| DE | 142.250.184.193:443 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| GB | 95.101.143.177:443 | www.bing.com | tcp |
| GB | 88.221.135.25:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 23.73.139.75:443 | assets.msn.com | tcp |
| GB | 23.73.139.75:443 | assets.msn.com | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 150.171.28.10:443 | c.bing.com | tcp |
| GB | 23.73.139.75:443 | assets.msn.com | udp |
| GB | 95.101.143.177:443 | www.bing.com | tcp |
| IE | 13.74.129.1:443 | c.msn.com | tcp |
| GB | 88.221.135.11:443 | www.bing.com | tcp |
| GB | 18.165.242.8:443 | sb.scorecardresearch.com | tcp |
| GB | 23.73.138.234:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 20.42.65.88:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 23.73.138.234:443 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| GB | 88.221.135.11:443 | www.bing.com | udp |
| GB | 95.101.143.177:443 | www.bing.com | udp |
| GB | 88.221.135.25:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| GB | 88.221.135.33:443 | r.bing.com | tcp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| GB | 88.221.135.33:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| GB | 95.100.245.213:443 | ecn.dev.virtualearth.net | tcp |
| GB | 23.73.138.234:443 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 88.221.135.11:443 | th.bing.com | tcp |
| GB | 88.221.135.11:443 | th.bing.com | tcp |
| GB | 88.221.135.1:443 | r.bing.com | tcp |
| GB | 88.221.135.1:443 | r.bing.com | tcp |
| GB | 88.221.135.1:443 | r.bing.com | udp |
| GB | 88.221.135.1:443 | r.bing.com | udp |
| US | 8.8.8.8:53 | rewards.bing.com | udp |
| US | 8.8.8.8:53 | rewards.bing.com | udp |
| US | 150.171.28.10:443 | rewards.bing.com | tcp |
| GB | 88.221.135.11:443 | th.bing.com | udp |
| GB | 88.221.135.33:443 | th.bing.com | tcp |
| US | 20.42.65.88:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-cloud-resource-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-cloud-resource-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-cloud-resource-static.azureedge.net | tcp |
| US | 13.107.246.64:443 | edge-cloud-resource-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 88.221.135.11:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| GB | 23.73.139.75:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| DE | 142.250.185.131:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 88.221.135.11:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4270e3bdea3362858a705c7b575f1134 |
| SHA1 | 52db64baa0718d9ae3443017a1c2fbcee135a77e |
| SHA256 | dc949db8d7a732d338217c4df2f9ad14bcaf670ce4ea4fa108428a5f64ecada2 |
| SHA512 | eb56593dd3943335bdf2863839800688ebe231a971f543cc9331799243bab5e80f7ac4d933895027e59c3c10e4ec93873e7f76802fbe9cc8e7b1a3949432ef6f |
\??\pipe\crashpad_5620_GUHYERIFLOASUFOP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 991dd8fbe9a0cd6dc3637646bc73b6fe |
| SHA1 | cd33a4c3c2cea06b41e5388826af365691769de4 |
| SHA256 | 7e873150a039c5eda07ab3768e2b49127c3f824319d28909fe07f31d6f3119a4 |
| SHA512 | b8c1dbb54394674bb88fd7cf368214885e0c328e51651ee8f412aa1ab85151582c70189a292e24d551a8144de29f82e8e9b51ca5a695d33dc0e3326a78d05263 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
| MD5 | 358bb30dd68058811d0649fdf2fcbad9 |
| SHA1 | b59eb9256b3aa02e3462aff4ecd46e8c5ae89eac |
| SHA256 | c9b880d2c61c973812a90917cdf4d0a28ce66d742ff74b6d9dd3f085dd25fd8a |
| SHA512 | 1da656fd94cce876d6e9f85d291b689b90e65f7f4f4ad73c8395db012d426a069932c25dae9eba7cc110b74de752ce5c5dffc53de520eb1680b89b0c2ac0bde6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
| MD5 | c32ec31dc90b1d6792e332bc64b2ae10 |
| SHA1 | 2d798530ae76517d03ce2d36b5268a7b4a5c47dd |
| SHA256 | cb97abe4a7e77a170150622620e1f199a36d2102b28c33e087e7616c89193a7b |
