Analysis Overview
SHA256
67b777e4fa23202de3c10f3788929b1fbbd92d9b0bc8bcf249bc34cf230f0c1f
Threat Level: Likely malicious
The file OIP.jpg was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Legitimate hosting services abused for malware hosting/C2
Writes to the Master Boot Record (MBR)
Drops file in Program Files directory
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Suspicious use of SetWindowsHookEx
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Checks processor information in registry
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Modifies registry class
Modifies data under HKEY_USERS
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-05-02 13:35
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-05-02 13:35
Reported
2025-05-02 13:37
Platform
win10v2004-20250314-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Downloads MZ/PE file
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\solaris (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\o.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Mythlas.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Kolesium.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Kolesium.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Kolesium.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\Mythlas.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\sk\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\am\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\az\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\mr\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\zu\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\be\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\service_worker_bin_prod.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\mn\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\el\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\cs\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\fr\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\zh_TW\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\128.png | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\eu\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\hr\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\vi\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\en\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\offscreendocument_main.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_1945965110\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_38506784\deny_full_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\pa\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\sw\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\hu\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_2029704564\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_38506784\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\lo\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\km\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\pl\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\no\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\page_embed_script.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_1945965110\keys.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_38506784\deny_etld1_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\zh_HK\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\fi\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\kk\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\it\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\ms\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_823314018\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_2029704564\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\ml\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\ar\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\ca\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\ru\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_38506784\deny_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\de\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\id\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\hy\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\lv\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\ta\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\th\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\uk\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\fa\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\ur\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\kn\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\gu\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\en_US\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_2029704564\sets.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\is\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\sr\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\da\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\lt\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4812_418179043\_locales\bn\messages.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Mythlas.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Kolesium.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Kolesium.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\solaris (1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\o.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133906665406221027" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-308834014-1004923324-1191300197-1000\{DFDA6EAB-28DE-4572-9CF8-0E3E7EDFC7CF} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-308834014-1004923324-1191300197-1000\{A53E0A22-F543-4BC9-BD74-4C77890097AB} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\mspaint.exe
