Malware Analysis Report

2025-08-05 14:35

Sample ID 250702-xwylbszxa1
Target https://www.woodbineschool.com
Tags
discovery
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V16

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

Threat Level: Likely benign

The file https://www.woodbineschool.com was found to be: Likely benign.

Malicious Activity Summary

discovery

Drops file in Program Files directory

Browser Information Discovery

Suspicious use of WriteProcessMemory

Checks processor information in registry

Modifies registry class

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-07-02 19:12

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-07-02 19:12

Reported

2025-07-02 19:15

Platform

win10v2004-20250610-en

Max time kernel

143s

Max time network

142s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.woodbineschool.com

Signatures

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\sv\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\uk\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\en_CA\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\km\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\zu\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\my\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\hr\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\ru\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\iw\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\bn\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4200_1576707217\manifest.fingerprint C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4200_597272373\manifest.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\hu\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\en_US\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\ms\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\cy\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\ko\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\sw\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\lt\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\tr\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\ml\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\ka\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\ur\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\is\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\el\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\cs\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\zh_HK\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4200_1576707217\manifest.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\manifest.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\am\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\fr_CA\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\hi\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\sk\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\it\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\no\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\et\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\vi\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\mr\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\sr\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\hy\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4200_1576707217\LICENSE C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4200_1026971128\deny_domains.list C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4200_597272373\manifest.fingerprint C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\offscreendocument.html C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\sl\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\lo\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\zh_CN\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\da\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\ar\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\ne\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\es\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\id\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\nl\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_metadata\verified_contents.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4200_1576707217\sets.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\dasherSettingSchema.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\eu\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\de\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\az\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\ca\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\manifest.fingerprint C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4200_1026971128\manifest.fingerprint C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\gl\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6052_96306086\_locales\lv\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133959571810489017" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-815616237-4012932787-4224613991-1000\{17CCB8F6-79E2-4AB6-ACCE-8AE2725627B7} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-815616237-4012932787-4224613991-1000\{BD900092-6BE0-40EB-8ABE-0C055FF7101B} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 6052 wrote to memory of 5052 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 5052 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 388 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 5236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 5236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 5236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 5236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 5236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 5236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 5236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 5236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 6052 wrote to memory of 5236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.woodbineschool.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2f0,0x7ffc0016f208,0x7ffc0016f214,0x7ffc0016f220

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1784,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=2296 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2268,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=2264 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2372,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=2720 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3448,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=3472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3524,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=3500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4984,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5152,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=4828 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3428,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=3860 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5448,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=5508 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5848,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=5612 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5848,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=5612 /prefetch:8

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6092,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=5672 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5652,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=6076 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --always-read-main-dll --field-trial-handle=5556,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=5884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6196,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=3516 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3744,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=6408 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6168,i,14847606201703434502,6464860300083655796,262144 --variations-seed-version --mojo-platform-channel-handle=3488 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x210,0x7ffc0016f208,0x7ffc0016f214,0x7ffc0016f220