| SHA512 | 5c18f7ee6ee6ac897538cbb7a344cf11cea24cf1bc27453488489e6e6eaf2c5773dd48d46ae7256308597ccdc0836e2f45eda411ca228c176fd8e8d8468688a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2f19b64fe8476f97f5eceb1200131cca |
| SHA1 | 616c88d5bb8e94e79b8200d7a2309d454f5443db |
| SHA256 | 66d64c27894775723a55d786171161f6471caa6d304c7de1b9e1e8e1a2851276 |
| SHA512 | 39670b86ef838d204696a0387cdb4b108b2f9eeaaccedb94135043e106b9089fd529d830fcf1e593fc32229bd68662aebec580657acb0e3578efff0d1d786c63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.dff2c9d9755f96713c08f4932a9091080808ec34c0823feac2206fa526f91e60
| MD5 | b0917d8e6c5b6be358bff67f84eb8336 |
| SHA1 | a6e221edcb19a1cc81575b4ddd927fd9a6fbdd6d |
| SHA256 | dff2c9d9755f96713c08f4932a9091080808ec34c0823feac2206fa526f91e60 |
| SHA512 | cd5822bbf91e8f7f5ab2b471a4bf8b464bde95465e2fccc6a57e5a287ca55d5062bdd6d4b3cd76f8529ee7a9081b6a7aad7dc2a7581c344ce4fd2d3256bdf451 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
| MD5 | 06d55006c2dec078a94558b85ae01aef |
| SHA1 | 6a9b33e794b38153f67d433b30ac2a7cf66761e6 |
| SHA256 | 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd |
| SHA512 | ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1fd7fc43810d7cc90daa43820be66cba |
| SHA1 | 426dc01081e236445831e5faed28cad87bbba75c |
| SHA256 | c708852e48286d0ca7c24a2504a7e11a842a6991026a60c8c68416ec5ba5d59a |
| SHA512 | fa8e080230ddd4d567382d66ecf9b1ea392eaef9e62c96c70e2e1234bb949a40bc4a3ac1c297e835d63830e8b8af3dfdce44e742b55c38f0076a9e84bf4bb61a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | dca9fb83c65d1f40ed5c836e7e531197 |
| SHA1 | 2cea768b7433b8d3106df5f8946d8cec5fcb7194 |
| SHA256 | ae2755427f37e1d9aa2d53d916d0af0c1036f436999f66c4a766287cce7131b0 |
| SHA512 | b29220ae2f3f29358ddcd959804b2a634f8ec212485d7f7e07a2999c3d775e9d251fedc5e05a513c72993ede7ca7baae1ed370d103d58c806cec0ce23c96bd31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 71a85ef9996388b1cce8bd472d1b508b |
| SHA1 | 23cf2c35d2a483730e71e3ac814044fa2cec99c1 |
| SHA256 | 057e0bab658afe1ce7376426de7efb6b882c74b2b3a56f7d4df127b633a4e59f |
| SHA512 | a7c697448b00f5ec89a692b74bddfd65802c932125722ce9a94cf27a68e8c32597cc22a781bf7b77b23d50cd56de214b28bf1ccb248fa69304f6e6c33a0659bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\7e3520e6-747e-400b-bf00-09c1521fc223\index-dir\the-real-index
| MD5 | e0e9e65dc700165ea7a80e3d994ca2a5 |
| SHA1 | 2ce1a7f9481bef04bd36ee9da99e92e03230ec89 |
| SHA256 | dc200171763bd3e437e3ca2270af6fba2231bb354d2d8949f22cff0703a7c93c |
| SHA512 | 5ee7658def908522a8ac5ba74098aa89d159d850cebb0495436224e586d1eef3c8c9a6a191b7467ae9255e7c5307cab68a9f469a61e04fd4f4485efe2ad3bc9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\7e3520e6-747e-400b-bf00-09c1521fc223\index-dir\the-real-index~RFe57fb58.TMP
| MD5 | fa01bd4fc7b4c1a5927aced7e8490d65 |
| SHA1 | e1b09d9b757590d53da8a2f63dc47a84c8059e7b |
| SHA256 | 2321b863d16a9ec12cabd64e157a0ce7fcfc7c83018fb01b3dab08f7ba0ce6f6 |
| SHA512 | be32fe4fbe5faec20d59f9a1916405886b60860c50e605ceba7727031bec03708859addb4dfe22d21c44a9ca2f80f7aecc113d69a90934fbae36e720dfdda673 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005f
| MD5 | b89b46a304af12ccb95ceae9ce308f4b |
| SHA1 | ffeef4e51731adf958fa8e5f61ef9f6e5c73abab |
| SHA256 | d63c6e0250a8aa819922f87b929fe60fcbeecc014e33f57b44468e6ea8e9a92c |
| SHA512 | c55cd2901c3139951d060fa3c3bbe0396fe3566fde5a5666444d7da843cc1253091eae509aa397dd74e51ebfa807f7d72db31507dabe617f604e0c3b4f994854 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005e
| MD5 | 7c7472671ad243520309825ccf3ad368 |
| SHA1 | d31f249d78eba658deabbc8946507eb5eac02423 |
| SHA256 | 3a14d0beab7fe119c43fc98f26dfabc8a264b8a4afd2f44571e3805fe372c83c |
| SHA512 | 0eaba5d0f781ecf07ab43e4409cc800b53c446a92917d0410687af95a171484ca6729d6112448abaad10849f99327e5ddf17dec485ef3db1d4f21e76632df14f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000063
| MD5 | 71c8533978b7929a3d41afdc4d62fb11 |