"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\OIP.jpg"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2f4,0x7ffa84c5f208,0x7ffa84c5f214,0x7ffa84c5f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1792,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=2288 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2260,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=2256 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2332,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=2668 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3512,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=3548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3552,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=3584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4852,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=4412 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --always-read-main-dll --field-trial-handle=5264,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=5280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=5580,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5328,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=5768 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5772,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=5368 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6400,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=6388 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6400,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=6388 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5456,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=5428 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5484,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=6836 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x508 0x510
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --always-read-main-dll --field-trial-handle=6388,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7016,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7132 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5524,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=6568 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6528,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=6392 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6728,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=6696 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --always-read-main-dll --field-trial-handle=6992,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=6736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7416,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7424 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --always-read-main-dll --field-trial-handle=7020,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=3640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7428,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=6504 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7100,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=3780 /prefetch:8
C:\Users\Admin\Downloads\solaris (1).exe
"C:\Users\Admin\Downloads\solaris (1).exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=dQw4w9WgXcQ
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --always-read-main-dll --field-trial-handle=3756,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --always-read-main-dll --field-trial-handle=6508,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=7192,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=5428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7784,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7796 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8032,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=8000 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --always-read-main-dll --field-trial-handle=7224,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8024,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7888 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7460,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=3764 /prefetch:8
C:\Users\Admin\Downloads\o.exe
"C:\Users\Admin\Downloads\o.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7244,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7868 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --always-read-main-dll --field-trial-handle=7864,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4880,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7276 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4960,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7412 /prefetch:8
C:\Users\Admin\Downloads\Mythlas.exe
"C:\Users\Admin\Downloads\Mythlas.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7440,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7464 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --always-read-main-dll --field-trial-handle=6524,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7376,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7424 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6464,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=7352 /prefetch:8
C:\Users\Admin\Downloads\Kolesium.exe
"C:\Users\Admin\Downloads\Kolesium.exe"
C:\Users\Admin\Downloads\Kolesium.exe
"C:\Users\Admin\Downloads\Kolesium.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7240,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=8040 /prefetch:8
C:\Users\Admin\Downloads\Kolesium.exe
