Analysis Overview
Threat Level: Known bad
The file https://github.com/NebulaExplorer1/Discord-Token-Joiner was found to be: Known bad.
Malicious Activity Summary
Mercurialgrabber family
Mercurial Grabber Stealer
Looks for VirtualBox Guest Additions in registry
Looks for VMWare Tools registry key
Checks BIOS information in registry
Legitimate hosting services abused for malware hosting/C2
Maps connected drives based on registry
Looks up external IP address via web service
Drops file in Windows directory
Browser Information Discovery
Enumerates system info in registry
Modifies registry class
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Checks SCSI registry key(s)
NTFS ADS
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-05-18 11:01
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-05-18 11:01
Reported
2025-05-18 11:03
Platform
win11-20250502-en
Max time kernel
62s
Max time network
64s
Command Line
Signatures
Mercurial Grabber Stealer
Mercurialgrabber family
Looks for VirtualBox Guest Additions in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Oracle\VirtualBox Guest Additions | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Oracle\VirtualBox Guest Additions | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
Looks for VMWare Tools registry key
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\VMWare, Inc.\VMWare Tools | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\VMWare, Inc.\VMWare Tools | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ip4.seeip.org | N/A | N/A |
Maps connected drives based on registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_VMware_&Prod_VMware_Virtual_S | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_VMware_&Prod_VMware_Virtual_S | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Logical Unit Id 0 | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosInformation | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemManufacturer | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemProductName | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosInformation | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemProductName | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Logical Unit Id 0 | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemManufacturer | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133920397287676006" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-330179853-1108322181-418488014-1000\{67F7C5AE-8AB7-480E-9128-5CA663ADD948} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Discord-Token-Joiner-main.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/NebulaExplorer1/Discord-Token-Joiner
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2e0,0x348,0x7ff8630ff208,0x7ff8630ff214,0x7ff8630ff220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1864,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=2268 /prefetch:11
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2240,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=2236 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1984,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=2380 /prefetch:13
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3440,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=3508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3456,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=3528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4672,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=5228 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5208,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=5236 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5840,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=5788 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5920,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=5928 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.exe