| SHA1 | 3c63080974b36b5c4a7d013b1621a8df2e7ef482 |
| SHA256 | 888b12ab595b876149574fe3b8a56294bedc47bafa927f90c4f7b2bb48f35e7c |
| SHA512 | 6ba3080b6e7b46b150667309b4c5263ba60f2d5a4b73c4a2b4d2aeb47516481085829e4fc8d631d055a2a3bb12fd83901394f4def36dc6e94f648b1a0722ba3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9abc6812709b3a255f58735941751860 |
| SHA1 | a09ff232b0b7a01d5903b70e8c5b52e88ee57a8b |
| SHA256 | ea99bfe9ebdfbde5c5cdcf933849a87cf09ca90bb620634edb82835166904305 |
| SHA512 | b07e005411d292a45bd3a2735d8d59f0b7c5d2ccd3ef5d32f2bc98bd7a9dea5deaab21c2e94ffc30f91c1da30cfd58160e08dac1c28ad5ada82e1a6d437abc82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | bd81e8b7dd160227f7462636399ce609 |
| SHA1 | bca228bee766591b99a0ee815fb82e8b2b4ac0ac |
| SHA256 | d8404780601d29a2aecee7714aaccdb4eea75552de0b1862021a793260612b10 |
| SHA512 | bbe7f7d89697f9c5232ebd507fe3da1628a76e63bc19dcf4576ca38e0bdfee2f2e290350ed7d2a164023a84eb044b79f289fd7aacf51c9fd3b8633735bd367b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe584419.TMP
| MD5 | 6457ccbdca1a871b3a0635c1cff20487 |
| SHA1 | 2f05536b599cdf091ecf73f4c8437dbc446aac60 |
| SHA256 | 693760938f5eca578ef79eb543ce7a97ba5effa40f03a7df4661d7412fdaa76b |
| SHA512 | ef83f659b6614ed653e6369de02b872d6450240d9896a5715a9c21021859d4e3bddd43c8ed726e44303ce3ce45a6e06d887e4f0a61f7754608e0164d5d57d152 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c74e6de86573b4469aa5dfdbc933ed26 |
| SHA1 | 534fa3ea40f648008de4344d9d213f07a4bc09b8 |
| SHA256 | 9e17e7c132403140a1f9d2b5140f48518fc23616add39febd0eb823d36ee74bb |
| SHA512 | 5b203e1bd0832a4d19171ca8e5091f3b906e348a41d7b817eb6b0d68054c352a90f088fa650206788585b7edcd1eb30186efa14b3596a729c5ab0dd28a848ca3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\e94bc16b-82d6-4cb6-8035-66d24e93c0f4\index-dir\the-real-index
| MD5 | c8ea19386f3813b671811433c2841f32 |
| SHA1 | a0baf1c8f05360ca7a53cf74798b60990ee2e086 |
| SHA256 | 226daf9cc208305046189282b9fc94a127c1c68e0751e3f11790f65cf3a3e5e4 |
| SHA512 | cff7200ac054a9c47de977bfb53b647c5aabd3bc1806cf826ff556866f51e8b4213c4ef3f9798f9da79540c5f38576b96341ee6a083560d7b0ab589aafb03672 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\e94bc16b-82d6-4cb6-8035-66d24e93c0f4\index-dir\the-real-index~RFe585280.TMP
| MD5 | fcad8b4cd0825ee5ae183b7c23fabd68 |
| SHA1 | 7a8aaeba826257f7c8745e450026df9e4b70e297 |
| SHA256 | 7df38abecaaa043adabc287e81fb17bb9319442c03b0888701e5ba3eedf01170 |
| SHA512 | 35a9e0afcee7a0acf59f40bd7a55c1d7a8a0334dac5a4b06e1f29ebe40a9c5906cfcb3458ece731144d8faac6baca1b15c945321d423d3a0d3cd03cfaa350e72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
| MD5 | 51e36cdf1e14851922feedca1b8a3faa |
| SHA1 | aaa027ddab7c6a4a7c3c0c1343474a352932cb57 |
| SHA256 | 38ffbca3e96d998ed02f3f5e3005a70b5eaf9d68017ebca7a798ed826aaca033 |
| SHA512 | 5b834ba6653865b437e8040774a7ab72400dfa6e4f2642e664011a222b30f64e37741650e808107830943baffe851adf09ca68562867852bb8f834ce7068dee5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58530d.TMP
| MD5 | 946cc9d7279a34e8458618dbe1f4a04c |
| SHA1 | 6c4c29928e6d68624ae5405f421ea76cd390052c |
| SHA256 | 57f95031fa58092a6e38dbcdf0a8f4ba97a81a7ece2c9243892be807f9290b38 |
| SHA512 | 0eeb0d8be4c8fb4d9398f9245ceed9c079fe97f503c4d16db91f06361887ca2174fe6c3a49c8fe696491863c768606e819ad4a07a7dc7a016719e2dd66c34062 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\e94bc16b-82d6-4cb6-8035-66d24e93c0f4\ee91b116cc2005be_0
| MD5 | 545df9de80abb7f7eccd05cbba9f4675 |
| SHA1 | b327e3569ceeeba57bb5b3f861a209ee22e87aa7 |
| SHA256 | 3e0dc58cc2e928aef0e9e30555731e188ff3c5ff408ec17e197e5fd0cac8ee64 |
| SHA512 | b01c7409daa8ecb938fd4fa2da773b293368ecf4bab4d2ebc372502d3531dbc86cc3afe93d256d4a22a0ee44e1dbdd272521ebfdf0be0ab9f1380aa3242841db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000066
| MD5 | fb542775dba0d6d8cf2b554c03a68eee |
