Analysis Overview
Threat Level: Likely benign
The file http://viaction.net was found to be: Likely benign.
Malicious Activity Summary
Drops file in Program Files directory
Browser Information Discovery
Modifies data under HKEY_USERS
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Checks processor information in registry
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-07-02 18:51
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-07-02 18:51
Reported
2025-07-02 18:53
Platform
win10v2004-20250619-en
Max time kernel
146s
Max time network
147s
Command Line
Signatures
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_1758713859\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_1967439042\smart_switch_list.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_1967439042\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_549996290\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_1758713859\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_1967439042\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_1967439042\office_endpoints_list.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_549996290\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_369667788\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_369667788\protocols.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_369667788\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3484_1758713859\nav_config.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133959558756035473" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3008489981-1977616533-741913813-1000\{412CE28C-9970-4D36-AD75-B14C54534D33} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://viaction.net
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2f0,0x7ffcf094f208,0x7ffcf094f214,0x7ffcf094f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1940,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=2296 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2252,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=2248 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2560,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=2572 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3520,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=3588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3512,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=3548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4260,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4300,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=4248 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5268,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=3800 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5228,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=3764 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --always-read-main-dll --field-trial-handle=5124,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=5284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5132,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3548,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=5080 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6092,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=6148 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6092,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=6148 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6280,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=6288 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6428,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=6556 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6568,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=6552 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6664,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=6304 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6276,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=6772 