cookie_exporter.exe --cookie-json=1140
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6008,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=5156 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6008,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=5156 /prefetch:14
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --always-read-main-dll --field-trial-handle=6164,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=4844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6208,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=6256 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6500,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=6448 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --always-read-main-dll --field-trial-handle=6736,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=6760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6896,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=3636 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=6508,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=6932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --always-read-main-dll --field-trial-handle=7320,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=7328 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7488,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=7188 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7140,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=7284 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7192,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=6364 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=6184,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=5284 /prefetch:1
C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe
"C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6596,i,17752106249875763809,15042969796643046622,262144 --variations-seed-version --mojo-platform-channel-handle=5316 /prefetch:14
C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe
"C:\Users\Admin\Downloads\Discord-Token-Joiner-main\Discord-Token-Joiner-main\Preview.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 150.171.27.11:80 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 2.18.27.68:443 | copilot.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 2.18.27.68:443 | copilot.microsoft.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 204.79.197.203:443 | ntp.msn.com | tcp |
| US | 204.79.197.203:443 | ntp.msn.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 2.18.190.103:443 | assets.msn.com | tcp |
| GB | 2.18.190.103:443 | assets.msn.com | tcp |
| GB | 2.18.190.103:443 | assets.msn.com | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| GB | 2.18.190.103:443 | assets.msn.com | udp |
| US | 150.171.27.10:443 | c.bing.com | tcp |
| IE | 13.74.129.1:443 | c.msn.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| DE | 18.244.18.27:443 | sb.scorecardresearch.com | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| GB | 51.104.15.252:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 51.104.15.252:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 204.79.197.203:443 | srtb.msn.com | tcp |
| US | 204.79.197.203:443 | srtb.msn.com | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| GB | 2.18.27.82:443 | r.bing.com | tcp |
| GB | 2.18.27.82:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | uncoverit.org | udp |
| US | 8.8.8.8:53 | uncoverit.org | udp |
| US | 8.8.8.8:53 | uncoverit.org | udp |
| US | 8.8.8.8:53 | uncoverit.org | udp |
| US | 104.21.55.153:443 | uncoverit.org | udp |
| US | 8.8.8.8:53 | www.uncoverit.org | udp |
| US | 8.8.8.8:53 | www.uncoverit.org | udp |
| US | 104.21.55.153:443 | www.uncoverit.org | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| BE | 64.233.166.157:443 | stats.g.doubleclick.net | tcp |
| BE | 64.233.166.157:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| BE | 64.233.166.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | api.uncoverit.org | udp |
