Analysis Overview
Threat Level: Likely malicious
The file https://github.com/GameFirstIV/Wannacry/blob/main/Wannacry/Wannacry.exe was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Drops file in Program Files directory
Browser Information Discovery
Modifies registry class
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Checks processor information in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-05-15 11:46
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-05-15 11:46
Reported
2025-05-15 12:01
Platform
win10v2004-20250502-en
Max time kernel
871s
Max time network
881s
Command Line
Signatures
Downloads MZ/PE file
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_37088348\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_174571227\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_174571227\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1495693770\classification.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1495693770\travel-facilitated-booking-bing.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1221158885\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_2109732011\ct_config.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1597280079\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1221158885\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1608048824\safety_tips.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_2109732011\kp_pinslist.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_906444570\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_525483962\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1501504616\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_244625827\autofill_bypass_cache_forms.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_244625827\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1608048824\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_96295886\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1547434563\english_wikipedia.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1495693770\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1495693770\travel-facilitated-booking-kayak.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1501504616\crl-set | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1221158885\typosquatting_list.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_893995099\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_906444570\Microsoft.CognitiveServices.Speech.core.dll | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_174571227\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1504483997\deny_etld1_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1608048824\typosquatting_list.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_96295886\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1547434563\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_525483962\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_92637651\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_96295886\data.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1547434563\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1296796242\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_92637651\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1504483997\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1547434563\male_names.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1296796242\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1504483997\deny_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_2109732011\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_906444570\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1597280079\smart_switch_list.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_244625827\edge_autofill_global_block_list.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_244625827\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1608048824\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1796636239\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_37088348\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1495693770\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_893995099\arbitration_metadata.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_92637651\keys.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_92637651\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_2109732011\crs.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_2109732011\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1796636239\well_known_domains.dll | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_37088348\nav_config.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1495693770\extraction.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1504483997\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_244625827\regex_patterns.