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6388,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=6928 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6948,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=7088 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7080,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=6456 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4544,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=4548 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=4356,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=4564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --always-read-main-dll --field-trial-handle=4924,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=7368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7412,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=5544 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4500,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=4584 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4512,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=3800 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=1904,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=3780 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5796,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=5376 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=872,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=5772 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6872,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=6804 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=6804,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=7452 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3420,i,1476002437886723762,6676831737756972043,262144 --variations-seed-version --mojo-platform-channel-handle=5760 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | viaction.net | udp |
| US | 8.8.8.8:53 | viaction.net | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 150.171.27.11:80 | edge.microsoft.com | tcp |
| GB | 216.58.212.238:443 | clients2.google.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | viaction.net | udp |
| US | 8.8.8.8:53 | viaction.net | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| GB | 2.18.27.92:443 | copilot.microsoft.com | tcp |
| GB | 216.58.212.238:443 | clients2.google.com | tcp |
| GB | 2.18.27.92:443 | copilot.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| GB | 142.251.29.132:443 | clients2.googleusercontent.com | tcp |
| KR | 211.43.12.102:443 | viaction.net | tcp |
| KR | 211.43.12.102:80 | viaction.net | tcp |
| KR | 211.43.12.102:80 | viaction.net | tcp |
| US | 8.8.8.8:53 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | udp |
| KR | 211.43.12.102:443 | viaction.net | tcp |
| GB | 2.20.12.74:443 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | homepage.mailplug.net | udp |
| US | 8.8.8.8:53 | homepage.mailplug.net | udp |
| US | 8.8.8.8:53 | homepage.mailplug.net | udp |
| US | 8.8.8.8:53 | homepage.mailplug.net | udp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| KR | 112.175.184.152:80 | homepage.mailplug.net | tcp |
| KR | 211.43.12.102:80 | viaction.net | tcp |
| KR | 211.43.12.102:80 | viaction.net | tcp |
| US | 8.8.8.8:53 | eduassurance.com | udp |
| US | 8.8.8.8:53 | eduassurance.com | udp |
| US | 8.8.8.8:53 | eduassurance.com | udp |
| US | 8.8.8.8:53 | eduassurance.com | udp |
| US | 66.96.147.113:80 | eduassurance.com | tcp |
| US | 66.96.147.113:80 | eduassurance.com | tcp |
| US | 66.96.147.113:443 | eduassurance.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-cloud-resource-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-cloud-resource-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-cloud-resource-static.azureedge.net | tcp |