| US | 8.8.8.8:53 | api.uncoverit.org | udp |
| US | 172.67.149.47:443 | api.uncoverit.org | udp |
| BE | 64.233.166.157:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.138.232:443 | discord.com | udp |
| US | 23.128.64.141:443 | ip4.seeip.org | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 23.128.64.141:443 | ip4.seeip.org | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 13447756d7707118cd3e40454b039e36 |
| SHA1 | a82f9ab994ad0297eeb840bc993e3a051c0a445a |
| SHA256 | f9961e441ddd30712be94dde057c3d0f7857a04fc7c36a6ca677823f087eb34f |
| SHA512 | 6147e78eb865f0a56dc21c18040110af21a18d8caf22eb211bcc5afe476b443d538eb27d91c788f0b24bf9cf438795a47a1a817cda3ceff61f274f653772d30a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | abed9e3e2618edc08b0b4a9bf347482b |
| SHA1 | 4b8e21f266a1b3861e89185599ab6b265e0c308b |
| SHA256 | c1db9209bc374a2f86cd95b7346b358838349df213bbf2e5a06533baaa399d8b |
| SHA512 | 11ac46f03cb60b91cc665ca07d95cef83b62e58ef3e2c0e57aad330a2f44ddffcc94b6bc031f690502171ae756869ec4b1c8cfd689529ed13915f42ea2cc1bc5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
| MD5 | b4d66b46e37f7b05bdd9655ef874773f |
| SHA1 | 3b650d494957ac668f942519f9c8898091458708 |
| SHA256 | e1673dd677343d194d245ff14943441fed9b13bd3836b134fa99bc8ab2aeb985 |
| SHA512 | d2567cd3561e979bfcb7e7e26a7219eed7d438522710c9e937926b6073691d98d8b9d4e51ba692e8ea20fb349dc599d21916bc58b0e01780391d7aff1d8bc8a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
| MD5 | 06d55006c2dec078a94558b85ae01aef |
| SHA1 | 6a9b33e794b38153f67d433b30ac2a7cf66761e6 |
| SHA256 | 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd |
| SHA512 | ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ee8be804b9f3b98e43598e5d0b0fd5aa |
| SHA1 | bbe74ea2e3a1905484d2ff0d46a27bcf60589169 |
| SHA256 | 6a44e4432af4d9dc996776cdcb5b0d12cbee78fbba7e72fea9f3af3386519a36 |
| SHA512 | 68ddf3030a8d6196eab993c2da6d8b1f16d17bb5a087ba53d8cf3c476bb5a61afecfc2b28c87c850b54cb0d14369ef734e60ffbc33dc983e0ab29d733ee0e191 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 90c96561588a20be2f7d06d64e1b7be5 |
| SHA1 | 717bb4e6e5b3b067da5bc146d7ac9415459522e3 |
| SHA256 | fa0798047a8926dfd63455805e97b67e5d6c9bd00106a98a52b6089628270ad5 |
| SHA512 | e3d054b3c6cea82e18f2da9b0f8423a5bc122c723b9bf4313b3a6ec7dea6a69a76b234b8e75d36fd0eca13244c331c9a937aadcced3c963a391d90ec589cfdcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | f0fd4fa2dc178d4b11b5cd3f74999982 |
| SHA1 | 8350835bc2928d8a1b2d21823ed303f49b7cb9be |
| SHA256 | 49eb2a91aa2456b600a596f5806ebd75c3d2edbdf042a3f5637c010e5e9386d0 |
| SHA512 | 3dd4e21a82f6b1d0f3dc6c237a5930c7a62f1c0d4ffde9f93c04df48c55e4a54cdbc15f1d10be16497e2c084c334bdc677fb236af972853316a4ebf50b3f4173 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ec7d80fcfd0fa5b695a79d168efebf16 |
| SHA1 | b0f88a72905cf683ae4ce7e24dde8c7d955e2ad5 |
| SHA256 | 7667694ef1c6872d7b5b7f21d440d049bc13ade5964db98f1330c92f34a969e4 |
| SHA512 | 85dbb4ba730da3a30f56aa0af14661aad35eac19af4defc0e2c04060e48ef813abcfb24c78826c0274698b5402d36a4dc19b6ba43693a49f78ba5e6cff256a2b |
C:\Users\Admin\Downloads\Discord-Token-Joiner-main.zip.crdownload
| MD5 | 47dc005b37cef0c8bc773f16243b9416 |
| SHA1 | 5c0c791e37d57d78cdad67cf85e34d6396eace50 |
| SHA256 | fe3a812d32a1611690f53dbb642e720b314ff8793dc026a092b34c7e8eb58098 |
| SHA512 | ba92852c7a2b5791eb1718d161b84dde864bc63e6b8da8cb49c67842dc84f5f37fa1e64459160e0000cc050733fc80aa29f120dbd678b5aed89ee449d2e28729 |
C:\Users\Admin\Downloads\Discord-Token-Joiner-main.zip:Zone.Identifier
| MD5 | 1eecb73f8da5d905bde995dedddc6360 |
| SHA1 | b50d07ca7f0062da503f15061543df5efa13de0e |
| SHA256 | 2d150d5140f00057476e98c6e2470580f538d97a493fe6556fa00f483da33dab |
| SHA512 | d3739fd52b64e0e54127ac4501043678779bfdce8bcf5b1e2380b031225ef52db05cbe275e20c04691dbe329070a76335c523961d0a11f3943a5068e6c6e852c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | b433eeb2d746272cd117d76362f98111 |