| SHA1 | ba2694457f971b4b80e023733ae36e36bea0db13 |
| SHA256 | c525a1063a3715cb6096babe4b7e52508991877f7bcbcac0658f9446889235e4 |
| SHA512 | 1675c15217fab965a38449c5449732a40ff23862a5c1c2552f1b62a3742384af1128df64880bee2a5f63a3f6b2e0784245ac85cb4a64c7a6cb095700ae731101 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000060
| MD5 | e930cf00b9f1df58faff97bd4c06db59 |
| SHA1 | efd2155e9faadafe1558e1c5e5240e4f01db36f0 |
| SHA256 | a41c0edb4cecad4f7644eb7348e57331065814d38c5716962098990b320f4f0b |
| SHA512 | d402f6493c039f2c59381ec6ded80acb410cb95834699b5900cfe305fc1cc9d59e4546d481d46c11f1e4eb7e5f10abf923790998eb2024cf22a3e3b4f5551308 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000065
| MD5 | 3e2965715a0e4581141016e3e90f1956 |
| SHA1 | 2a29a85b9280a07983b669bd55fb00210b016fde |
| SHA256 | 35f8e38cd29dc9670a87d303ded1ac66222237f08aceea49a886fbe1c509d2c1 |
| SHA512 | 822075e34f9a429417adfb5930e6d22dbf395252311990020e576eecc3b013e02d181c9cb98e5266e88a8e9e65b2d988d79e01792020a36bbb0141a855ed4cd9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000062
| MD5 | 17a6d98b23a2c373af73eb085c3a22ad |
| SHA1 | 9505445ec0bb1f632f1b3fde44395f722f46a8a4 |
| SHA256 | ff6aa19e48ac7c61136eef8d50224ebf6cf03e315344bae24419cf7b26a9fcc6 |
| SHA512 | 8453ca8630f92da9f5ccabda074e608aeda8e99171f98a20443ab38f0a6f41683ea33685a175af6cb6b0597d0163607b4a1c137291cd8c9cb128d0749b0a52ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000061
| MD5 | d7ff50bfe3a911e6c398aade10cb733d |
| SHA1 | 6549bea7e8a6b3478100490bd836090c3387c3cb |
| SHA256 | bb99ab2e6c435c1d5b5955da73027be6171b654afebaf8950dd68cb8b23f5bb4 |
| SHA512 | f33a9b155cac484342bd3ca53c2ba075d2c9e09f2340a11da803ebfa33c5336d9afa3d5507bccaf87c724f3043caf8cf88ee0c6d87ed5e0e1eb0acd19a77776d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\7e3520e6-747e-400b-bf00-09c1521fc223\index-dir\the-real-index
| MD5 | ad2255ba5264754b5b928da6380e160b |
| SHA1 | 3036195adf199fbd5b3f4b9eaa6203c4a2ef4c89 |
| SHA256 | a5cb857e5254ca56eaf0b33915aa0a1b7122f8be7caa890d1fef33e5c16a8a3e |
| SHA512 | 8e988d81ea85850d3eb7c1bf77c2823a2a4fd59bb51a1cd13d4100c98073945325181f009aaf4e20093c0c75cb1f95032bfbcbe714c91c3e35f8777758ca94fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 9ce96276f3bd9571a5e42c73dd08e962 |
| SHA1 | c6ec6606e2acced41c8dea5147b4e18f05d5d772 |
| SHA256 | 16b95b8cd04c4c9a90fbe019fe0d89ff5189e6bec1957b7fefc9bf179907fbe2 |
| SHA512 | 8164ed2dfe24d4b69af69594eea236e8fd76fd587f7dea4de1f1a2e5223edf2f9564cb005387f8be3680070071d086456d7125bffb241b1935fd261d42ffd22d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig
| MD5 | 3f8927c365639daa9b2c270898e3cf9d |
| SHA1 | c8da31c97c56671c910d28010f754319f1d90fa6 |
| SHA256 | fc80d48a732def35ab6168d8fd957a6f13f3c912d7f9baf960c17249e4a9a1f2 |
| SHA512 | d75b93f30989428883cb5e76f6125b09f565414cf45d59053527db48c6cf2ac7f54ed9e8f6a713c855cd5d89531145592ef27048cf1c0f63d7434cfb669dbd72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | f0168ccb55fa24f0e573d7d9f82e6fb6 |
| SHA1 | 1347fb510c6327aab591c443f401df40ec684c23 |
| SHA256 | 0c460435e11e1052cb8771862db3ae984b8631b0bd721503c6e05d5629ec25d3 |
| SHA512 | 8eee5fc4eea1a059e01ad1c153267eb48cba237eb89fcbc4521801a814ac50827e6bd4eb667f58141118883c6b11896f7bef7502839d86a22134138e85b1a8a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 837816468e5b173c5929ee621658de92 |
| SHA1 | a7d36fef2e4a8778806079d08a5e84df5cb3340e |
| SHA256 | 15ce0d8891f553e6461401a9110992f044d42d8d40d8588adeb7be5ba9c87650 |
| SHA512 | 8a00b0eb107b7ed33fd5495cce6700f3b7d0b9f366ea4061cb8fded649a48f7067c738b971fe9f56b376bf4833e017bfa15a81a0235b0bc9eb21a05357f36045 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 37b5db0fe1714bde9be2e802366d6f25 |
| SHA1 | 9adcb73e7f7af078309d786863b6f977216529b7 |
| SHA256 | 9ac659631069c40980da63dc97c70202f796f2643ab3e0458c84f676f875ba75 |