"C:\Users\Admin\Downloads\Kolesium.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=4364,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=8188 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6084,i,7171304320319760938,512118926282290850,262144 --variations-seed-version --mojo-platform-channel-handle=6724 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x2c8,0x7ffa84c5f208,0x7ffa84c5f214,0x7ffa84c5f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1828,i,18002461045990706691,13177217747720772738,262144 --variations-seed-version --mojo-platform-channel-handle=2332 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2296,i,18002461045990706691,13177217747720772738,262144 --variations-seed-version --mojo-platform-channel-handle=2292 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2308,i,18002461045990706691,13177217747720772738,262144 --variations-seed-version --mojo-platform-channel-handle=2468 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4484,i,18002461045990706691,13177217747720772738,262144 --variations-seed-version --mojo-platform-channel-handle=4500 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4528,i,18002461045990706691,13177217747720772738,262144 --variations-seed-version --mojo-platform-channel-handle=4608 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4528,i,18002461045990706691,13177217747720772738,262144 --variations-seed-version --mojo-platform-channel-handle=4608 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:80 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 88.221.135.9:443 | copilot.microsoft.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 23.73.139.41:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 23.73.139.41:443 | assets.msn.com | udp |
| GB | 23.73.139.41:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| GB | 23.73.139.41:443 | assets.msn.com | udp |
| US | 150.171.28.10:443 | c.bing.com | tcp |
| IE | 13.74.129.1:443 | c.msn.com | tcp |
| GB | 88.221.135.10:443 | th.bing.com | tcp |
| GB | 18.165.242.8:443 | sb.scorecardresearch.com | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| IE | 13.74.129.1:443 | c.msn.com | tcp |
| US | 20.189.173.5:443 | browser.events.data.msn.com | tcp |
| GB | 23.73.139.41:443 | assets.msn.com | udp |
| GB | 23.73.139.41:443 | assets.msn.com | tcp |
| GB | 23.73.139.41:443 | assets.msn.com | udp |
| US | 150.171.28.10:443 | c.bing.com | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 88.221.135.34:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | udp |
| GB | 88.221.135.10:443 | th.bing.com | tcp |
| GB | 88.221.135.34:443 | www.bing.com | udp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| GB | 88.221.135.10:443 | th.bing.com | tcp |
| GB | 88.221.135.10:443 | th.bing.com | tcp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| GB | 95.101.143.202:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| GB | 88.221.135.41:443 | r.bing.com | tcp |
| GB | 88.221.135.41:443 | r.bing.com | tcp |
| GB | 88.221.135.10:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| GB | 2.21.185.196:443 | ecn.dev.virtualearth.net | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 95.101.143.218:443 | r.bing.com | tcp |
| GB | 95.101.143.218:443 | r.bing.com | tcp |
| GB | 88.221.134.251:443 | th.bing.com | tcp |
| GB | 88.221.134.251:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 95.101.143.218:443 | r.bing.com | udp |
| GB | 95.101.143.218:443 | r.bing.com | udp |
| GB | 88.221.134.251:443 | th.bing.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| DE | 142.250.186.99:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| DE | 142.250.186.129:443 | clients2.googleusercontent.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-cloud-resource-static.azureedge.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| GB | 88.221.135.34:443 | www.bing.com | udp |
| GB | 88.221.134.251:443 | th.bing.com | udp |
| GB | 95.101.143.218:443 | r.bing.com | udp |
| GB | 95.101.143.218:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | rewards.bing.com | udp |
| US | 8.8.8.8:53 | rewards.bing.com | udp |
| US | 150.171.27.10:443 | rewards.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| DE | 172.217.16.206:443 | www.youtube.com | tcp |
| DE | 172.217.16.206:443 | www.youtube.com | tcp |
| DE | 172.217.16.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | rr5---sn-p5qs7nzr.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr5---sn-p5qs7nzr.googlevideo.com | udp |
| DE | 172.217.18.22:443 | i.ytimg.com | tcp |
| DE | 172.217.18.22:443 | i.ytimg.com | tcp |
| US | 173.194.53.10:443 | rr5---sn-p5qs7nzr.googlevideo.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| IE | 74.125.193.84:443 | accounts.google.com | tcp |
| IE | 74.125.193.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 172.217.18.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| DE | 172.217.18.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| DE | 142.250.74.193:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| DE | 172.217.16.142:443 | encrypted-tbn0.gstatic.com | tcp |
| DE | 172.217.16.142:443 | encrypted-tbn0.gstatic.com | tcp |
| DE | 172.217.16.142:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| DE | 142.250.186.174:443 | encrypted-tbn1.gstatic.com | tcp |
| DE | 142.250.185.110:443 | encrypted-tbn2.gstatic.com | tcp |
| DE | 142.250.185.174:443 | encrypted-tbn3.gstatic.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| DE | 142.250.185.206:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| DE | 142.250.185.78:443 | play.google.com | tcp |
| DE | 142.250.185.78:443 | play.google.com | tcp |
| DE | 142.250.185.78:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| DE | 142.250.185.142:443 | consent.youtube.com | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-cloud-resource-static.azureedge.net | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 13.107.246.64:443 | edge-mobile-static.azureedge.net | tcp |
| US | 13.107.246.64:443 | edge-mobile-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | tcp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| DE | 142.250.74.193:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 95.101.143.218:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| DE | 142.250.185.131:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| DE | 142.250.185.78:443 | play.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| DE | 172.217.16.206:443 | www.youtube.com | udp |