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1547434563\us_tv_and_film.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1597280079\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1504483997\deny_full_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1547434563\passwords.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping4556_174571227\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133917831962767531" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-186956858-2143653872-2609589082-1000\{7B7ABABA-D448-4BBE-84C3-81D61C47CF2A} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/GameFirstIV/Wannacry/blob/main/Wannacry/Wannacry.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2e4,0x7ffba179f208,0x7ffba179f214,0x7ffba179f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1820,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=2284 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2244,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=2240 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2568,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=1804 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3512,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=3592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3520,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=3596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4168,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=4268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4276,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=4396 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3724,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5092 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5312,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5320 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5500,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5584 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5468,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5604 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6240,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6240,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5408,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5392 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6444,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6328 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3672,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5440 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3688,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5356 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6600,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6352,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6604 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6924,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6608 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7116,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=7060 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3712,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=4320 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6968,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6748 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7056,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=3508 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7036,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5620 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --always-read-main-dll --field-trial-handle=6988,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7012,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=3640 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5188,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=7120 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=4572,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=4300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4608,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6628 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4280,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=4396 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6388,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6688 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6668,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6616 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5324,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6484 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=868,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=2096 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6564,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5828 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=6192,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5828 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5912,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5916 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5908,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=7020 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5864,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=3324 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3440,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5832 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6120,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5600 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5980,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5492 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4592,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=3132 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6868,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6780 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6452,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5464 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6704,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=5532 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3240,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=1296 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5684,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=3288 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7120,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=2900 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6780,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=3844 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5888,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=2900 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6784,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=3488 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5140,i,7460377108940594947,11967547558438801510,262144 --variations-seed-version --mojo-platform-channel-handle=6832 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 150.171.28.11:80 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| FR | 142.250.203.238:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| FR | 142.250.203.238:443 | clients2.google.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 92.123.128.150:443 | copilot.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| FR | 142.250.203.238:443 | clients2.google.com | tcp |
| GB | 92.123.128.150:443 | copilot.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| FR | 142.250.201.1:443 | clients2.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| GB | 2.19.117.68:443 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 92.123.128.135:443 | www.bing.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 92.123.128.135:443 | www.bing.com | udp |
| GB | 92.123.128.156:443 | www.bing.com | tcp |
| GB | 92.123.128.156:443 | www.bing.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-cloud-resource-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-cloud-resource-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-cloud-resource-static.azureedge.net | tcp |
| US | 13.107.246.64:443 | edge-cloud-resource-static.azureedge.net | tcp |
| US | 13.107.246.64:443 | edge-cloud-resource-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 92.123.128.193:443 | www.bing.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| FR | 142.251.37.35:80 | c.pki.goog | tcp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 92.123.128.141:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6eac9d05429a9358b608d44d94784e10 |
| SHA1 | 73395ed98fee0a7a2f8585c37a8811bd8837585d |
| SHA256 | 0bf0ae5a65a11d2714b2ac12a424cd38ed0a8b7e7530ec59362786b1a832eb60 |
| SHA512 | 235731c2c6a85f6ada201f4e4c061ce7db201a2e82c04334a5bfcbfdba60f9ac1b99a06e9ac1e9bbea1651b16747fa4e44f68f6882a960671b6b613f51213c18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9cb7d2fcafaa09c5c2cf9f4b5d362b7c |
| SHA1 | 4cdf7f2d45ef507a017c1779df3e6b73fa21ea13 |
| SHA256 | 62cf27c1e5bde558d0aed851ddf990854b903b2633b22797d050cd2ed691b88c |
| SHA512 | 55422aa3d1cf5cbc77a2569f0eff797a86ff4b24d059572edd251b2ca2c8455122cb88b330d8a271673f76225597a5d59358b3642d19f70e4804ed81fe61636c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5b6af3a2ff2252fcc9a5030a8274908d |
| SHA1 | f125a9bbfd7055726e60f2c465b365583c29e0d7 |
| SHA256 | b0adb0273dd47a0fceaeefd5e192a945faf1b06116ea2115b96b48be77d4e7ca |
| SHA512 | 8dfa23bc9a8ccaa6d3e7a052767b4f3eaad09e30ebabef58f296d541122d4a466af487c62bcf7e40e1665585da1583c48cf2eb8f0a03125196625cd6ff743f19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3913928d36a204b8c7a09f9664615308 |