| SHA512 | 43729a9f819a8239a41799779dfc3a39bb958f94d8b0cbee27aa91ab7c2aae910218a5b038768a63719b43e608bfd00c05a2de907e60c94cb415055a0a61a1f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000068
| MD5 | 55db53a89098f4b6b215e1cc6e9efc60 |
| SHA1 | 4a1d73f9c6e11a1597c8e1237e99487aa5bcf05c |
| SHA256 | d2ffa7fdd7892b4822eff4a89232bb1a4a37a52474819e5fa6b2c0b1d32e8e43 |
| SHA512 | cade704e8ae437799fd726b92c8ba98020878e7bb2c0d5920986745b11e5542e55170597cc9da5d20dfd525f47c3a1c2c85a1c67e6f281801cc63bc44fa35102 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006d
| MD5 | 3f3297819cd2b781023bb50471132691 |
| SHA1 | 206d8863f895adc7cd368b454c86715ba027a688 |
| SHA256 | bd2aadbf00196cc0ac2fb4c03e46c10ae55675b44caa9d3419d8f71662841173 |
| SHA512 | 12749e9126de711f23204455aaf9992e02102cf5261e91c3e9f43016a80b83f72854188baed529c0b1ea0c8d78c031e30b2cd70a532e85fd93d1c509fe7965a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006c
| MD5 | e729e8699547cb5bfb4f424406b8f551 |
| SHA1 | 5ab8f998ba9fc47a60c1af131c29bc9f6b656b53 |
| SHA256 | 8b584c48779d727e3638c8922aa47b1413d8906130bd3c480dbe0774186d2915 |
| SHA512 | 027438641482b3deb4c3ef779542f0ea5c1a97fa90a24523b645b9d53ff13e03da89a102f6edff4752d0a0b517cb131f3a8c7a4f54fe20f23ead8d357ad970bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | f71af6f4d0bde9a47d886ab1f01684c5 |
| SHA1 | 5b4379c18f5aafc53d3b11fa3a1b80c1d8ae3200 |
| SHA256 | fc2e8ee6130d172ad20dfbeba132c4e9bc52c11d9ad11270811a532e0abbe451 |
| SHA512 | 20df4b34ace64624a0c3a8cadddf14345bb375be841a82e10cac1491cb546b3ad2c0498ded346434608c44f8c6d400466c7b5757a6d61f1b5f3a2079224c3936 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008f
| MD5 | 3230e4f49b144ab238721c7142f3ca10 |
| SHA1 | 1faf1c8dea22291a174c5eba27ff656c1e7ba90d |
| SHA256 | 730a91180f160ca2e6fdfbeb4c31ca4f53a35b051fbac1902d2c09afdb884c97 |
| SHA512 | 975c4f7ae5ed4444b068c9abddaa4fb8b6380235b9259e1839ebb1847f7edf4dade1a5456fbb573e953b60bacb60366a02bad4da0644319147550ec3407852d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 9b09cace5808b136373d00b601d41b56 |
| SHA1 | 83c0a6cbbaf3132b6f6b51bfab80c0eebe634dc5 |
| SHA256 | ffaa4d8a96730b2a6cc9d44e5c655491a00a39324191dab8ff3403212af66661 |
| SHA512 | 915bb52a4a17858fda95dc0975e529750170a8a69fdc64ac5d6448efe54fdfe47272f9fa510c9de09f6de9094fa746e246af0356373572ff8bc80ebb4fdc9b5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c1
| MD5 | 226541550a51911c375216f718493f65 |
| SHA1 | f6e608468401f9384cabdef45ca19e2afacc84bd |
| SHA256 | caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5 |
| SHA512 | 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000bf
| MD5 | c813a1b87f1651d642cdcad5fca7a7d8 |
| SHA1 | 0e6628997674a7dfbeb321b59a6e829d0c2f4478 |
| SHA256 | df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3 |
| SHA512 | af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c2
| MD5 | 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5 |
| SHA1 | 6dd8803e59949c985d6a9df2f26c833041a5178c |
| SHA256 | af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725 |
| SHA512 | b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b611bbc3f9d80427f2c8813056d3c135 |
| SHA1 | 529f3ef1a03063d3e234a4afe15c3fe882ba85f6 |
| SHA256 | 47854dba23ef61b51934b768137246f2b3f49150b2c1140092fb4714dcea641c |
| SHA512 | b7b6780d68ed102b7c21646ed51f98c67510cae450106c78fb53487708d8763cfaed7eb0afa74ee0c48658a71e95990b16b9ebb85867e55e01ab03701f312b6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 49b3983fecb04ed290abb1e53450b02e |
| SHA1 | 7be2db800ac4bc17c6e577f114662e22b5c8a8af |
| SHA256 | 4620e46a46ee8489868e5a30e440f4ef3fb1d78be23941de2dc421543137c6e4 |
| SHA512 | 3314857b370e883002e866c67dc0003ba3e4da0b55f4e533daf4ea49b6b5e3e6e36e5597ffb648658b8c753a92ad80a96559c3bf282e7655d18c3f439cad01c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c0
| MD5 | 638b28824ff7d2a8b5eca31267ffaf3d |