| US | 13.107.246.64:443 | edge-cloud-resource-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.179.227:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 2.18.27.82:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8ebbabd70d90d3ae259730e802909d89 |
| SHA1 | 5cad6856c4af65a1865863d0ee02d3ba0f7abc11 |
| SHA256 | 9942fb8a1a2999eaab60c301d85d17b489e324f0ff97ed72392c53f7250e3fce |
| SHA512 | 3caa44a010ebc67051b7b1f14a94d20e02090e67294ee07a0ef7651d1abbc0eebc3e6e7f19ad7479fdb731a08718357a74c8c5e70fb1a9d95bbdedff2e75c7d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2f231393664b6051a22ca0adda7a8a20 |
| SHA1 | 4896856315f07c333d0c7a039d97d98c97e1658b |
| SHA256 | 69d92743bc2a5542bb621c71dfe1a45fab9a17b7297e607ff23ef276d24d5a59 |
| SHA512 | 921abf18d82f4aa6826a00c9f5e997dbb71be8eaf2b018ec02f33d6a03007f3748ff9db4036c45fb876c1ab3395de7c6f22a50836191c6f2c6167757052907ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6b4a6bc1250559e5fde4eba76ac0f0fb |
| SHA1 | bbf6eba507c40df95f5cb6fdb74df13afafe37ac |
| SHA256 | ccca23a15b1e77346bfc24bec22883e364c811be7c31a5b3a36b153d2210f931 |
| SHA512 | c3bccb32de285ee6275e9f858ade4b5fe79dcc4824869a8773c065e23e45f96fcf3407b9eb71cca33e4789229cc492aa86515e51be3ef16c5a6ab6259623c7d4 |
\??\pipe\crashpad_3484_CYSPWWKSWHCFDDXL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4a992a10640d6344e7745700db853422 |
| SHA1 | 0cb44e7aa71bbda1d7211c9b5f7d18bb41fba0aa |
| SHA256 | 0bfcbf1f3cbd91c4315a06aeba4be45111ba1ab56b6727ef0c76d2866678ba74 |
| SHA512 | 16526072c8dba67b2e34d6e3860b950d5e9716d9c4de3d350b24bb2a973b219ccdfb7aa24df491eb371d135b5eb3101f5ca6efe4926c662737f166b0bdf84701 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | 164a788f50529fc93a6077e50675c617 |
| SHA1 | c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48 |
| SHA256 | b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17 |
| SHA512 | ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
| MD5 | cffafac665244442912ccb4ce1a24394 |
| SHA1 | 492d1169af0df42a3148b7d247d64fbad387d88e |
| SHA256 | 78e02020b759dac796037047c801f4743e39e47607679f2606a40ccc74c9e964 |
| SHA512 | 9c12a5ce9f1c0c0ff764ef7248e9699955c384857e324198253b25325a0ff17201a908149ba56be79843f35cc65cbf37fcef5d9c038412f35e190f67448bff4e |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3484_476733618\86f8923a-0a21-4746-a12c-d048b9001728.tmp
| MD5 | b384b2c8acf11d0ca778ea05a710bc01 |
| SHA1 | 4d3e01b65ed401b19e9d05e2218eeb01a0a65972 |
| SHA256 | 0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b |
| SHA512 | 272dd92a3efbf6cefe4b13127e09a9bd6455f5fc4913e7477c6712e4c3fd67efe87bd0d5bf1ec6b1e65f8d3aa0ac99d5bcf88d8a44d3f3116527253a01dde3be |
C:\Users\Admin\AppData\Local\Temp\4ceb13f1-74ad-493b-8b89-999aa83dc7af.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Temp\fe8fac51-9acb-4cbd-8a35-41f34bb506c3.tmp
| MD5 | 78e47dda17341bed7be45dccfd89ac87 |
| SHA1 | 1afde30e46997452d11e4a2adbbf35cce7a1404f |
| SHA256 | 67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550 |
| SHA512 | 9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
| MD5 | 06d55006c2dec078a94558b85ae01aef |
| SHA1 | 6a9b33e794b38153f67d433b30ac2a7cf66761e6 |
| SHA256 | 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd |
| SHA512 | ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\content.js
| MD5 | 3d20584f7f6c8eac79e17cca4207fb79 |
| SHA1 | 3c16dcc27ae52431c8cdd92fbaab0341524d3092 |
| SHA256 | 0d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643 |
| SHA512 | 315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9e10d153f553d423960b29c2615173a1 |
| SHA1 | 970fb4a919e345ec58211c59b7883e032b65d21f |
| SHA256 | 5c0f2748b6592d2dfeaf2a7593ff245bbd38129a4c68f76a64430b1a067e574a |
| SHA512 | cff582e3a8ec57f98e9bcbd60c27afb24fd924392055fc03182b2f20f760399f8bbcae565e5f0a69e6b052d7c4a707c56ff8fbfbd09dff671c2b71fbbda06d3f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2c7d96c5b09a8c15a0bf7235b19f08f4 |
| SHA1 | 445476b984e4d9f3e78524874808fb2c1a321ec0 |
| SHA256 | 1714826867e0280484b3be8a65d255723c4b9decc57c3e87b18c298e6d4ae3a9 |