| SHA1 | 6f5a2afcf7d4f9ba5d201c4575ee7ea5cbc904bc |
| SHA256 | 5cd63a20006de4c006a47a6b3a922a53b15bda4fbfd14e77b8a5416583c8f9b9 |
| SHA512 | 25f2410c171fb2c64bd4a3706a3a3b5de6f694cbebe555cc223996fd3a16d346737594d4cc09a737484d8a5e3a0ea33e0705ac60481b51857bdb3127a7996145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\51c4ef2d-3e22-42ef-9afc-9e075bf5f8a8.tmp
| MD5 | 164a788f50529fc93a6077e50675c617 |
| SHA1 | c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48 |
| SHA256 | b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17 |
| SHA512 | ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
| MD5 | d420a1411410bea637edc21d3e583e97 |
| SHA1 | cc3cc7c6472f75a8005f4b4a11eeb38d90dfccee |
| SHA256 | 3180adef4b17e6482eb5d9f6cf52ef56d837e7560e6bd74ccfb57a4f13658887 |
| SHA512 | d814d5d0e45fb64207f33a9752f98ab35734579b0b67f155e8fdfc3464f276e6a9cc0d1a207d02a470e5d9a7226e177038d9560a4ec43a679db505009e67d635 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
| MD5 | d16c760a11e6d783e73d89df7769c70d |
| SHA1 | 802ae69bae5f7f20ed38ab29e31ffb392f5e8307 |
| SHA256 | 2a6b31368c2809fc8bc283974a25fcc336f45c2560ea4849b708598dad01db99 |
| SHA512 | 68d3d35e05c0c4e9305496983e7cf16e728d847473bb9ff350455b6076d4e9ecee466d7337db741f1e9e3696edcebaa98be9b506c2ba3967c2ff80440f19c12c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
| MD5 | 06d55006c2dec078a94558b85ae01aef |
| SHA1 | 6a9b33e794b38153f67d433b30ac2a7cf66761e6 |
| SHA256 | 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd |
| SHA512 | ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4556_314652710\860f4435-556b-412e-9e18-faa77906728a.tmp
| MD5 | b0917d8e6c5b6be358bff67f84eb8336 |
| SHA1 | a6e221edcb19a1cc81575b4ddd927fd9a6fbdd6d |
| SHA256 | dff2c9d9755f96713c08f4932a9091080808ec34c0823feac2206fa526f91e60 |
| SHA512 | cd5822bbf91e8f7f5ab2b471a4bf8b464bde95465e2fccc6a57e5a287ca55d5062bdd6d4b3cd76f8529ee7a9081b6a7aad7dc2a7581c344ce4fd2d3256bdf451 |
C:\Users\Admin\AppData\Local\Temp\1bac9d49-9467-4aff-8c3d-32b80e33307b.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Temp\185bd8a0-0240-40b9-a3b1-c55db6387845.tmp
| MD5 | 78e47dda17341bed7be45dccfd89ac87 |
| SHA1 | 1afde30e46997452d11e4a2adbbf35cce7a1404f |
| SHA256 | 67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550 |
| SHA512 | 9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist
| MD5 | 6b75d9bb2c81bcca8182bd8251593e50 |
| SHA1 | 3e330ed26fd626ee18e992dd50b698375afe1a1e |
| SHA256 | 7f4ee78a24e42c7c3291be9948dd6c8bb66948a9e40a705320162c6975f6dd4a |
| SHA512 | f83bdb8cb01f064b7e13a42e563c9bd70fcb952fb3f7c0a4b9dcc8d6f1da395198e5d7482e9a848427dac93061a2d97985b94f59fadb92a739d23d33f7e83186 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_1\content.js
| MD5 | 3d20584f7f6c8eac79e17cca4207fb79 |
| SHA1 | 3c16dcc27ae52431c8cdd92fbaab0341524d3092 |
| SHA256 | 0d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643 |
| SHA512 | 315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8d3d4cca3d629e03edc87d2a97c016a1 |
| SHA1 | 58a67b2bf374a1a1c911f53407b86a3765a6a984 |
| SHA256 | d8336c2b6c6c80d29b0b83af2d9153a66bb849bc6e763d3da8e44d92f8a5a58c |
| SHA512 | 756075c32eca244ebf70f72e37aaa7ecbfb59043462385531a6c22560dcfa0914797810e6a139d8835e9e5807a0e03e9a58b9dc9947e01ee1b837a8889adcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e28e45ba6b982516114f92d9f1a68e95 |
| SHA1 | 499ba2df443c6819ca95b882f3a8f8693cea9d4e |
| SHA256 | 623405861625c0793faf7fe2297403a5b72c181a7aaea75c33bc66d645995e17 |
| SHA512 | 3cc16742b21accede498de01e27ab7f5448908fa1e76bfb603b352eb92751d17758a9afc61706f1fc42a19f89afda092c65e854cbeb1d0df9fed5e1a3d63182b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | fb41089b40861689450159ac8903fcd1 |
| SHA1 | d045e9c7d6138e15d0570c6163cfd752d14f7c7d |
| SHA256 | 0cb25cac1f51ea562d60ecea83631db26439ad2db8c31e19bfad84835dd3b084 |
| SHA512 | 9fa997405110f8d2738fe5eb7927ab67b411852c53b605ee495b07dfb6c7f993b1e7fcaba5d94c34dea0b53afef6bb8f1b3cf83c7cbbfa096a45789e840ff0d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57ce6c.TMP
| MD5 | ca56b6cd163e1fe8249c2173ad14f790 |
| SHA1 | 55ad032ec6f74c35f191fd2409629980386a4420 |
| SHA256 | a8e5fda73ebfeeba0d4d81f5494ef8cfd925f55cd2563f3d4813b8c3462c3a2f |
| SHA512 | b523ecdbafe7b909c18640d1efef586622d80fbacc6ae87379f06d717de8b4f53342e3410641dfc446b209d1a16def95920102b90c4ff0b070e87a9835b67199 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 498c41ed408cfbb3d7233657c1a07304 |
| SHA1 | 6e4ff71938869f6b3c128b38fc6cec863c630843 |
| SHA256 | a59d738e606d366741463920703e8c65ccc3be32737725af0b91ef6889359f98 |
| SHA512 | b9dc8bcabd8433ee633c45fe335b6b2f5b0f480ccdbf7822547ff5e4fb7fbdd9d0323e17efb4aa6fa7755e8e58b36384833a0bfb409308ce30c9c30dca51ee4f |