| SHA1 | 51c91fb5de5248d6dbbe194565231c4bbbc197fb |
| SHA256 | a2477313b8f9735a83fff20ff6624d26a13c893601a3cf6148bc997022913011 |
| SHA512 | 0eb506d4d9f7bf3aef60dc2d69135a1eb6c9748eca15f721cf5310a7bfe131e21c3504dd75ad986ddfcde907cedd8522caa64845de1794000c2fe7a477189af5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | a98a11a9a9a2c3300270470c51d83edf |
| SHA1 | 71c568d203f98609465df2f1171ef94a8232c0e6 |
| SHA256 | e1ae90c623cc05c77a9e1ae54dfe8215959fc236f6823217afe31d8f86a5e415 |
| SHA512 | f09fc3d469b53031d71423b66fc00bf35f540b6d706cf038cffea02bdf94a78d403f30719afc5b93bb38c55f41933943a3150d933ae4b9dde9a4dc05e10bdf9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | abc5ab7aff8db2ac1a593bf67f84f7f0 |
| SHA1 | d0ebfab0da61bd37fbdc81af805a24e43d3321ff |
| SHA256 | 256d0dbdd89c73d12b5512a17063fdf7ab529509bc8f35d57eb999bb998639a6 |
| SHA512 | d6f39e9803ee6b82497ae8551eec79226f29a02d81b14a11035e92d61962cc3058a28927870da326f59d2ba6757680f117061f35f9a449187da3315d69d49aac |
C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1898077915\manifest.json
| MD5 | 778202dc964e7fb0ab5bed004f33fb14 |
| SHA1 | 932ed013275e2c1172575885246c937c7cca87af |
| SHA256 | 4474f08d1718da148ddb55aeb998886c053f6539c2fee3b3b1796f3855792ff9 |
| SHA512 | 9105af9928af4bcceb2cdc2161137ef6b07f4b97d663bbf27086f80dd266e967a5524aa5aec3f457493a0c4b98aa092aac6bd5062e72cbd4d939402c92093948 |
C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1898077915\deny_domains.list
| MD5 | 085a334bdb7c8e27b7d925a596bfc19a |
| SHA1 | 1e4ad53dc335af5c6a8da2e4b4a175f37fafe2f2 |
| SHA256 | f51a7acfffec56d6751561966d947d3fd199b74528c07dabdcf5fcb33d5b2e85 |
| SHA512 | c883cb43c97a136825c6fd143f539210c234c66f9b76dfd8431f6ff014094e20b9410d7462aadee2344df8ca158def6b9a807e7cadbdfa947f6f8592e7283e34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\bc7eb19a-ef49-4483-ace4-c00fc54e699e.tmp
| MD5 | 788204cb52d70ea1798344ecbf24be45 |
| SHA1 | 8743cfa4ff351b602fbd0b146fad1db838f5ca60 |
| SHA256 | 951b613f710810519b7634e1709caa1c6f7ce73d69a0356df108ff295de0359a |
| SHA512 | 75ff6d8a5e1d8d32b7389192d0f1744ce541e7de16a402d4454997497711280b088eb380bebf792c756060e55fff23b4d29165526a9344505b5738fc29465655 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\e94bc16b-82d6-4cb6-8035-66d24e93c0f4\index-dir\the-real-index
| MD5 | 00c63b50212e4051774f6fec82384bff |
| SHA1 | 9febc725411cc2ab9442368108b64abd52aacfe6 |
| SHA256 | f6fe125bea7c10f77f3c63406da4b517011962b796486fe0ceffc79565bec174 |
| SHA512 | a7314aa33efbde531efbf7872b7757df32de5ad18d049bd95df823153333e018184c542196d6e15c112f9e922601b198017b3a1356d1232172fafdbfbabacb62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6363e1dd-13b5-40f8-bc40-32a233453843\index-dir\the-real-index
| MD5 | 971e54d9a7d9fb6ac5bad3ae5b011314 |
| SHA1 | 43e95f56382844b568f7b5079f4cd9936ec1012c |
| SHA256 | 87d796691c972cdd74fc1f272176857f2b998935d439a9952820ba75f639b93e |
| SHA512 | 1913d4fbef0e8f9cb6be5da0256fa3115a9878ca6526f9fb7782ac4880a84429d9e0d875821bd9b4072a8b1c1b47e2ed5b8f44c7aaad0a5798affb4dccb3a29d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39de799f-d5c5-433f-a742-46fcc9ae40ae\index-dir\the-real-index~RFe58c0da.TMP
| MD5 | c40c0db0588e848a20368d7f06615321 |
| SHA1 | da8f5f46995ae350281d42b26758a20538c8d960 |
| SHA256 | 7478338ddc502a12d4a5c53a624236092f97f05a4e06047ed23fb2b193a2292f |
| SHA512 | 4575420502e9943f0f654115db0ef0a832c4caa38c109bdbc4df99cab1f3d427f35de79c572db5b34b5228e5a0452e79168c1cb28ad259263124898cdd5e71eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39de799f-d5c5-433f-a742-46fcc9ae40ae\index-dir\the-real-index
| MD5 | 15db733e5458c6a779579cb921f4c542 |
| SHA1 | d8162fbb3615210b74b53efed8d872c2c729cb20 |
| SHA256 | d5bec6b87f86a601013ba4d11255abc66c0b606f1e9c4fd596f54c615b0db5bb |