| GB | 88.221.135.48:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 88.221.135.24:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 88.221.135.24:443 | www.bing.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 88.221.135.24:443 | www.bing.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9d35fd9bf8525475cc7f8d097423a755 |
| SHA1 | 804153ffb12842e3ed6d28f7acdf2bc1590b7a56 |
| SHA256 | 489797bc3f66e9609ee7685fb52232c2861413711dd892ccf9f0af7005e08ae5 |
| SHA512 | bcabb5059818b18876d3475b346f78a6ba01d9a3d6fbcb9bbe0eecc3ad81b85829a3568e37dfe2bdda6258b750a6c72eeb031d880a01ad5951480da9241b942f |
\??\pipe\crashpad_4812_BZFMHSVLYDKOZJOT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9bfcb2cbea23e9b46bf1215ef6855a9d |
| SHA1 | 4c0b2892a3dbb39bb8854e8257f85ce935517af7 |
| SHA256 | 3b6000c7f67a0aa1a01e687c76d197ba999dcfc9151c2ce8882d962a52c990fc |
| SHA512 | 0425eab1a5caa9c40fd31cf30829304c315d725ff22b803f4399fe276e1d9e3e31218f2aeb0666cdc6a854ce9668c9c06d3ed9e4877d19ea20033fbd74ec812d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 01cc3a42395638ce669dd0d7aba1f929 |
| SHA1 | 89aa0871fa8e25b55823dd0db9a028ef46dfbdd8 |
| SHA256 | d0c6ee43e769188d8a32f782b44cb00052099222be21cbe8bf119469c6612dee |
| SHA512 | d3b88e797333416a4bc6c7f7e224ba68362706747e191a1cd8846a080329473b8f1bfebee5e3fe21faa4d24c8a7683041705e995777714330316e9b563d38e41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 1d9026f75791c2f8758b820eaa35589c |
| SHA1 | 29f2983b4b74a8f388b5f28fb9ad4a872bd055b8 |
| SHA256 | 1aee2eb2b64c19df9da11f62b8a5c55f7448683b4f5c4066e4b776aa3e5cd8cb |
| SHA512 | 1074e21b34c627702eb952445181caf24fa57c9b59c1459096fa54cce055566af06bd4bde7fc757595cba184d5432e2666b9e8f58d084940192b89587d6dbf48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
| MD5 | 172092d7b5fde904173f3dbb22b202ac |
| SHA1 | 20edd880ec4ebe967683cbd29ccdc8a603b71a6b |
| SHA256 | 9f5d6111c053ae413a1af28ac764dc9344ad30cfcd0c2b8f798af0bd7849e7c7 |
| SHA512 | b1124e86ddf01adaf0f838a770220dd8936e2c9d3cc7d19238e40ea9a4f302c311a71cbb8ff8bd00be985b692e6dee7c7ead5be75136d7b30574f600bb90c79f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 254563501a981bdc9201e3f0ddeb9d12 |
| SHA1 | 398055aa686f0f825a1139620ffad00e49c6c60e |
| SHA256 | a8c86cce61912fcac4f62909b1323e58ede091ca52f131880316bd0e4789a79f |
| SHA512 | f6f2d42a670007070a272a639b82533cf3262a15753bdd15c65ddccdaeec9b6debc98efff4b6c0b1c0fc74d99b4d354164729fafccd0fe9d62f66d522e52637a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c5942e46d85a27479ef17206c7a3658d |
| SHA1 | f9f5c07062ab37f3cb8770dd91b3ec7796fae55a |
| SHA256 | 2cba2428bf98ecd0304199f93d06e95f453d5e017639e61ff9da2b1b191f257e |
| SHA512 | 0ea7ae09de68e8c52ba8a9c416fef908c6d0ebaae402d006e0718f30e574cc12152a04f8969c6b5da7b79cd03ad7086af35975ca7d5418548d1d2139ad374307 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
| MD5 | ef83f45aa76bf38ad06cb755a3631172 |
| SHA1 | 443701988af068308a945ecf1c7a17e740c4715c |
| SHA256 | 21b01422c56dda8a9fe33e875463402c383298f3f0bbbf5981d4eaf45d24da9d |
| SHA512 | 844be9fdbfcddb589214c13539b7b1aa52af45b762be35b4134a20586d9e500ac2a488951361a1bd96e0d0f75c7a07d47db40f68b0f49c4b476c9b2f7c170f37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 312eda13250f427e3054418e589cabc5 |
| SHA1 | d953c890fbf0af39bdb4ece8c0ff69fa0eba150d |
| SHA256 | 673c56a032a3d539ce786392e3323985b17d22a894e7ddfb7543ff2a88419dfe |
| SHA512 | 592bab812105b38c6ec0a593d764ca42804f3057ef114b253c4ad852768b9628f69b2e7e0eb54dbabc53bc47b699079d1b67ff2412aadf85923d4c5ad1910f77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
| MD5 | 06d55006c2dec078a94558b85ae01aef |
| SHA1 | 6a9b33e794b38153f67d433b30ac2a7cf66761e6 |
| SHA256 | 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd |
| SHA512 | ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.dff2c9d9755f96713c08f4932a9091080808ec34c0823feac2206fa526f91e60
| MD5 | b0917d8e6c5b6be358bff67f84eb8336 |
| SHA1 | a6e221edcb19a1cc81575b4ddd927fd9a6fbdd6d |
| SHA256 | dff2c9d9755f96713c08f4932a9091080808ec34c0823feac2206fa526f91e60 |
| SHA512 | cd5822bbf91e8f7f5ab2b471a4bf8b464bde95465e2fccc6a57e5a287ca55d5062bdd6d4b3cd76f8529ee7a9081b6a7aad7dc2a7581c344ce4fd2d3256bdf451 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c1
| MD5 | cc63ec5f8962041727f3a20d6a278329 |
| SHA1 | 6cbeee84f8f648f6c2484e8934b189ba76eaeb81 |
| SHA256 | 89a4d1b2e007ac49fc9677d797266268cd031f99aa0766ca2450bff84ac227d1 |
| SHA512 | 107cf3499a6cf9cdcbfa3ef4c6b4f2cda2472be116f8efa51ff403c624e8001d254be52de7834b2a6ab9f4bcc1a3b19adc0bba8c496e505abbca371ef6c8f877 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c2
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c0
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c3
| MD5 | 226541550a51911c375216f718493f65 |
| SHA1 | f6e608468401f9384cabdef45ca19e2afacc84bd |
| SHA256 | caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5 |
| SHA512 | 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5e11043baff77c82b7d7e6de7b44bd81 |
| SHA1 | aa7968df8996e45afd5efc068c31581eddbcf7e7 |
| SHA256 | 65092452e7c1ea8dafbeb21eec93d0555a0b4f327b3eb08a5fcefa3ebe9d3432 |
| SHA512 | 4e3ecfb1184972b6450ee18431dd8ad39158c0224cad150e90af93a540adea95c5e588b21846c3ffcb4848b0b20dc2dfd0c46969d2545b6c7bcf4f4314f33b8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ee7469849cb859c8dae9ef23ab949322 |
| SHA1 | 2c0aaeb7214a17fbdc18d304c8299db838901298 |
| SHA256 | 3c1fb7ce137d3f20a5fc9e90ffb159f8724126af86c15d6bdaa4aa0cc72b1ecb |