| SHA512 | d2be330d6e8915eef7fec8dceaa0cd483233d19a2bd313a23f0bebc61a6c68c58c4291ce4ad105406e6ecbba8139a0b685e7e1ad661f4493788fa934f731254a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 2dd04b43c8074e899892a3aabbe92401 |
| SHA1 | dee73ca8512bf017052972641927ec722b098582 |
| SHA256 | a60744bba30452ce0d707b31a1571496acc9043319f32102f5cc46892fb6d9e2 |
| SHA512 | 98e4e6fe265260c2a1f4241c10c0916ae46fadc183940ff918afaa35a10ff61c0688e04d472a93766f9754f4211c9adb8cf7e21d103a2240f0ffd1aa148d1b9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\e2603dcb-5a14-4850-a641-0e16a3184153.tmp
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f67d8ce1fe4d7b137088c9d4058e310d |
| SHA1 | 4e34d98fb31f115dfe0970d1ec2737847d953475 |
| SHA256 | 49f6f8aa67ceb7d2ddccab9952c03d69ad5252adbf2bae12e2e792a70d2f8906 |
| SHA512 | dcc242e1399086fdc2a849864d24a554b32e52886398db56a89be64108464416dd2d55cca4f50ede4abe49d295ad3acbdd22178ee4efb77256742a826535006f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57b1db.TMP
| MD5 | 2cbc640c11e9b85e059708749f0c42aa |
| SHA1 | d01ecf7eb7c4aa537364fe78aa9901bb8919f11c |
| SHA256 | febd19ad4d58727a4e7dbad45bf3f1cc7daed27e2b49e2f57fc8e9a9d420021c |
| SHA512 | c9e4b00ddae9ac15f1b1b9c4d91c0f9915f85dffd2d81597995f21e030c93f63265c67415bbe77c655734d80c7bda5a33a4fa9e756d5a8043d115cbad76a6c7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3947389ee5a77b4edbf2bef6445b0eab |
| SHA1 | 05805a17f13ea4a530e3f0e80143e675bedb6647 |
| SHA256 | 921641f31c3969b574ea276a1be40a6edb0ddc23702626b65fd390630f0a67b6 |
| SHA512 | 446251a9c44ed4597d8d37e756dd01b3f33a6ba2950f9c0a0b6aae3d1afd437baa3503189438bb8d1d1fe551c64f3acdb6defad7064031ababeef525500d120f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 900cf7cfd9b997cf766693ba1acff04e |
| SHA1 | 376a235d6c0a987a58799842ae3db4c7dc1eba83 |
| SHA256 | 9b3fa06376c36f27a9a07c575988ff7eb9e11874adc943311bda45ed45ddf54a |
| SHA512 | 0819ec3659ef77742c40c2ac0e6126ea45f5c1bebeec77441dced49e56ef8030679b280edc557ae39529a64283c56fd356f120cdf0c56dd93c27ca6fd5624743 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8ba9ee6d-349d-44cf-a6bc-7a594bc491c3.tmp
| MD5 | 3cad780534d336f274b0564da1433546 |
| SHA1 | 5e9e149581ad8261e3beb7c73aada6083a4343a8 |
| SHA256 | 437ebfca33309223f88e879edbff36815f10cff7a78073a370c24ee8f7d51cb8 |
| SHA512 | 7a9458339554f624081dae0ba67ffa0e768f6131cd01a64251e15ad88f68bfb7845ac5e99755ed1de965cc56e423a3e6c24ce14757c1cb43e3717710963afba2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog~RFe583b00.TMP
| MD5 | 0bea6b3a00377eef0c17bc2c9a6adee1 |
| SHA1 | d787b2a18fb856f427fa539459189dca66d61375 |
| SHA256 | 8b344f06a81cae5c6bee1624fbacf00a0db370bbc01ba7dadd96e5ec3684f372 |
| SHA512 | 69084e668f73e8fa577a7d53622ef599f66ff1ac76dffc19c842d13aec701eda5327ea358064680d84832f8d722c5b34dafbb29922d7456bff89e5974558e84e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | e8b6ced96c30ce31097285b412cd8564 |
| SHA1 | 5b69e6d2dd8350017795427cce551945a50d4d45 |
| SHA256 | e9ea1a3697887f3582b36af53a3a083c61f46ebc46864ab107fc9a3368f9af2b |
| SHA512 | 520b30375527825a170e3e7e2fbb93b28c041749c966758d9b9c1becddbd4825b1d01fcbbb73c0a5f2b71723e38e6d60ef3da8c6737718bb1450aa446f7e825c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig
| MD5 | f768bcb451a187c18099961c484eef8b |
| SHA1 | 99472c2d1918ea56c632734bc5c8a89ae6d2551c |
| SHA256 | d988156066b7fd22de278fbc96759d2caea6552094ffeb2ddd9307806059c5e4 |
| SHA512 | a4d78de6bcc1e940c466c41c31ee100235b32fef4cb3e7815a9c62dfae1eb3e4588d2c9e8597152ad7754527643c59ea8b811277ac58e4134a3dbf1507fe97bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig
| MD5 | 904e6e94a1d46374c8630cfd86cc729f |
| SHA1 | e1d9c3f7813878acc6510d48d95b2bf48b2e1a0d |
| SHA256 | 8b2e057387e9714efef3580a36459acf56aab53c806cd7d7dbb6e17cef977ef9 |
| SHA512 | 081e2a26252860ff8d8f7a9d0378ae56f0cc50574d13d2a121afdf74284963747ef874a4d73b1df7774cd8570972f4f513eefe0a0325fd088556d5b1ba946712 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 4b194a894c70cefe42ed3d06a57ee24b |