| SHA1 | b719791d8bdfd4674979c78b31800f435d8408a5 |
| SHA256 | de63dc1479d16e70d3a97847c18be3e5bab7c50fd17070c620d556ce94c493ab |
| SHA512 | d1f9e666af7a3401485a7ef96d537ed1353a46f6535d569de08a678dd8a6dc126d49851409152a8c7b4f430f9f6fedc2d659f34fceb6950019373e97bccce0c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 545edb1abe5f4d13a47a2ab2eb2f9ee6 |
| SHA1 | 24d857c70ac53ca440f3941a119ea10c7d9fa7f0 |
| SHA256 | 25b904d07cf379b7f89f2b687fb1dac231bc7c3c660f0e2b4fc2f0bbba7d70fb |
| SHA512 | 5b1a1e28894cdbdcefa43677ed7e21111f0eb4da4d684aa6fc05cd48dad32964d10d1929d48ae9215993466242b49566f9bda1e5e8e9fc1ab982174871e90d38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 99a77ca523d741640fc587737f60f700 |
| SHA1 | bea373d339f1e40482460ed0e969153943d97826 |
| SHA256 | 7e0d1248056d639332bfd37097bfb9d34d6cbdf4266cfbc0d6244bede533e0df |
| SHA512 | 7c2e701bacb6f1f9d49ffa02d50b6af5175b998848d340939c23d0da6789fe5f83ef081bb557bb5b3fe64d2fa4751231cf07dcd2c151e329461d995dc1b657ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 3321f9d4c290462d69304b72b57b9a8c |
| SHA1 | aac457cf5ce9dd5a4014ac36c3a87cb43c7418be |
| SHA256 | 0bbdeab5e430142bc987488390c846cc6dd4fe67009a863554b95aaf446761b0 |
| SHA512 | 1269bffc1929ab3d1cacec90c8b678e532d2f9a1a68ac024386d07679d364b50f0a7b9e2c9e98e5d1023c2dc330ac8f0cf5c1fce01969e446ab840e813e41bc8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe57ef71.TMP
| MD5 | 08efc73d5aa9a9728e9f709e2992093e |
| SHA1 | 2ba99ae10364245d01b2d2808989cbfcb411a5eb |
| SHA256 | e3c7f8abb8a145c32cd675295afc4ed8d21930deb05e51c9c991e374205eb26f |
| SHA512 | 661f175763a7610b9d3c8687725e31899d15d4d8ec9a1150ba5205affc70e3de2ffc6c0abaa059b8a58c8ae79fd050ce5eccfd52f36799aa5761382a50951f00 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37432495-bf01-4d2e-8f20-5346491b28d5\index-dir\the-real-index
| MD5 | 447c7fa19922558d8e6559eb556840f9 |
| SHA1 | 9bd096c3f86a417776ba286e39d3112ab086203d |
| SHA256 | 774c8a4ce08b7e456e8fd0a2346b3e8d875e82f32df91098fc612a2bcc224db5 |
| SHA512 | 1854753669e76e4b1bc6cd5a81d1c2674de1390b431f429c55fc9fd6bd4e2e2ca94621c76b666e39b19c981e2af31cca2347f0eb8a22fb6b261f6e42f11a2997 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37432495-bf01-4d2e-8f20-5346491b28d5\index-dir\the-real-index~RFe581cab.TMP
| MD5 | ebc7a89228693a7b2abddd0c4cce74d0 |
| SHA1 | 8832fae92765b028cc4e09db74c3d3b3622de898 |
| SHA256 | 24138fda8a437bfb51f7a042e7c09190ffa2ecf17f7ca3a47347fe9f3339de55 |
| SHA512 | ebffb58dc78f7224f458cb4c1477cb09762a7428a73d840dfbfb4ae590514441bf6940de9d88b30a556dd6b2bc48b6303f479aa9fd5f33a6fb412592ddba58d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b69b8602-856b-4bf3-bf8a-d58b434d1f77\index-dir\the-real-index
| MD5 | 0cb92e1fa3774b377aa5df066063b5a1 |
| SHA1 | 3a1dce3a1a70167c2a7683dd23938f78865cd2c3 |
| SHA256 | 6f4b04721cf1f8ca1846494a085b15d4720201c9354f0acab80318f18b510612 |
| SHA512 | 88ae0fe07e1e29853961807350d9650867ecb315d3c922e9bde6658aa427be8d23585f0ad8335968a31c48f942e4e871fee28739da6b68314b67e64aec03685a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b69b8602-856b-4bf3-bf8a-d58b434d1f77\index-dir\the-real-index~RFe5820a2.TMP
| MD5 | 7243a30e898ce4a0603f019cd7db5ffe |
| SHA1 | 6383c493aed8ef63f156b8aaefb5e0e67a621665 |
| SHA256 | f8d86587d283b73f68ee28993768cbcc36a4a98694415a059be6055cf6f0b6c8 |
| SHA512 | 154e44ecb2bd255b18ebbc7df9d39c3a705531f1662e85b7af267c897b8f90d6a1aa725d1e6d9b47d660978ee802ccb6d3987ba43bb6d490e37279152ea81461 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe583285.TMP
| MD5 | f5fe2635bfa3259b75be3e10769ecce3 |
| SHA1 | 93863c0e45541a1f4142de86473b7de4e8d8c415 |
| SHA256 | 955f71b8adedb09706c02f36219584e69485e3757cb470b215cec88e9eabc7f2 |
| SHA512 | 53e633e3e7cd2c3e46b1f5e77cf00f15bbe68622370f2e2210294e4982621b496feb1e3038a2805b730fb55370a1cb49b891a50aaa860fb7cf53a16344c0ce86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 011f9d7c8d15b2f9c7d8ab7ac636ab86 |