| SHA512 | fd77da7d866bffefc69d502821b3788d4e2586d07aa03a0f8365dfecfd36a1c20860bb7361f64b6c411fb28abb5309135460a9b5c57d836cc8bf3320a9026fd6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 44e675a81ca24c96c140a263b9451205 |
| SHA1 | 4abec4f24976a7eb9bb28e9f87c5e6a2a2fe0bdc |
| SHA256 | b969c133f1ab2c3c756bc25ea26f1b115dcb2235babbe2ec49b8c90320948928 |
| SHA512 | ddbe56cc82a2932ea88d04839a3cc458e341bed3128e38cb063a976c938d766dd9865000528e3f3f4862e036dc9eb84a921ea08676ec1498eaf7c99d41ad7f86 |
C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1776532225\manifest.json
| MD5 | a0fedd9b29991ae92455f05414e5fa74 |
| SHA1 | 300c53982db6bc2bf1875a8e85518e93b94d1f15 |
| SHA256 | e3fede606090dcfbb6446f4da29cb6ef3afe7d0b0c8faeff52f7feb2557fdfc8 |
| SHA512 | 63ce6bd825cb611f34ae5d3a71eee40af7afc460d5a6ece59d4bb86d37a38a9e6a519d30adb720ddedf332754a3ba5f44b578cac3a610ecb8182c0ac3912615b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Typosquatting\2025.5.1.1\typosquatting_list.pb
| MD5 | 45b4f63711eaa89d9c9792be8b19c2b1 |
| SHA1 | 59c28d96b19377751accf132f1c42557e2e1fa8c |
| SHA256 | 9144637db432c2e17209b2893ba67278fd1acdad9231096674caf7a6b4236253 |
| SHA512 | 43902e07f6eca8141d458e84d1fc136d850cdf1551597993099de6e2496d29686f8f93263be94abe023588ef5f979533d3e1baf29688c992bc902eea550f8256 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 45e3946b36113dba0d948bd47260f95b |
| SHA1 | 9b2fcfe79ee27803fd69fc4e776ae6c9e136377a |
| SHA256 | f978651aa576b414b22260530891caf517708e40e35932be6d9d84a646ab881d |
| SHA512 | 461a4c98f8f30696f0d8707f86a530cc3deb3b933d4510c91f9e1f5330164454efb758a5b05e1e3cbefaf196071b26b16e48abfc0a17dd0dd705875b5777bbfc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 37f404704b021c18f9a6efe7f99313ba |
| SHA1 | b6d7c89f79fb7066dcf1f9de70d72ff20851fb83 |
| SHA256 | 1e44bf538224d8120b451f93bf02664a7eb70ff156dc030b65fec16bf074e4dd |
| SHA512 | 0b9b34d96a4ab288c80774bcb9f79d4a1b71f0647d04aafa06b2219cd0f74009b53abeb9d24d013d61cf653ac8014290505d35b64301bc81aac8a6e83bc62dd7 |
C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1432382767\manifest.json
| MD5 | 22b68a088a69906d96dc6d47246880d2 |
| SHA1 | 06491f3fd9c4903ac64980f8d655b79082545f82 |
| SHA256 | 94be212fe6bcf42d4b13fabd22da97d6a7ef8fdf28739989aba90a7cf181ac88 |
| SHA512 | 8c755fdc617fa3a196e048e222a2562622f43362b8ef60c047e540e997153a446a448e55e062b14ed4d0adce7230df643a1bd0b06a702dc1e6f78e2553aadfff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.3.10\data.txt
| MD5 | 60beb7140ed66301648ef420cbaad02d |
| SHA1 | 7fac669b6758bb7b8e96e92a53569cf4360ab1aa |
| SHA256 | 95276c09f44b28100c0a21c161766eda784a983f019fc471290b1381e7ed9985 |
| SHA512 | 6dfa4eca42aea86fba18bc4a3ab0eed87948ea1831e33d43426b3aca1816070ecb7fd024856ad571ca2734214a98cc55e413502b3deef2c4a101228a7377e9d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 4fd093e2c75acb8c8e4b011e25f6b962 |
| SHA1 | 5c79a6be015b8a37a82c1ca4fc5b75ad921059cf |
| SHA256 | ba16a6b9148846d7fa91750e8e03c428ed6217fd89ade2d74c4e3d0715a54c63 |
| SHA512 | cb62d9c45626aeeb0c0a5525576977acc69393f8ab3eecf8f7a3b92b91f6349ba5a151b0568767ae303e65efa3ec6e08365f76f276ce7ee536994a077da51341 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe59572e.TMP
| MD5 | 8f43e873a6cb0afec53bfa87ec514330 |
| SHA1 | 0cb16fd00ad7a341f406526b967c8d6fe66c4b52 |
| SHA256 | b92990ff955f15b41c8a0cb39dce3a8ea22cedc33d4ecaa2cf6d3d334c1e36c0 |
| SHA512 | 117bffbb0160e0d812a9329f0156d2c7fc38393c912cd276362f4f6e25619cfc0119ba77184e0a25afd6302b10376030ee331bc6320ef717e1fd4e4b9bebe8e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d8b4b978bb179d54423fcb3c3617b7d4 |
| SHA1 | eb0a539837db75d5d677af7b2e5a87f5fe7f6090 |
| SHA256 | a7055877fa1fa99de42352da11fc5fbb2362bba7a3a7440f16b1b41f41684f05 |
| SHA512 | 3029273f4be19f71bf15327a0cbafee05d8b3feb16f9ff89476b8733566f69c6a150877a6c6a1a683b17c74a7fe8662de5655545f9bedf3945437b9f605e1a13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | a0baec677b8a478b267cc38c6bc89102 |