| SHA512 | e0e43c05f08960d9f57dd89632f61d455ece8bf8b8791d23351f5e3ffe6aad480f9b9e34124bc316f0ec799fa8ddaecda7ea8ff982a2e672beb05948f1119059 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\f9fd1bd4-3821-4fd8-ac64-8914ddd027c2\index-dir\the-real-index
| MD5 | 5540b786d60e57378e06b0759585cbfa |
| SHA1 | 74f256a51b1fbd1ce2ec200b85b1fe517c097840 |
| SHA256 | c46a99dbca31be6a340f515140fed1cf95e76800307ff1992cc94274bbf6471b |
| SHA512 | c7a9959a0902b6d09ae6404f1720d57d5b6c8e47122e6545f345992fb06b0d6261f222df3104bcf79479242976db8386aac6ee19188bf7ad555a3d413d61c2d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\8e03abe1-1319-4fa4-95b6-3c644a3c8009\index-dir\the-real-index
| MD5 | 552bf05f84e55311bb337febc667e43c |
| SHA1 | 47bda7bce9572cf17af508195fee23999adf8cf4 |
| SHA256 | 2f73aa685169e8cd8969b72a33c34c32973570a1d78563fb49390ebdbab4a848 |
| SHA512 | fc6c97a8efdb84f280ce00b670e0678fc17a4d82a0908c1ba14185ed5b0cc34137dd16a0c141b58e7c5d8acf67a8dd619b1c15130fbe41c26af7af653624474d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\8e03abe1-1319-4fa4-95b6-3c644a3c8009\index-dir\the-real-index~RFe57f7be.TMP
| MD5 | a3f733455f2921686c6bb9b5717695c3 |
| SHA1 | 72758d8765c4312774385e5044e5efc692ebae8e |
| SHA256 | 14aac1a31607a59d2c001ad519e58e6efabc8aa714365590e09992cc40adca83 |
| SHA512 | a06138406afc7eb14df9d500826ae0f850338e1a304ad550d68cdaf51856594abcd19988a19ccb7bf37ed0ea9441938b918ae3f6abba3132fcfd78fc6b5e3fea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37dcb1fb-1fb2-49cf-8d91-6f59c13bf972\index-dir\the-real-index
| MD5 | e7f2276db0db99b73415170b4c224332 |
| SHA1 | 10c6b763bed04a985313328e45eb3ca2cf5e9aa4 |
| SHA256 | 08bb083280e359a6b605c6f6cbf4b612190cd0a48f9d5434c121f01cb4fccd0f |
| SHA512 | c4777dc74c2c89b297cceb8404928ab6821f2cec41fbac33d730f24f7b58e166c2e41a9b4e6fc3a6a3cc701bfd7d2ec7f0889832ec642722b394fd6e0e6b7287 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37dcb1fb-1fb2-49cf-8d91-6f59c13bf972\index-dir\the-real-index~RFe57fb96.TMP
| MD5 | 09c25849d13a4affea5d3b547a15c3df |
| SHA1 | 1e458c222f7c03ab0cd864879e38f2aa7f1122bb |
| SHA256 | 488222782e2a600ffae6e71d837899e06f241df585062367bfa67fb37c94eddc |
| SHA512 | c6bfbe17bc48e6e87f50e36df1dbad540f796ec3b8fd014b19f898bb9d2b329d44f77c22c292a897bf2d6a2b075ac62703404d8890945b10524811c8b2afd664 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | aa9d7823847451f432540b3fd2d68bfe |
| SHA1 | 775b7b1292c611d6982e84cdf3b7195187e9b107 |
| SHA256 | 5aec6ea9f0444dc30a4bc938f25a749bd64cca0c4de9b7e33defb240b17f5b88 |
| SHA512 | bbbed3cfd14b366b9640716877330582898c965711f1acfc244419a1896d6ae89e0ed3bd296f9dbe7130052f4aae097cf9502e7f776dbeae8da269db6e999e63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe581112.TMP
| MD5 | e620e0800b90f4d2cca0405cc7cb8612 |
| SHA1 | ed876da71e67b4b056a415b45033994e85494928 |
| SHA256 | 76551abeaceb0aa193d7ebb7e5163b9564079b81dbea521edf0bc476e8f10935 |
| SHA512 | f48354b5012076c19af812252e437a093f0e6fddab3c9c84357673233cc64a268176c268b01b9568ee3da7bf77cb1067bd8837aa15631f1ebeda77ad87535cb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 14dc21ba8516889cbfe475113d739ac5 |
| SHA1 | 5f1ac881e79dafd9c33c00c5080960424c72e918 |
| SHA256 | f236db4f8eae4546097129ff2b60d6ca8be3992ff2ef45d5028767266b7d51e1 |
| SHA512 | 3e8ef09419c9c7f30944a915a8050e6cfaafefa220be6bd37942aa8af45c78c3a0de35958c7136265a3770d92c137de694ddb781dab4c925ee1cb02993a31624 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6be0ea5b-0c11-4491-8571-7ff62c7ad5ee\index-dir\the-real-index
| MD5 | d41aa89c803d1f4646e315a00b13ef90 |
| SHA1 | 2d2e4e4893d73300894fe0da4b5bd8bdf2ec90fa |
| SHA256 | 7ed8b94421cce9ec93618222817633fd088860f3d98b49a8ad150b97e6e7037a |
| SHA512 | d1223cc6c9ea5c89c1ef5c1661f86f6bfd122705795a0a2ef921a1999857798451ba32c42c10db75ea8618335f09c22a6ef7ceaa2d7c0781ce544761f56e2ac0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6be0ea5b-0c11-4491-8571-7ff62c7ad5ee\index-dir\the-real-index~RFe581671.TMP
| MD5 | 873ab861c05c49c43aeea6adcee4ac37 |
| SHA1 | 7729e2fac8fdaf48f36b30662410ee8af8208c3b |
| SHA256 | 9ade19225c37f29e47f584957d48e1ac06d6523bd9897e881962df92c8660aad |
| SHA512 | 47087e0d5bdadc0b95b19b44ceffb1deb34d5b35f4038d6687fcdedb4a9edf48548e5a0feaa1c479a8ca92ed30e4b4af1f1652147b4dd7075b4caff6306c13ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 29fed12df5393969e37b80edd2265c6b |
| SHA1 | 832527c02caa4aa5e2251034c4e7fe9a6efa5103 |
| SHA256 | 5d456847e2e0ce1894e89052cebb635691927e351dac448a0ebeb0e21751134e |
| SHA512 | da576700ab4969b39347b7f393bb53aabfdb9d880c80ec5dd117f91839a5d754867b4acbcf1aab14fc987e911ba8e368b765c5a88c68accf18d09c656d112a00 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | ac8606c48b5a330bd73feb59fb859463 |
| SHA1 | dc82b7d934eb5f9670873c4be5b5ee379a4386b5 |
| SHA256 | 7231e99f09f525df69b70d96c222b0149735620b759d66ceffedd818e7cdcde0 |
| SHA512 | 6fd4130459d6dcdc6b3a30421bb10292e097d8076858af053d0477bca8914c3fcf9f750d767c2c73cad884c516a9efce29bd79de420c7ec82f7d62036912267a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe581bb1.TMP
| MD5 | 1cf563796119c25d310fddb3c1632169 |
| SHA1 | 9625c3947d456ab3d6c6c0dfe777b916eeb45d15 |
| SHA256 | d526c17686f0340eb8acdc106b8d7067d9fa859fc0a99bf6d18800d421fe74c7 |
| SHA512 | 8b40a63674b69b7fb7ae681e75bea629acfb9718f073a5d5b79526346eaba86223e7d9eec34167207562e23f2b0758c4d00fc5192fe637a5b68ef4c884e58ce6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0cc2872b473072d62b7645d31433eb2b |
| SHA1 | ccbc50d4a894400b0e7baaa7ab5f1d6956b527fd |
| SHA256 | 54c4bc66171fd226855f68a915ca69b10a4c35c42b9a09a8d6aba66ac1d6e602 |
| SHA512 | fdc52e108b294379fc6d7fabaec94d5298b46488505337c6a50a9ce613906c2da31a665250d6126e05495de62d752af49ff4dedc52a67bd4f1a479f371ea4cad |
C:\Users\Admin\Downloads\solaris (1).exe
| MD5 | 0afcd7ca960cecf358f0ed09c8c3bfdb |
| SHA1 | 5485f19e7c2bb065530307443d44374c3706f933 |
| SHA256 | 77df13cb8fdac0f93035d9df79c94ebe5f1d701ef0133a7678fab9ada60f73f2 |