C:\Users\Admin\Downloads\Wannacry.exe.crdownload
| MD5 | 84c82835a5d21bbcf75a61706d8ab549 |
| SHA1 | 5ff465afaabcbf0150d1a3ab2c2e74f3a4426467 |
| SHA256 | ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa |
| SHA512 | 90723a50c20ba3643d625595fd6be8dcf88d70ff7f4b4719a88f055d5b3149a4231018ea30d375171507a147e59f73478c0c27948590794554d031e7d54b7244 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | e48aa395acd2cc0a3b8e9ee042df101a |
| SHA1 | f27f69780466401af1c2cf2a928ed2a778a9c506 |
| SHA256 | 53f3807b76fe21d693e64e804be2d6b7d6c2b9ea54c6fa74535fd0eea007252e |
| SHA512 | 8d776d2203c617f775c586683dd8ec6962f874991154a1c9b4aad955aa6f99db9145e9419ea21f928f59f65d062b6c2767f21f5e8bfeb70c1d20112fd3e8f3ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog~RFe585ea5.TMP
| MD5 | 459ab6e61abb1b8d1794facfb685a08f |
| SHA1 | 8ece09401deed2929312303466446eedd44e1af5 |
| SHA256 | a4f0392ecb70d7516f027014607d6a6be916346d16ad76b7ff4d677404524af7 |
| SHA512 | ff5c9c52569c2d2b8ba92694a1604ea141df3b2dd0e4724117e68b12e5e30df87006604752846d745f09f05fe93eaa1ed3ccebc37274387730bf1ba7359f1bb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig
| MD5 | 3bca8411b45106afaa963d562c371631 |
| SHA1 | 78857d33a65e7061ca18a3540c304f01e7e85325 |
| SHA256 | 4503345ee70aa9ca0f90012b665743d7c13ec7052e7a943222287973b752b9c7 |
| SHA512 | a6a7e9af6613a30730a0b87be76f87144a3483afb756445d462de7b22543027e5e8f5822e0337ba2d7b65e413e526da962783d05d226c0d13d113d57d28b56ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig~RFe586099.TMP
| MD5 | 22ed3cc04fcc2e66b81335c4395971fd |
| SHA1 | 12ef48d70ec6f360644d2573dde99756f6ac05fb |
| SHA256 | 27bffcff6642dfcb87ac33eea61059552bc35ccd3c0d9f4da550398351836df9 |
| SHA512 | 9219928d246a8aa761ee289b0baacc7214b028976b1b890c7f1df38ecac61cb3a90e8af1b3861929155d07af304d58ae8f7304466769669a7cd40c55ae61cf40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | ae4e4862e9ade9abcdb81c55c093e5a2 |
| SHA1 | 59112e9ee744258e4289412d02d738348f714cd6 |
| SHA256 | 2a88435e1f886dca0998330906c50e46eabbd1a20146d721c085bacce8a13b6d |
| SHA512 | efc8304be62c06ccbcf8511a8b9e627e455408a625cfc4bfa2fbc2bd22345090f833d81e6232366a613b753d0313775ff3daae1a9844664cea6d1541dfd23973 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cd267ebf766dca408012a5bf6b674090 |
| SHA1 | 35b0ecccd97063851e7ebdaa3b99474c40546ead |
| SHA256 | 8ab58e34a4b5eaaecf33490d4605e372a9f6488108e5a9abb5d6e6109ecaa12d |
| SHA512 | 480f7b9a28b772431ad95272aff93c8c116f2138be200c1a1b040cbe978690064767eabce54db72a1b9207faab79658f7a1ddd53d7f189aaf5a967f43c0da311 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bdb7961411cca0201faa120ddb333e4f |
| SHA1 | a2dfd90b9be2fdc4757d560fc6083ad8bba47dff |
| SHA256 | 4bb847825f56986aeeb5de7963460bbe988cd8538328bd91a53dfbaff136051b |
| SHA512 | 0d410ab870626942143917367c2e37df8525875bed1e693810bb223de5814c222b8955f00f8985200207cf7daf1a28949f50bb4cd2b0566495e69d993ff6dcf0 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_525483962\manifest.json
| MD5 | af3a9104ca46f35bb5f6123d89c25966 |
| SHA1 | 1ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8 |
| SHA256 | 81bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea |
| SHA512 | 6a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 769690f2ff44eeb44bb33f9f54b5eef5 |
| SHA1 | bbe65c45c1639cae565bdc2463ce41b95016696e |
| SHA256 | fcd208fce8f3f92e7ade9907911e026ee789d90c46e2646f6a9ede7477a897fa |
| SHA512 | abb93cd48af34e408b620a4c6039f8dcb5debd612151a918d1b61cfdb07789c5f7f03ed17d61e80613c5f7ed2ec350e5a2b03eda3888ebb740e4ad69d20c2865 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 365f4f4cee81c906ccb3e1a2724a40d7 |
| SHA1 | 2c2e7a6bea77129ae2a938625a0f083d3847d1c3 |
| SHA256 | 0706c1f79dee28bf58eaa3a4f338379ced3e87971f07e53982d3b15a9f11abff |
| SHA512 | a4dda3825c79846aee53ce65405ec99fd182b37f6317060bd4ba653e20ab42c06672f19e5bc7741a377f083b7883459653ddfefdeec723be971c8c9bff9a850c |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1296796242\manifest.json
| MD5 | 049c307f30407da557545d34db8ced16 |
| SHA1 | f10b86ebfe8d30d0dc36210939ca7fa7a819d494 |
| SHA256 | c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54 |
| SHA512 | 14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json
| MD5 | f9fd82b572ef4ce41a3d1075acc52d22 |
| SHA1 | fdded5eef95391be440cc15f84ded0480c0141e3 |
| SHA256 | 5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6 |
| SHA512 | 17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1597280079\manifest.json
| MD5 | a24a1941bbb8d90784f5ef76712002f5 |
| SHA1 | 5c2b6323c7ed8913b5d0d65a4d21062c96df24eb |
| SHA256 | 2a7fe18a087d8e8be847d9569420b6e8907917ff6ca0fa42be15d4e3653c8747 |
| SHA512 | fd7dfec3d46b2af0bddb5aaeae79467507e0c29bab814007a39ea61231e76123659f18a453ed3feb25f16652a0c63c33545e2a0d419fafea89f563fca6a07ce2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Data Protection Lists\2.0.0.0\office_endpoints_list.json