| SHA1 | a7b815d6cd9b4f6cc6ff140c90319949f4db07a4 |
| SHA256 | 642efa92e602b66e2a37078f7eea35984b2c1e09a838c761e00803ba32a28aae |
| SHA512 | 035dbba074a94c3b86f5773dffb319d29ad6be5f9a122d07fad81016108ef28b972822e61690a815d75265bc82c43e8c9c11fa0aaacf54b3c0b7d79ab0cfd055 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 108a6796721069be385b8c377826c843 |
| SHA1 | 5357fc734338f62eb62ef48ee0a52c9da2fdecb9 |
| SHA256 | 7202c4ae8cfe63bcc000c6f424b172aa11d647a026f4bc42b4d2aa0e426ce27c |
| SHA512 | 19aa77b628f63119d0070e7af62ace583f60aec0e3277202fd69a3abb8edc1d733cd7f567821cf102c30317a7f48c83a6244543f1ea073c724ce4d4e169e4541 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58338e.TMP
| MD5 | bf25c13715750d2854f80611d02ff000 |
| SHA1 | a1040af254194d8838a5efce000bb1af47477f23 |
| SHA256 | 0b386c8e5f1de5bdc36f3b00e4ed4da87ee6623c7ced88257fad22e8071499e6 |
| SHA512 | f06e702d4960774ba836e8a9dad6ecc7d6bb6ea94ff7882a97fb75713cf731e2d61c7907ada08c5032ba9cbe03d9fb253f6cd1b52839f7dbf42fe25806033201 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\e819d3d5-3d8b-4ca1-9eb8-9b0a32b9b2c6\index-dir\the-real-index~RFe583822.TMP
| MD5 | 3b944bb2b58f2f4c3015b3b4a68d5d38 |
| SHA1 | 929f341968a09119d456b45c7371e724fb59a894 |
| SHA256 | 34dda2aa7fda6bcc7e65846cdd2403a090283ba892ecfc146e4a55da0cc6aea3 |
| SHA512 | e66cac91464aa3521f09698659c3e9f1c4f0993d02a04673aea7eb08e3b85a03af218d5b10b3f530865f35517c9f15dd6f25bdecaa069fde5ea13bede9c24acc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\e819d3d5-3d8b-4ca1-9eb8-9b0a32b9b2c6\index-dir\the-real-index
| MD5 | 48dcdbf7dd7175dedbccef215098b1d7 |
| SHA1 | 3567ec03cfff28193093407af06136243d671d45 |
| SHA256 | 46a96f1ddc49c95b98edf7566621761614cc41d42f3a6607399e0fb5f2d51256 |
| SHA512 | cc1f92eb5083a3915ba57cf432cd7ea6d631a3055632e9aeb38f89103e9b2b06863efb52d5c833276f18f7cada16892708c7aae80cccdbcec2919ea3ee5d4c01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 5477b69bb3137baea9aa0eb5e19722b9 |
| SHA1 | f1b44177da6a3a270be8dbcd72648aa65a661d5f |
| SHA256 | 524eac81bab35c71ad69273795d5736a2d037af34df1cdf66fe62491889bedb3 |
| SHA512 | 3835d6e5915fba8e0a50e19df402bde401b4585f629f426eb1c446b55cc3647616e2135c9166a7a0e1f35e5e30f7eefb4064f603e369a57ab30cfd0fdded3b2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008d
| MD5 | 2428c363ad3ee3460afa681a8a830b3f |
| SHA1 | 146b483b4ef4b471cb4cadd8988049f5920d8f09 |
| SHA256 | 214df30aec64c20ce7d6b1ad37902b1c1029ac41b63439de98140ccba78d3a09 |
| SHA512 | 5150521c5b1934c4e9086d687e2c016b1c7be7096f52f0d1e10b83ce0d0d6ec0a4d2a101382e63a9ec9db0b2d9557f35e3523ad15e2db28472ab1deee654f69e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\fc765862-da04-4aa9-8c8e-9923a6be0c94.tmp
| MD5 | 648b82c6efdf2fd7a769f38cac71facf |
| SHA1 | f183def5d810a4ceb90b645bc870e16611ec50cd |
| SHA256 | 54c29f0e1ed7c6700e9fd990f87d416ee5a51ca734218dd25a41c8ee5854c75b |
| SHA512 | 9c7a45171ce075ef6e979032b0fd3bf231355c09376d0386b7b84470f6afcecf8da142c6100635db0e1a7f7578f0779ac54c69b7e3ebbd370e44abb14a74cc1a |
memory/6104-1406-0x0000000000F00000-0x0000000000F10000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 3d7c92f2525a883671a5ce91c78895bc |
| SHA1 | e1d4d8bbb3b156b0021948862467c28594b8537a |
| SHA256 | 79b7ce7519f66758e6214942834bc48a34f907d77a1e7c0d97ca50de3cbec76d |
| SHA512 | 18b01d64350375cc5f67eab4ca758eac9d36284782b7fafd6590d9389d749c8349fd0cc987c0f4d11194fdb80c1d45734f9404049b2d2af4dd7bc009939e5964 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\f788ae43-40d6-47d3-a7f8-7c0253410008.tmp
| MD5 | ef453447fff54a7f1f5c6de7096f50d5 |
| SHA1 | 2c8ab99bd2eae835ebde618921602ac0545cf53d |
| SHA256 | 46f5a7bba652de1b52b2acb879a3480ed422138db615d76d37fbf9d587c27988 |
| SHA512 | edc22648296c40a7c2fc9a0419de5c6d2c59b3781438217388f62d9650ae030841066d5b03f981b256c1c79e82efdfda517862cb2131ca2e35b4f98e2dbfcbc7 |