| SHA512 | 5242bf7212ee87f5561cef9d84c3104b825ebb01246026912cf2dab719e96dfa7ddc4d60d56903cfff47732322365ad9d47d6488e39657ce406eaa7dce155d2d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | dd76db7a6d3a243904bac0e2993c36ff |
| SHA1 | 8d413ec42dcf9a62f29fe914c51b3fc82565aa8f |
| SHA256 | 5e72e5b8a7d96ed0d87848b266520eccb636b9874f6f54d2f12b2a0e74653296 |
| SHA512 | 368a83454e5b9f2b1f5b9ff60506bc23ab55ec5ba09d258149b9d255e621ed6acc77f4fbb594a8e048e3f33fd9838860ab081fbe67e8ceba04f5f2af73330bc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 90af086122f5767015b4a1cce5964a03 |
| SHA1 | 1000b90f50f3be4cf88573a6e509049d1365e689 |
| SHA256 | f10187dcf7fa095adbefdb3654b5cb9be8e2568064eb883e52ce65215dc48b80 |
| SHA512 | 21e84cf8a2704f482f923a164a2b6446d520ea5a5dbd651156745479c7fcbe037b655d1a41a6e48ccde2400274c630caf06e6571fec2b5bc4369476a6954dad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 07aaba6c7db565788c577d8b85ae275b |
| SHA1 | c97ac01b180afd90d17dbd6decf50b4f124b4352 |
| SHA256 | 78b5bfb903bc0301bbf4b24e66a405a3b97fa9b6ef7585d47293e504d62269f8 |
| SHA512 | 986fd3fb4acf4206c2bb44fd343e80fcf2e7c5399580e7cded713d9265b677fd170430390fad872166c18fd21deda2a6244e5e9bfb33ef7ef8418dc1f3c582ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5866d3.TMP
| MD5 | 585c28bebefc8a953d8855179a47ca61 |
| SHA1 | 678354b5873c6374d4794ff2e0fa741b60bbd184 |
| SHA256 | 19bedb328531a9716e1144406705c9905b3fd752db841034f6f04990767508b2 |
| SHA512 | 62bd7c4107733a1c2b6a6dffc7ab4f51a2f1f8f19e1a24903abf909b3e7c95570a3bac0a35473d103a86db4f2b594cb1d9d68cb9608a71013f3212a514813c54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 9aed77eea01c0e12f353ac3b96b8a380 |
| SHA1 | 31f25cbcb4105b534964e43bb1bafbfe67cfc454 |
| SHA256 | a46e513bde07965023ef51d486475053c89a4e65980473a6bb9483955e750d19 |
| SHA512 | 109de7e0f52941a6ab35e3b495469038a3b0024b2d8383ce9648c2dc9bd107de325d12f266d39fe82503d4a3ba6ddd02e34a993a7f7fde7daf6e44c4a7161ead |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG
| MD5 | 85c78587e1c720890cd9c05bc9e1bd09 |
| SHA1 | 8b2805a0087cd6ceb8bd8c3fa5e103f016a8ab5b |
| SHA256 | f384c85d7f117be26f5afc3d41fd1e555c4f86e5ccddc0020af7778db6ac90b5 |
| SHA512 | 25c8b4d6f6cb0533f699d062b4de2a3bee6aed9077ad18cb2ff1880f7b9788bde1a6a235d00c3221135b400dbaf0058d49c03bd1f185f49071392cc153e39c27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log
| MD5 | 96683ed8f599459966085ffa68cf517c |
| SHA1 | ea91d41fbb24a2cd920b280264e3a6b0d72802f4 |
| SHA256 | 24bf8306b5db188dde52faae7e31be2b539e29fc88187efbe09426e518c4a536 |
| SHA512 | 7e4c06be0ff00a880f1cd8c229878dd1e123d5c4408956ac1405647bb4a07bcd762fe82e5cd0521730b01c7282e7b58fcf7207c4e9a9396adea53bc423658b0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d0c6502f41b6e7885d96cb7a32d28048 |
| SHA1 | 6e293830eb9aca59c26aa75bccd6dec5a86cdf3d |
| SHA256 | 3464e928bf9ccdc71f4931ac973d44e649bdf32bdcee1685a86e287bba74cab1 |
| SHA512 | afade2bd03a9870ecc49346b7d9c6854c8c7231b60ce4bed0fa3049d9457581f77f069f63d18458cd2cffc4b4c1ffd6df16430cf35b94ca2dc30f2db7b24759e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 415b53a5c36a5e0c905cccd47458f5ea |
| SHA1 | 6127d8187271785c74c87a896a0d70e7f7e3bfba |
| SHA256 | 8a52103dac3fd5f98899b2d2e1bd8dd254a8dc2ee6852077b7e46a723414ebc4 |
| SHA512 | 3f1a173456c551822b76e4fbab2de9ad31cf92eea38b2bc02105d58785bcaefe2a36b67fd53b8d21239a8620c79c292c53f1d83e4ffbc87d28790e51bea6ac77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 4b984ad913afe72cd62b825932f02af0 |
| SHA1 | 7ecee688e2dfc0644d6fec0729c8b8ead56ab3af |
| SHA256 | c49c9e9bdbd65cbbd192b80a7c5ed3f725653433faadfc74ffcc1ddc53e1d1b3 |
| SHA512 | 1e7233d2cd67095439f6f52decbdfa473c98da6bccd6e20233ccf0d9aeadf4ae2ffee4cc471c56c87c075826bd74edb2186c94723139aaa58ec68d18a2bb7d05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig
| MD5 | 41c1930548d8b99ff1dbb64ba7fecb3d |
| SHA1 | d8acfeaf7c74e2b289be37687f886f50c01d4f2f |
| SHA256 | 16cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502 |
| SHA512 | a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | b2b59589da683d1db1cf9a72bcb3f10a |
| SHA1 | 07ed3d7ca37a7006d6db47d90ec8c68c9366af50 |
| SHA256 | ae1b6a0dccbafeffb0c2691c6bbf090541f4162fddf7422aedf3dd7441a105aa |
| SHA512 | f7a2b20fa254e970aba7689b75e27bcca2a158e896f5e6ce0627c3051b6a4117f2346efdc924a64e6af31f48168cb03c5f437655d0f48f8a490306a57d87bb32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e4f055dbcde312606b9c0381018dda26 |
| SHA1 | ce8482e926a50fcd0f8f3564f4181c271386a30d |
| SHA256 | 103c985f701e198f179b73a3ad6c265e8054fca8fa4ac2dbe81488bec587afc2 |
| SHA512 | 61b940934454e0ad4b5cf7b01bab7c75dac7cebf27209ed36bbc7c20020ae7763766ce87a33dcc953882775d18ee6c516ceb2da5c9c089eb0761c92f80ee254a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 77cf0dd56d628b498848a09bb1c69c27 |
| SHA1 | 2f8bf225e8885b1a5c4ec12c2c3baaf8ac67827d |
| SHA256 | 290479c0a107fc7970efbb1d51ed18c0a48814b145758861183415b2cbebcea9 |
| SHA512 | 78c7ad3c989b12f9df3f2d0363dbfa2d8ed2c11ad98adf2773d07e41a6cdd7ca51214322c11ed00cc0feaac729a0c0c4f6712042a1039903fa23f6707e681f5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | ee2b7f50a02901e5faeedb4b59b79861 |
| SHA1 | 8de538dcf61bf590df1b31275bbf4803378ee3ba |
| SHA256 | 2db1f67f0782ffb5dec5541b70af7179cf16e89257208b305bca6ecba30b6a82 |
| SHA512 | 9ef624c5b0f9cf30e183c79ca6d58b89861135a0628dfacd47ce708d3f29ad89acf355245c5fd86c4d443b0fb895225791249d7c6ea0ec68d26ee4abf8fe4a1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 22bce282baef96725592ef258aa6343d |
| SHA1 | 075dac7ca87346108e4b18ad6901814957c9b082 |
| SHA256 | b2ecd47115c3b718aa2ab4b623378cbd66af30e390b88e6b2979420d0486da9e |
| SHA512 | c057f181f09874c326413c0a2a2ff9a57415e73d51753e932d4bf7ff93f0feef110585500505ab743dd6f3b9e31b1235722ed8524381af67aba641ee7e730d81 |
C:\Users\Admin\Downloads\o.exe
| MD5 | c5eb98a2024b3a77d59e1e5123206997 |