| MD5 | 94406cdd51b55c0f006cfea05745effb |
| SHA1 | a15dc50ca0fd54d6f54fbc6e0788f6dcfc876cc9 |
| SHA256 | 8480f3d58faa017896ba8239f3395e3551325d7a6466497a9a69bf182647b25e |
| SHA512 | d4e621f57454fea7049cffc9cc3adfb0d8016360912e6a580f6fe16677e7dd7aa2ee0671cb3c5092a9435708a817f497c3b2cc7aba237d32dbdaae82f10591c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0b23c4e780b9935b2826bb1ef2b97c44 |
| SHA1 | ad862fb947a72511d04f0ef4eeb8e66581232535 |
| SHA256 | 99d0ef2adaa1e98b2d8b3e5bf1c8e238bd222ca9521d4c5ab3e8862864ef78e1 |
| SHA512 | 6a2597bee855b4ca9f9e25fa97a44543b9004cb689422d6174d7a4bb3cdbfa09ea8a07338fe3080f76dc0d37056759183d9772a4793d0f736c9c0dc0964b7be0 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_174571227\manifest.json
| MD5 | c3419069a1c30140b77045aba38f12cf |
| SHA1 | 11920f0c1e55cadc7d2893d1eebb268b3459762a |
| SHA256 | db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f |
| SHA512 | c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | d92d8d1080ceeb9977b4073bb41caad3 |
| SHA1 | 2567bffaaba9357fe382b36cf3b9387bd244fcf1 |
| SHA256 | 8e03d80f70c36341cf22f94707f6d0fd13ee29a93c56519aecf72022352e6ef8 |
| SHA512 | c7aceba7d8f567a31d8b319e7bd53690dbeca86068273c33cd7c9215268f483aa1b1439f9a92bf9ca94805cc47075a70829fa84383947a4638a957fdb0d481b3 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_92637651\LICENSE
| MD5 | ee002cb9e51bb8dfa89640a406a1090a |
| SHA1 | 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2 |
| SHA256 | 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b |
| SHA512 | d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_92637651\manifest.json
| MD5 | 1e4863a0e65ebd37d7380eb076faaa98 |
| SHA1 | 188a4b0fa0325ec6e443ee404d7c20c6359c1369 |
| SHA256 | 59a0dcc38387be711ddbabf66e60bbf6bdcff991742228850eac5506350c09f1 |
| SHA512 | 25cb519ac13b29029cf5750f4c425e1903afe5b17f2ef2bebb585161b5d5722279efc6ef22663401b3df7bb11452e89226a9f3d8a84bac374eef7099a967fd3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2025.5.12.1\keys.json
| MD5 | 64fed585299e7c59db8b9788c52eb70d |
| SHA1 | 07f2f8e66d430f622be5213727ddf0a1ce11b970 |
| SHA256 | cf5893af6b95eb65ecc00946f63dd0e6c388d0542b90d5301bc87fd4de0f840b |
| SHA512 | 1369354b47d2fb6e3e8f88f156903045e96329ebe6f87f1983efee8d335bf44fbccaac391f6416cb73b4af0f66d9474953e69887cbc030b2dd7771c32701f8da |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1495693770\manifest.json
| MD5 | 4055ba4ebd5546fb6306d6a3151a236a |
| SHA1 | 609a989f14f8ee9ed9bffbd6ddba3214fd0d0109 |
| SHA256 | cb929ae2d466e597ecc4f588ba22faf68f7cfc204b3986819c85ac608d6f82b5 |
| SHA512 | 58d39f7ae0dafd067c6dba34c686506c1718112ad5af8a255eb9a7d6ec0edca318b557565f5914c5140eb9d1b6e2ffbb08c9d596f43e7a79fdb4ef95457bf29a |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1504483997\manifest.json
| MD5 | 778202dc964e7fb0ab5bed004f33fb14 |
| SHA1 | 932ed013275e2c1172575885246c937c7cca87af |
| SHA256 | 4474f08d1718da148ddb55aeb998886c053f6539c2fee3b3b1796f3855792ff9 |
| SHA512 | 9105af9928af4bcceb2cdc2161137ef6b07f4b97d663bbf27086f80dd266e967a5524aa5aec3f457493a0c4b98aa092aac6bd5062e72cbd4d939402c92093948 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 20284f361869c099fe856091e496e3eb |
| SHA1 | c99b9ce43f794d48c2dffafb13adc34145ededa4 |
| SHA256 | c8fcaca47f9e059265d6fcaede05ca28333ff9d23ee7166aeb0f128797f869de |
| SHA512 | a23cf0484e752b59e57620cf98eb95b7227e2298fd71caa389948b125c808caac2415a7e3d2ab2781e98be0fd855136e7f4dfab758e55910454fec235b06f7de |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1501504616\manifest.json
| MD5 | e6cd92ad3b3ab9cb3d325f3c4b7559aa |
| SHA1 | 0704d57b52cf55674524a5278ed4f7ba1e19ca0c |
| SHA256 | 63dfb8d99ce83b3ca282eb697dc76b17b4a48e4065fc7efafb77724739074a9d |
| SHA512 | 172d5dc107757bb591b9a8ed7f2b48f22b5184d6537572d375801113e294febfbe39077c408e3a04c44e6072427cbe443c6614d205a5a4aa290101722e18f5e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\CertificateRevocation\6498.2024.12.2\crl-set
| MD5 | 846feb52bd6829102a780ec0da74ab04 |
| SHA1 | dd98409b49f0cd1f9d0028962d7276860579fb54 |
| SHA256 | 124b7eeba31f0e3d9b842a62f3441204beb13fade81da38b854aecba0e03a5b4 |
| SHA512 | c8759e675506ccc6aa9807798252c7e7c48a0ab31674609738617dc105cee38bce69d4d41d6b95e16731466880b386d35483cbeea6275773f7041ba6e305fae9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old
| MD5 | ba4d7a4ada361bb1533021c2a9989cc8 |
| SHA1 | acd98d4e1cc8b7584d3de1340db24f7ad6e7931c |
| SHA256 | 53d809d24e43b1b97795a101477317ed5f4f811219e564fa907c6b4e677c6b6b |
| SHA512 | ab5b2bfcc957609d0c65e41bfa7389c9ea03b380125597906369fdaa425fbe36d3da04de0a7bbccff78e59122f7bbe62baefbcdb3dae73d461b0938b1a2ac177 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
| MD5 | 2122468364ed197a55bcfae83d8cc540 |