| SHA1 | 1efc623375a4b41aeffdd44f83f5adc7bcbb75bb |
| SHA256 | f394108be2a984ace0934bbf82cb87dfdd534f885909ec1ad706d0ed97c81633 |
| SHA512 | 61ed6c372889d5e043a460a9b81cd188646e4b76f192a7ea598a04560995ab19740a4b432e59af12491d84f2ef13e0f2398c7da6b48fe08d7a57791d33f40c25 |
C:\Users\Admin\Downloads\$uckyLocker.exe
| MD5 | c850f942ccf6e45230169cc4bd9eb5c8 |
| SHA1 | 51c647e2b150e781bd1910cac4061a2cee1daf89 |
| SHA256 | 86e0eac8c5ce70c4b839ef18af5231b5f92e292b81e440193cdbdc7ed108049f |
| SHA512 | 2b3890241b8c8690aab0aed347daa778aba20f29f76e8b79b02953b6252324317520b91ea60d3ef73e42ad403f7a6e0e3f2a057799f21ed447dae7096b2f47d9 |
C:\Program Files\chrome_Unpacker_BeginUnzipping5620_1886838597\manifest.json
| MD5 | a64e2a4236e705215a3fd5cb2697a71f |
| SHA1 | 1c73e6aad8f44ade36df31a23eaaf8cd0cae826d |
| SHA256 | 014e9fc1219beefc428ec749633125c9bff7febc3be73a14a8f18a6691cd2846 |
| SHA512 | 75b30c0c8cef490aaf923afbdb5385d4770de82e698f71f8f126a6af5ef16f3a90d0c27687f405274177b1a5250436efddd228a6d2949651f43bd926e8a1cc99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\22.0.0.0\ct_config.pb
| MD5 | 811b65320a82ebd6686fabf4bb1cb81a |
| SHA1 | c660d448114043babec5d1c9c2584df6fab7f69b |
| SHA256 | 52687dd0c06f86a2298a4442ab8afa9b608271ec01a67217d7b58dab7e507bdf |
| SHA512 | 33350cce447508269b7714d9e551560553e020d6acf37a6a6021dc497d4008ce9e532dd615ad68872d75da22ac2039ef0b4fa70c23ec4b58043c468d5d75fd81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\22.0.0.0\kp_pinslist.pb
| MD5 | 0779206f78d8b0d540445a10cb51670c |
| SHA1 | 67f0f916be73bf5cffd3f4c4aa8d122c7d73ad54 |
| SHA256 | bf0945921058b9e67db61e6a559531af2f9b78d5fbedb0b411384225bdd366ec |
| SHA512 | 4140b2debe9c0b04e1e59be1387dca0e8e2f3cbc1f67830cbc723864acc2276cde9529295dcb4138fa0e2e116416658753fe46901dfa572bdfe6c7fb67bd8478 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\22.0.0.0\crs.pb
| MD5 | 2b59269e7efdd95ba14eeb780dfb98c2 |
| SHA1 | b3f84cbc37a79eeecb8f1f39b615577d78600096 |
| SHA256 | ff2ced650772249abb57f6f19c5d0322d6df22c85c7cf2be193b6134e1b95172 |
| SHA512 | e4b454db2248021e0d198805ea54f1c0cfd84b9716a9348b1d0e0acb7c6fb5dd0839e532a5eb6d4410ab759d6688dd6cce8375ad55a150d738d280993142e9d7 |
memory/4440-2713-0x0000000000510000-0x000000000057E000-memory.dmp
memory/4440-2714-0x0000000005600000-0x0000000005BA4000-memory.dmp
memory/4440-2715-0x0000000004F50000-0x0000000004FE2000-memory.dmp
memory/4440-2716-0x0000000005010000-0x000000000501A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 603cf64461152ac76fb5abbebfa79115 |
| SHA1 | 96b7ebafca59e2dc81917bdcf4fdd359e0b9bf4b |
| SHA256 | 25e97868c27b05c337b105f584b60fbaaa2db1e426a01eb48cab4049c870ecba |
| SHA512 | de6eccbf5c9c07359d46beb28268f50a6ba55ee477614a0580043eef0ff540f25de27e3f6f9d7777a53e928351504d8687dba6acc6e49d5ca347a938c9d6605b |
C:\Users\Admin\Desktop\READ_IT.txt
| MD5 | d845190db42d07b1f4a34292d8f335c7 |
| SHA1 | fa97f5c6d4aa832a0a1451730e8ba2a32b2f9339 |
| SHA256 | 6bd70f8e5afcaf2bac76a5e40649be7ad4d59fb10d37e4f18ed3b1027b714b9a |
| SHA512 | 9d9310f6885084665a54cba5c33ce55d2de89978b82d59c70746f1e9ca2abdd094713e562f802f5e723654824ab872b9ab453cb32e279b5960edc196f683a08c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | abfbc09e010330a46db8b5c7e9ab88e8 |
| SHA1 | be34becaf0d5e8bebab7eb3f4cefd5b762423eac |
| SHA256 | 5f01be6e7e16c827fbe204677db7cea42b5694bea5bc2d4296f0a344e2cb3c4b |
| SHA512 | b5c848ed04453538401c0903e348c0b478d901ce0a5abe71cbe1ecc7897be58cb7f407aea3150178e2d2eff15e566280a599edaf195109ee093baa48c0fa4aa8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b8f8a67b6b1a953feaf92de823873a94 |
| SHA1 | 0c88f6660c5d3d0dadbb28fcdda23d108701f1de |
| SHA256 | 67fe03fd44f994cf5d4bcafd8a373edc53b27d67a57ab2ae3ce0fd4dc9911ec5 |
| SHA512 | d6bba229a0d0334de368e690c0939b5f7cef8f8ccc2951c74a6b76b5599fc632633d1fa3307feaaeb6099b63bc12dfad44da345d2595315050bff6c36871be24 |