| SHA1 | be4551f0ad0c49aac85e7ce5f429ddd57be83b01 |
| SHA256 | 73c0eadb15dbbbe57f7eafddd46379cd87f1a58a30cfef0fff212157bfc4c359 |
| SHA512 | b69e87a6bb4563073a3f4428c7ec888a22e94cf0b0703043d179c90cb2c15b5f9ebee39eec30f85d77393a50bf6e6eb8bd56606c1f8c404c6a88380f063cf9c5 |
memory/440-2080-0x0000000000FD0000-0x0000000000FDA000-memory.dmp
memory/440-2081-0x0000000006020000-0x00000000065C4000-memory.dmp
memory/440-2082-0x00000000059A0000-0x0000000005A32000-memory.dmp
memory/440-2083-0x0000000005A70000-0x0000000005A7A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe58d02c.TMP
| MD5 | 70e1e1950facf7d4d7c8531e5873a0e1 |
| SHA1 | d9b6b57aa0a5877b4baa7ba505528c7d3bce7e8c |
| SHA256 | c007e1eacf939411573d22554950543c30f816507a30af2d4db2491e204f3438 |
| SHA512 | 30a7eb83621cc41317e57163a8379c4fa4ef535475a139a8db9cd95076f8d4b3613da07952b7532466e56b74390fd539f9b8f2b420c06bf705f8e4ce2bb1ea69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d5e73f14a4643ad8e56eec82c44fa9c4 |
| SHA1 | a6ab45eaeeabae74eac60919d59aa09744fea1d9 |
| SHA256 | fbe2ee5948b2586125d0d0ac79b67a879f6fdbd8d054761a5ea93aff45bfa0a3 |
| SHA512 | 451b33ce54a3a7523315d4f7ff606dbd92fbf47539a8b9748a7a44037b4d1fad5ca5f50cb1ed98377875c90e10252820a4ab8b6fff29ddfadc2f9e2c742b25c2 |
C:\Users\Admin\Downloads\Mythlas.exe
| MD5 | 1bccdb1cbbdb299f4053dbab4236dadc |
| SHA1 | baf7c15c30c705fe99c4b5cbada6a46cd92cec22 |
| SHA256 | e65c793a31137ae75a6f30ae2933bd7cae74fcd4330b6c8770c14466bc3a878f |
| SHA512 | c32b746081cf17dd1e29bf132350f753cd10636d37caddd3d3b8714675710c67420d08ff27e3d0f7aa71f0977316f62261cc5ca40badbb5d2bf76ee3972bcc3f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | d668d4ff3e0a3804222fc8c9e7b388ea |
| SHA1 | 015e207be9704003893af7bb60cef31bde99850f |
| SHA256 | 6a1e80ca9c0cd5608c949398aa733c1acfad03b5fd36e95d5e2414dde5bca0bd |
| SHA512 | 8dbf4448b0f0bb5a2133204136b494683a3cc7b609166160b29bb3e720396b7e215a17a4c9c77f95683bbc62ab5e09552d9b095297abe6788791cb9e558fb7a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b57443e2-32f8-4994-b577-f2e819658f8c\index-dir\the-real-index
| MD5 | 7d03f80270a90f53f833fd999f53b8b6 |
| SHA1 | 9d722a8ba5e72f6aef2b8bd3b14ed3ba005c3464 |
| SHA256 | 1b0f80c1ff646c0d83912265aba7fca56ddb90ff3722e6e50a45a1122ddb21b8 |
| SHA512 | 1738af0850491b54e8535823eb8c5e088c1dd3379f173c3baf8c51c972f57e4e028c495f9d4f8995c311ec62971c6f3ca573157e1e0dcdd81111bf10a5fc9698 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b57443e2-32f8-4994-b577-f2e819658f8c\index-dir\the-real-index~RFe58ec4f.TMP
| MD5 | cae357d101c1811fb64fdbcdc7dc53bb |
| SHA1 | f88002f886ed68fcaa83c9bf27b58b15d5d9bbf0 |
| SHA256 | 89060e1a65e4b386bcee6c21147a8a3776e107081926dc805c0531eb22c70a2a |
| SHA512 | 0e5a2c6a396a1f8aaa3593dfd2515e618d4d43a5925a73993a11245ed2517157429b780c57b238948cbb1df278ddeed93626280ba461177b4f233dcf1e909d2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 129fe733e110e47b2bae49301a78a610 |
| SHA1 | ca6655ed6c6bb7a709f149fc4498f5d19c632570 |
| SHA256 | b5ed0ed93c732d90fec554016324aec37b169c8a2aa0d7596895f60778c6ba2b |
| SHA512 | 549c14799d834ebe49a96f90e99b420a5cd007f2d4631f0a4531f2c067250e5aa24ab103fb84aec898b081b0cc629fca3496e7640ca15929152fb00c09704903 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 8bb34926db9b09d39f94c3a09594c40e |
| SHA1 | 6b09d4f5d00e9498c13baf1416fb24f353226dd0 |
| SHA256 | 24c22c6a5c526cf7a39a46ee1305a982b39542c0e3eefbb74595614963f08727 |
| SHA512 | c69944e8103a05c09cb1ed0a4cb13a0eae3d1a678efa877ca8d2921f50debd8c290eafd9e9aaf3636fc5608e960c8b82e13f54ff49e7502aa7143982da72fe72 |
C:\Users\Admin\Downloads\Kolesium.exe
| MD5 | 46213d88cf0ec128340d5bdc2479d1b9 |
| SHA1 | 2e8f3621f860beddf4985a9f5bea2863542e4a7d |
| SHA256 | 82b489067d0a1a9c3fb525b4f9a48dc709d4a3bf3d4a881b44e5c98283b1e809 |
| SHA512 | c958db74258699c324c7ec1fb14f03b7a71a4ee7a6e2bfe7a479fe9e7926e1afc99ba858fb613a65cc8c99559740758d162d2e228007cd0f7fd29b5b11ce651b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 10a745930126ba2f217f1f4932ad7385 |
| SHA1 | 8a3162797d6036380f95d092d6d06d4efa6578d3 |
| SHA256 | 5956c7b13f9256d374b529d625c8ef1340edc1d9747631f566de34651dfcd503 |
| SHA512 | 4bc973e4a20a863325cae3ba60317b59fd7545caa4bdd3810da8dc289c424e414086d667f97eaf2294bf41e82bf076ec0b7820a1e532d80b6c173c85c10495d0 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4812_1945965110\manifest.json
| MD5 | 7f4b594a35d631af0e37fea02df71e72 |
| SHA1 | f7bc71621ea0c176ca1ab0a3c9fe52dbca116f57 |
| SHA256 | 530882d7f535ae57a4906ca735b119c9e36480cbb780c7e8ad37c9c8fdf3d9b1 |
| SHA512 | bf3f92f5023f0fbad88526d919252a98db6d167e9ca3e15b94f7d71ded38a2cfb0409f57ef24708284ddd965bda2d3207cd99c008b1c9c8c93705fd66ac86360 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4812_1945965110\LICENSE
| MD5 | ee002cb9e51bb8dfa89640a406a1090a |
| SHA1 | 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2 |
| SHA256 | 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b |
| SHA512 | d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c |
C:\Program Files\chrome_Unpacker_BeginUnzipping4812_1945965110\keys.json
| MD5 | bef4f9f856321c6dccb47a61f605e823 |
| SHA1 | 8e60af5b17ed70db0505d7e1647a8bc9f7612939 |
| SHA256 | fd1847df25032c4eef34e045ba0333f9bd3cb38c14344f1c01b48f61f0cfd5c5 |
| SHA512 | bdec3e243a6f39bfea4130c85b162ea00a4974c6057cd06a05348ac54517201bbf595fcc7c22a4ab2c16212c6009f58df7445c40c82722ab4fa1c8d49d39755c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | af4e7de1b0faf71fd9b1d5cac9ee02eb |
| SHA1 | a70eae363a4cb35cd20f7aa5c9a23fc03049a8c2 |
| SHA256 | 8e0e3d097c42e4761a29d228d6e7de15084862055b2c7e60462f9cf6afa7a8f6 |
| SHA512 | 75af160e29b806e899507b7d7e6daf6fb41173cdbead16756c4b963787de43ea11bf4e2a5bab33888d77002e6d844a0a117457e7d0aec9c56f8f6dd4d2edc483 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 745765b7a6082aa86b5bedb513894bc8 |
| SHA1 | 9947fc5869ca6a7c879311de7620cb052d24c162 |