| SHA1 | 61661bc860e0da422bf4c2bd5d059ef9224ed88b |
| SHA256 | 5cf9cc0abff33ba3a12ba7c88deefd01c20018f0f816bc4dd19a28dc93f2af42 |
| SHA512 | 7f3453076e487c94d86b9eb26eceacf0c40eef4e7b76ae694cb05afe5378014896880f37d467a7d7a63d7c138315ca5aad41df215cd5c7a8b962cb121c5b5d18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\863b841d-5c10-44d3-99ed-2b9af6f19ec0\index-dir\the-real-index~RFe5c10b1.TMP
| MD5 | 1b978dd220b78c04f8004a0971d45f8a |
| SHA1 | a093a4988079a5116180e6a055e16eecca742b4d |
| SHA256 | 805d01a9e32072b32d6f84d6e3477f33d1f10d652e627ae2ba7caa4758a9d36b |
| SHA512 | 844367f341cc02df333df585a95df58ba4abd625fad805a03aad7cc546c81f403d55d7a5d5b8a86a42c1be733f5bcc115e86a7c9354bd2f18befe92044856676 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\863b841d-5c10-44d3-99ed-2b9af6f19ec0\index-dir\the-real-index
| MD5 | 9b1f73793012d386bde650359b7083a4 |
| SHA1 | 9229cdc33dd542b2a09999d3cf0981a9b40e04d7 |
| SHA256 | 0ea172623adfb4327e132df78f17f8b4e5e1fe683d819ff8a776a8e1fbbfc0c9 |
| SHA512 | 110a40e020c89bf81663347d7ea91dba0c97704021084208eb1792d934e78213f0b5443542ef802ad786c4ea3c2afe4b3bb1fa8e081fcc1d14065dd2fdc089aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9da75efee76668841240f8f721407431 |
| SHA1 | 2ceff02ff5c27757b220cff81ccb2374a5a0ada0 |
| SHA256 | afed120fcefa58a6bbc1eadb789a037147a6498c89b6bcd06394f1922b7e8d9e |
| SHA512 | 60774feb152a16f931c0225327881a571ff601b099c6b920466e0244bb33e70edbbb6ac550e5422d20199d0d0e09e5e2f05cd8f5d42b8821b7b249eb9b203e37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | c72673ea38c452b02882dec80ce24d71 |
| SHA1 | 80492cbf6552c70cc9b3d69aa14f858ec5c7b229 |
| SHA256 | ee74fd6a4c10ea6a3829ec5fbed1774d6ab290e73139be65569c94b6c2c24d99 |
| SHA512 | 96f12a40de33deb1c12ecb7a347cd173cbf22c168fd3b628f2bf9e106ce334cf5bdee18db2451d7ce6d5acdca5c19245f898146e18a633e1c58a8403f3ac6082 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_893995099\manifest.json
| MD5 | 15b69964f6f79654cbf54953aad0513f |
| SHA1 | 013fb9737790b034195cdeddaa620049484c53a7 |
| SHA256 | 1bdda4a8fc3e2b965fbb52c9b23a9a34871bc345abfb332a87ea878f4472efbd |
| SHA512 | 7eeee58e06bba59b1ef874436035202416079617b7953593abf6d9af42a55088ab37f45fdee394166344f0186c0cb7092f55ed201c213737bb5d5318e9f47908 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 15f73e91478c3fcba55715395c5931e4 |
| SHA1 | 4dd10de3f1d84dffe08b8806c430c43be6b0353f |
| SHA256 | 9287bdc27cd9304c716fc30e1540423e2efb756d1380b0f7999891bb7061ea87 |
| SHA512 | 5ca08c9620cd3a406f7ba01c379aeab592691ebfe6524dd28fa2019db3bc77316b2361d0e2aef64e600f34b62fe47c58607915561bcae06258d5b0c75276e951 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_244625827\manifest.json
| MD5 | 4e81f856241f98ee1d9f66c50d82be04 |
| SHA1 | 35baa5754a213e3238d8827cf1bea868f9e8187c |
| SHA256 | 3cd3e4d5f61b46b8ce46662b10c6ba8fe34ac8e103e15f672fa7fb222b8416aa |
| SHA512 | 70643b61d2c7769af52a34c2d87f6230cb61985decb865ecf376855b3f1888fdf3aa477573f647e2e09c09ebf036a711b5a57f333f0285d05eae5972c7d31afe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.16\autofill_bypass_cache_forms.json
| MD5 | 8060c129d08468ed3f3f3d09f13540ce |
| SHA1 | f979419a76d5abfc89007d91f35412420aeae611 |
| SHA256 | b32bfdb89e35959aaf3e61ae58d0be1da94a12b6667e281c9567295efdd92f92 |
| SHA512 | 99d0d9c816a680d7c0a28845aab7e8f33084688b1f3be4845f9cca596384b7a0811b9586c86ba9152de54cafcdea5871a6febbee1d5b3df6c778cdcb66f42cfa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.16\v1FieldTypes.json
| MD5 | c1a0d30e5eebef19db1b7e68fc79d2be |
| SHA1 | de4ccb9e7ea5850363d0e7124c01da766425039c |
| SHA256 | f3232a4e83ffc6ee2447aba5a49b8fd7ba13bcfd82fa09ae744c44996f7fcdd1 |
| SHA512 | f0eafae0260783ea3e85fe34cc0f145db7f402949a2ae809d37578e49baf767ad408bf2e79e2275d04891cd1977e8a018d6eeb5b95e839083f3722a960ccb57a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.16\edge_autofill_global_block_list.json
| MD5 | 83fa257627cb07f25d59201b73b39c90 |
| SHA1 | 4f0997b451e4c4a3b4d6b6641eb9ae27ef2b2e3d |
| SHA256 | dfe5c91426765e7cbd52598f2de41e5196cde1242dd941a824419ec94224a135 |
| SHA512 | bc7258fb88aa77a36f2145402b3fefbabf3e21473294f1227b0cd7f3a75ee9f1e77bd30e3d5df740340a7f66d25d5637c6299d3cd3c50181bf5beac4f6fb33e8 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1608048824\manifest.json
| MD5 | a30b19bb414d78fff00fc7855d6ed5fd |
| SHA1 | 2a6408f2829e964c578751bf29ec4f702412c11e |
| SHA256 | 9811cd3e1fbf80feb6a52ad2141fc1096165a100c2d5846dd48f9ed612c6fc9f |
| SHA512 | 66b6db60e9e6f3059d1a47db14f05d35587aa2019bc06e6cf352dfbb237d9dfe6dce7cb21c9127320a7fdca5b9d3eb21e799abe6a926ae51b5f62cf646c30490 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3057\safety_tips.pb
| MD5 | bd6846ffa7f4cf897b5323e4a5dcd551 |
| SHA1 | a6596cdc8de199492791faa39ce6096cf39295cd |