| SHA1 | 62ffbebd8ad7cc659a5442849d4da005f0132ae2 |
| SHA256 | 3c5e1fa3ac6310863cbd36048984a59e90a5101c24033f63582a48d66b57c5ef |
| SHA512 | 8825ae3b7566a91aa4b2cd26ca697ab0348f242f8c67123798045c36ebfeb5e4e8d7d620dd95b9b898de6e114d81935a81735d1f83b54b1c1d0d5d98dc8ab942 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dfdd0e136e4c9bf7c30e8cc89630fc96 |
| SHA1 | 85ded6485e955a43131cb493d8467de57643bfa4 |
| SHA256 | 7dce92e2f5b3952c7b1fcbfe8ae2bbbe8596888ddc0715d145ec3bb5e1c35642 |
| SHA512 | de9bad159efb372ff68bcd316bca9bea9bf250c5aa02ce37cb3554b59e8b4545f824db9974c9c4cc28f0b836c6f4e663574cfa438de999a2fcb65411ea95c094 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 6aeca41772d86948149ff75e2ea18ce3 |
| SHA1 | a7c95d27970e9426c871daaec393c8fdc84b7144 |
| SHA256 | 871be6f89f5e70f5507298dd7466f3a4902bf229a8d28e5881705178a988b7e2 |
| SHA512 | 26a9ad44e2dc2274872a2ac517804399a8f22668e4148ba24d9aeefed9754bb5626d45513063216e394b4ca8139eee778557c976814df2ad748b0944f38796ab |
C:\Program Files\chrome_Unpacker_BeginUnzipping3484_549996290\manifest.json
| MD5 | af3a9104ca46f35bb5f6123d89c25966 |
| SHA1 | 1ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8 |
| SHA256 | 81bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea |
| SHA512 | 6a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1 |
C:\Program Files\chrome_Unpacker_BeginUnzipping3484_369667788\manifest.json
| MD5 | 049c307f30407da557545d34db8ced16 |
| SHA1 | f10b86ebfe8d30d0dc36210939ca7fa7a819d494 |
| SHA256 | c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54 |
| SHA512 | 14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json
| MD5 | f9fd82b572ef4ce41a3d1075acc52d22 |
| SHA1 | fdded5eef95391be440cc15f84ded0480c0141e3 |
| SHA256 | 5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6 |
| SHA512 | 17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339 |
C:\Program Files\chrome_Unpacker_BeginUnzipping3484_1758713859\manifest.json
| MD5 | c3911ceb35539db42e5654bdd60ac956 |
| SHA1 | 71be0751e5fc583b119730dbceb2c723f2389f6c |
| SHA256 | 31952875f8bb2e71f49231c95349945ffc0c1dd975f06309a0d138f002cfd23d |
| SHA512 | d8b2c7c5b7105a6f0c4bc9c79c05b1202bc8deb90e60a037fec59429c04fc688a745ee1a0d06a8311466b4d14e2921dfb4476104432178c01df1e99deb48b331 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\WorkspacesNavigationComponent\1.0.0.5\nav_config.json
| MD5 | 499d9e568b96e759959dc69635470211 |
| SHA1 | 2462a315342e0c09fd6c5fbd7f1e7ff6914c17e6 |
| SHA256 | 98252dc9f9e81167e893f2c32f08ee60e9a6c43fadb454400ed3bff3a68fbf0d |
| SHA512 | 3a5922697b5356fd29ccf8dcc2e5e0e8c1fd955046a5bacf11b8ac5b7c147625d31ade6ff17be86e79c2c613104b2d2aebb11557399084d422e304f287d8b905 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b4c5ca9d9bdb2217bd1830a75f405725 |
| SHA1 | 7105c6d9d629a969651f7e5b3c0eb01d8ad2cfcc |
| SHA256 | 20be3e0011d7d6df1bc18953b6552c5ecaab2217d862f9b29f3fcdfbe6fc70ef |
| SHA512 | 7c33a4818159183cda483170116c03e1a6b77323ce7884c7460852f0e879c8f83bb4ecc5cb1b8e7976a06bb3c1ad591c1356f6bb28ac5f1b3029556289522cae |
C:\Program Files\chrome_Unpacker_BeginUnzipping3484_1967439042\manifest.json
| MD5 | a24a1941bbb8d90784f5ef76712002f5 |
| SHA1 | 5c2b6323c7ed8913b5d0d65a4d21062c96df24eb |
| SHA256 | 2a7fe18a087d8e8be847d9569420b6e8907917ff6ca0fa42be15d4e3653c8747 |
| SHA512 | fd7dfec3d46b2af0bddb5aaeae79467507e0c29bab814007a39ea61231e76123659f18a453ed3feb25f16652a0c63c33545e2a0d419fafea89f563fca6a07ce2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Data Protection Lists\2.0.0.0\office_endpoints_list.json
| MD5 | 94406cdd51b55c0f006cfea05745effb |
| SHA1 | a15dc50ca0fd54d6f54fbc6e0788f6dcfc876cc9 |
| SHA256 | 8480f3d58faa017896ba8239f3395e3551325d7a6466497a9a69bf182647b25e |
| SHA512 | d4e621f57454fea7049cffc9cc3adfb0d8016360912e6a580f6fe16677e7dd7aa2ee0671cb3c5092a9435708a817f497c3b2cc7aba237d32dbdaae82f10591c3 |