| SHA256 | 606750f656b5790efccecd3b162de8bf91f9747ed292cded444824381bd12fe3 |
| SHA512 | 53a26c60671fe8b2b0cbfca86c44f401a3648b5da595635d04f4142fd468a3d7644954a80799b1419a58a1ef2b9dd68d4feb3cfecbf81ccfb70aa8093be1c9c7 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4812_38506784\manifest.json
| MD5 | 778202dc964e7fb0ab5bed004f33fb14 |
| SHA1 | 932ed013275e2c1172575885246c937c7cca87af |
| SHA256 | 4474f08d1718da148ddb55aeb998886c053f6539c2fee3b3b1796f3855792ff9 |
| SHA512 | 9105af9928af4bcceb2cdc2161137ef6b07f4b97d663bbf27086f80dd266e967a5524aa5aec3f457493a0c4b98aa092aac6bd5062e72cbd4d939402c92093948 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2cc0fb195da3d01a4eda7ae527158cfe |
| SHA1 | 36d1a99e7e99cccbfd7528e5b0a7f6f71d8ea1c7 |
| SHA256 | f9f8121131eec8ee878beed5ff74370d0f2cafc973f3f18f93faeaaf9d21f809 |
| SHA512 | 334d7eb50106cbc8b517236fa27cb9a86c92217921c7525ddb815b0ab305c3fb404bc774fdaf4be4d283c3ec483dbc12e68f18e3a40b109cc1ece1b7ed9ae8bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0dc5d97e49cfa06957d5de21fd1ac446 |
| SHA1 | fea4d2d5d59f90f8fbfe2dba580edd2adad7b04e |
| SHA256 | 36850b579e88df2362e3c6bfdabbd121354416338d7cb85b79a0d89b59737c13 |
| SHA512 | d61caf87485ca8e1b8a536f934da2531174844e0ed9d442ee0096286db331fae832a923c36577f82c534010e5bba7a1017c6558b7d7a2f0670563e75ff6e1d9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Platform Notifications\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 814af8d9571e7ee37167079d30b4b0e2 |
| SHA1 | c6b2b705563766bdc5dc902d330ad6f5026314fd |
| SHA256 | 3d577f73703fd1d9a09b5da0f41ac10c2e07d1f3ef6e468eb18ec54cd83fbddd |
| SHA512 | c121701ad0226211474ca1423e137a94bf544b737cf2a0460a07aa6746e0ee1fc5d613ed407578da14b88cda69d16e7c955c957067c9ea24c0de28d764d90fb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 925f4a7f4809361853cbf80ab8714a78 |
| SHA1 | fa8654756f5d8cb9e422b1a415170efffeaf02ce |
| SHA256 | 60c7caac6f744af854e6ccf04fd08e157d5f00b2fedc68f9e611725ec9a19d66 |
| SHA512 | c62c34b2a35158b47aaed14ce7d3a60db42e522c2825e9150518c93924b3f38d0693a0156723a1e076c40664c58d97919e4be7211eeef967fd102818e63c9214 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1
| MD5 | d962542bfdfed6f60ed65a98e122ff0a |
| SHA1 | 90d61cb1bc2fb79f32330b6986fa61b1d1525148 |
| SHA256 | 9bf58e8847f5bbb71a15cfd0fbe429199e059f62d455df4d7f0ee06c4088c2c9 |
| SHA512 | 71a491cd2a7e75e69625b03dd6634c06683dee24d15d4f171af116dcdd3dcc9ee93bb00e7c1008e6d2b46e77703d258cccb98731feccadfb7915aa30430f5cdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 25503effe5d768eacd4b30a93ffc553b |
| SHA1 | 9171ea564715558429174481d6d256392ed7c6c1 |
| SHA256 | f41d60414877dbe2a14486c4acf37bef0c55cf76b80a12f8c229349ad5669741 |
| SHA512 | 4f3873d07f470f93d99393bb21d6e8b4ea85f4b55879d273f16be6b0ee415550540171f4c9dc6f2e6ab546e1e8adde587545bd1749db5534de0300bd57e52358 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 3e45022839c8def44fd96e24f29a9f4b |
| SHA1 | c798352b5a0860f8edfd5c1589cf6e5842c5c226 |
| SHA256 | 01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd |
| SHA512 | 2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1
| MD5 | f6975d81c729d32569c5df3cb9251fa1 |
| SHA1 | 2391b170af2104e5d67bc1dbe853c0af43b9bde8 |
| SHA256 | f9b1cd20d141b50fea7f71b294644c42b8a124bef65452f0d84202c97736b611 |
| SHA512 | f75fa93365317727b1d7a4d0f8b013894a139b0dae6f85688a573411426f8ba8363746e5a4dc54324935ff6944d4384b6c27227162bcaad95138bf20bb5339b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e229e942-34df-4780-bab2-a84df60464aa.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0
| MD5 | ba9996d1f96b08dc3596447c5e8fc1bd |
| SHA1 | 47db139e0b0092b7000dcfa62c2525d624181a9b |
| SHA256 | 0089d5453347a890656a2a3364bb468825c54f36fc8fe346b0c60d4210fa32ab |
| SHA512 | c15bf6eb8a1cacf6a7cc2c14cd6ac7273a67dabf4b9ec45d4e053a3779a9360cd23921bd1a5150e42eb5104cc42f3c66948f962f4d977531820e50dac6e0949f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | 410cba6c843ee3ac737d650d275ab34e |
| SHA1 | 1179c8b2ed0299845e2af587e878581e49253a8d |
| SHA256 | ef7ebf0ca807a7e88710b73db8fd1d3ab81f1353938a188e7395ee0976932304 |
| SHA512 | 9d3949cfe5e820f88d9393a05066f09eb2e9cf22ee6b63af66f755b8d51990fafecd0ceff1ec112acccdc69ca62a676057646dcecef6c438f21993d9a3cf5979 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 8bbb2be5bbeadb874d28e7eff43bf350 |
| SHA1 | e0f43144a8d4725483f9270d1a932adea68f25cb |
| SHA256 | 1650c09b6426978b6ea517f713d0d93cf7c40ca205cec90c881888c410d03aef |
| SHA512 | 66846de7f06244da3f48aad278671a03196959c44238af8f043036ecf492af974780933acd8178e519074f9dff12867ae50969a970b7ec4d18a2daf83d0fb23b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 00dff25777897d807c416af515fb1007 |
| SHA1 | c83a784102c12d65f1eacb5e3723d6d0bddd5c89 |
| SHA256 | b5dbbaad1cebe96c11614c295662df1e46b9fdec9c0da98feb43fcc0e5c78f22 |
| SHA512 | 17bbbdc6814e06f054997959c34682c916131ba1b701fc18f3ab0066b3ac4c3ef0dca73ed1709cf57d2fd3cfa315628de9bf65619307b71d4941bb64a89aacfd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 8406f698037a8d493b6265dfb78b1b74 |
| SHA1 | 2273e9d40a1e27117d845bd4955fb7fe3c76ea2a |
| SHA256 | 6f8c18e46a71691f1af60637eaeaee20e982a30dc122cc44518038d36ac4b5d5 |
| SHA512 | b112863ad378bfb09fa873a76df0220ef85ed63921bb45746b64205b80ceeb659c0918cb2ef5d28cce189a6b6cd49ced229a8ca3bb9279e3b92e5fcca4df12b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b2afdc06ec2c5886555f09bd6a674eb7 |
| SHA1 | d632ece09e09ebca4af0e710039ae6aa657f3039 |
| SHA256 | 8a9642155ebb5d2a35a057bcb1ed859d7dc32408ba4c0a82aaff2f74691fb449 |
| SHA512 | 09203daa475af8b3fec92d9316c4ccd66426a0d630dff4e5335c7d90b549114e2f2c1f692ce1128487d54ab02250026827720b66e661ada657b50d0598cd0d24 |
Analysis: behavioral2
Detonation Overview
Submitted
2025-05-02 13:35
Reported
2025-05-02 13:35
Platform
win11-20250410-en
Max time kernel
0s