| SHA256 | 854b7eb22303ec3c920966732bc29f58140a82e1101dffe2702252af0f185666 |
| SHA512 | aa19b278f7211ffaf16b14b59d509ce6b80708e2bb5af87d98848747de4cba13b6626135dd3ec7aabd51b4c2cfb46ed96800a520d2dae8af8105054b6cd40e0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3057\typosquatting_list.pb
| MD5 | 17c10dbe88d84b9309e6d151923ce116 |
| SHA1 | 9ad2553c061ddcc07e6f66ce4f9e30290c056bdf |
| SHA256 | 3ad368c74c9bb5da4d4750866f16d361b0675a6b6dc4e06e2edd72488663450e |
| SHA512 | ad8ed3797941c9cad21ae2af03b77ce06a23931d9c059fe880935e2b07c08f85fc628e39873fb352c07714b4e44328799b264f4adb3513975add4e6b67e4a63c |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_96295886\manifest.json
| MD5 | 22b68a088a69906d96dc6d47246880d2 |
| SHA1 | 06491f3fd9c4903ac64980f8d655b79082545f82 |
| SHA256 | 94be212fe6bcf42d4b13fabd22da97d6a7ef8fdf28739989aba90a7cf181ac88 |
| SHA512 | 8c755fdc617fa3a196e048e222a2562622f43362b8ef60c047e540e997153a446a448e55e062b14ed4d0adce7230df643a1bd0b06a702dc1e6f78e2553aadfff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.3.10\data.txt
| MD5 | 60beb7140ed66301648ef420cbaad02d |
| SHA1 | 7fac669b6758bb7b8e96e92a53569cf4360ab1aa |
| SHA256 | 95276c09f44b28100c0a21c161766eda784a983f019fc471290b1381e7ed9985 |
| SHA512 | 6dfa4eca42aea86fba18bc4a3ab0eed87948ea1831e33d43426b3aca1816070ecb7fd024856ad571ca2734214a98cc55e413502b3deef2c4a101228a7377e9d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old
| MD5 | aa8df1982a128fe26e08566e12c6f8ad |
| SHA1 | b395683723bdbcd3b8124bac1cfe6467bb79bb94 |
| SHA256 | e5b037f0d87fb50f85a2005c63b8cc5cc064938ad5b8ebb32e4c0518949c590e |
| SHA512 | 7cb934153cbcdc3063e525a12f0af8c2b7c88a120a52551d4168842b850debed202cd256fa3bc629e9125416e97018b6790c2afcaee502aeb84f2f6d428848af |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_2109732011\manifest.json
| MD5 | a64e2a4236e705215a3fd5cb2697a71f |
| SHA1 | 1c73e6aad8f44ade36df31a23eaaf8cd0cae826d |
| SHA256 | 014e9fc1219beefc428ec749633125c9bff7febc3be73a14a8f18a6691cd2846 |
| SHA512 | 75b30c0c8cef490aaf923afbdb5385d4770de82e698f71f8f126a6af5ef16f3a90d0c27687f405274177b1a5250436efddd228a6d2949651f43bd926e8a1cc99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\22.0.0.0\kp_pinslist.pb
| MD5 | 0779206f78d8b0d540445a10cb51670c |
| SHA1 | 67f0f916be73bf5cffd3f4c4aa8d122c7d73ad54 |
| SHA256 | bf0945921058b9e67db61e6a559531af2f9b78d5fbedb0b411384225bdd366ec |
| SHA512 | 4140b2debe9c0b04e1e59be1387dca0e8e2f3cbc1f67830cbc723864acc2276cde9529295dcb4138fa0e2e116416658753fe46901dfa572bdfe6c7fb67bd8478 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\22.0.0.0\crs.pb
| MD5 | 2b59269e7efdd95ba14eeb780dfb98c2 |
| SHA1 | b3f84cbc37a79eeecb8f1f39b615577d78600096 |
| SHA256 | ff2ced650772249abb57f6f19c5d0322d6df22c85c7cf2be193b6134e1b95172 |
| SHA512 | e4b454db2248021e0d198805ea54f1c0cfd84b9716a9348b1d0e0acb7c6fb5dd0839e532a5eb6d4410ab759d6688dd6cce8375ad55a150d738d280993142e9d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\22.0.0.0\ct_config.pb
| MD5 | 811b65320a82ebd6686fabf4bb1cb81a |
| SHA1 | c660d448114043babec5d1c9c2584df6fab7f69b |
| SHA256 | 52687dd0c06f86a2298a4442ab8afa9b608271ec01a67217d7b58dab7e507bdf |
| SHA512 | 33350cce447508269b7714d9e551560553e020d6acf37a6a6021dc497d4008ce9e532dd615ad68872d75da22ac2039ef0b4fa70c23ec4b58043c468d5d75fd81 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1796636239\manifest.json
| MD5 | 811f0436837c701dc1cea3d6292b3922 |
| SHA1 | 4e51a3e9f5cbf8c9c96985dabe8ffc2de28dae87 |
| SHA256 | dbfb38a16e33a39c35ac50bd81782e4608be14954f1df69ac8272c0b9ce87a5d |
| SHA512 | 21e7bf2f8333b2900bcbcb871ede14684073249597d105095dc7d3f101e7ccc326068732f11d4a167365f245a3f2205793f520c7666d7f948e70919b40b43d35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Well Known Domains\1.2.0.0\well_known_domains.dll
| MD5 | f5f5b37fd514776f455864502c852773 |
| SHA1 | 8d5ed434173fd77feb33cb6cb0fad5e2388d97c6 |
| SHA256 | 2778063e5ded354d852004e80492edb3a0f731b838bb27ba3a233bc937592f6e |
| SHA512 | b0931f1cae171190e6ec8880f4d560cc7b3d5bffe1db11525bd133eaf51e2e0b3c920ea194d6c7577f95e7b4b4380f7845c82eb2898ad1f5c35d4550f93a14b6 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_1547434563\manifest.json
| MD5 | b721bdf2924d658186ac8868dbd2c008 |
| SHA1 | 914aacc65bb7933bd73aa06f8bd2ca0b04de3858 |
| SHA256 | dc6a19395ad3a24ee3805f6e90c6b16fdc141a51ac7fbb99fb784e423f8962f3 |
| SHA512 | 4c1c16f714a2e2436697bc801f7e2f684010c833e3d5fe6ed68d6f3e630afa495412ea5a1b46f4bbbb1102feede84e72f32686910492510cbce71888a85b5fda |
C:\Program Files\chrome_Unpacker_BeginUnzipping4556_906444570\manifest.json
| MD5 | ba25fcf816a017558d3434583e9746b8 |
| SHA1 | be05c87f7adf6b21273a4e94b3592618b6a4a624 |
| SHA256 | 0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11 |
| SHA512 | 3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f |