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1804,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=2280 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2252,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=2228 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2468,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=2560 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4440,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=4472 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4456,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=4264 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4440,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=4472 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4688,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=4680 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4664,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=4600 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4676,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=4564 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4320,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=3628 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3628,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=5020 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4780,i,13103965338741007896,17680592068969191715,262144 --variations-seed-version --mojo-platform-channel-handle=752 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 www.woodbineschool.com udp
US 8.8.8.8:53 www.woodbineschool.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 150.171.28.11:80 edge.microsoft.com tcp
US 34.210.195.109:443 www.woodbineschool.com tcp
US 150.171.28.11:443 edge.microsoft.com tcp
US 150.171.28.11:443 edge.microsoft.com tcp
US 34.210.195.109:443 www.woodbineschool.com tcp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 copilot.microsoft.com udp
US 8.8.8.8:53 copilot.microsoft.com udp
GB 2.18.27.68:443 copilot.microsoft.com tcp
US 13.107.246.64:443 api.edgeoffer.microsoft.com tcp
US 8.8.8.8:53 edge-http.microsoft.com udp
US 8.8.8.8:53 edge-http.microsoft.com udp
US 150.171.73.11:80 edge-http.microsoft.com tcp
US 8.8.8.8:53 g.bing.com udp
US 150.171.27.10:443 g.bing.com tcp
US 150.171.28.11:443 edge.microsoft.com tcp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
GB 2.18.27.76:443 www.bing.com tcp
GB 142.250.200.3:443 update.googleapis.com tcp
US 8.8.8.8:53 clients2.googleusercontent.com udp
US 8.8.8.8:53 clients2.googleusercontent.com udp
GB 142.250.200.1:443 clients2.googleusercontent.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 150.171.27.11:443 edge.microsoft.com tcp
US 8.8.8.8:53 edgeassetservice.azureedge.net udp
US 8.8.8.8:53 edgeassetservice.azureedge.net udp
US 13.107.246.64:443 edgeassetservice.azureedge.net tcp
N/A 224.0.0.251:5353 udp
GB 2.18.27.76:443 www.bing.com udp
US 34.210.195.109:443 www.woodbineschool.com tcp
US 34.210.195.109:443 www.woodbineschool.com tcp
US 34.210.195.109:443 www.woodbineschool.com tcp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 13.107.246.64:443 edge-consumer-static.azureedge.net tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 150.171.27.11:443 edge.microsoft.com tcp
GB 2.18.27.76:443 www.bing.com udp
GB 2.18.27.76:443 www.bing.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 150.171.28.11:443 edge.microsoft.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 13.107.246.64:443 edge-consumer-static.azureedge.net tcp
US 8.8.8.8:53 static.edge.microsoftapp.net udp
US 8.8.8.8:53 static.edge.microsoftapp.net udp
US 13.107.246.64:443 static.edge.microsoftapp.net tcp
US 150.171.28.11:443 edge.microsoft.com tcp
US 8.8.8.8:53 c.pki.goog udp
GB 142.250.179.227:80 c.pki.goog tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 84.201.209.70:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 150.171.27.11:443 edge.microsoft.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b7aa7702b84f9141b7fd06ee2d0f72ec
SHA1 b33fe6546e943dbc676ed6d0e2be599dcd67ae05
SHA256 9e90a4b3dd2a2ef5ddaa0d835fbb2d83062663ce5fe0ce244e7295b50681ee8c
SHA512 ebb3e3d209b41a70b59bfd2b7e464f9b29a1a06fdbfbd121b79330b76af11bf60db4a9c850660894776c6fef3cb8a4e8266f94f187ff00e2a0eb8180832f963e

\??\pipe\crashpad_6052_ZEUDMCUNCHKOVIYX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 70513332cfe5b518148a0b18ef97f28a
SHA1 164c8e2d8d70f81e62f11924bfc01d784583ba57
SHA256 76ff45838a4c64f365dc15ef0e8660a32b4ef2c8829190ffa16d0fa75bd9e774
SHA512 63ad5cd4f64e15b24dae9b01ede6fe8c7883a5b81708ba7093eb957329a8808e3915256044daae42c58ced7ff0881f0ebc9811e79b63af7d03d1b8a9945eb209

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

MD5 a3c0f711440abd0b7fb31a81c58de7e6
SHA1 e9fc13baeb59615ed53f9a2e6491a2ee419ad031
SHA256 b4296d7fe63b36b9f85452eaaa662c6f8cc59a1ac8b26bc3690448aa6de1cb12
SHA512 116109292b6c3c89a0d8482de1817f2cb9082baaf0a2e19f7fa77fc2a9e58db5b18277f3ee530c17678b86f587e4637a60eb220d2df73a61548a504f44360453

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

MD5 30b649a79e6ae728e66940a869aed09f
SHA1 2a447f47f578b01805028b7caedad45417ae0c56
SHA256 a88ce72b5e4b5288243ac53a8310ecb0662df78e8f86b64c171dded95530dd0b
SHA512 e6664f3f0ca16e1bcfcbc4c605f241baa2085f20db8b899bcd93793b353bba4ab02c497215db9faa6b33ca0e1fbf2dc10094cc588c7d7307a13dd2632d3978f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

MD5 06d55006c2dec078a94558b85ae01aef
SHA1 6a9b33e794b38153f67d433b30ac2a7cf66761e6
SHA256 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd
SHA512 ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5e6c8d38dfeccea648d76328da509609
SHA1 0fbd8c4f3417be662c82a107ae5b02ecb7c4eead
SHA256 3e9da14d429a79960ff8d20576765e9e937baa2de1da44bfd74e4b53ee536691
SHA512 2c1a343b708081bac40ada2ba8cc5a9b10344d00cebe7074006051bc296ca15f84885af5c1b9f370430181bd66e5204c8abdffa482b8036223f68953fc575059

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b

MD5 b384b2c8acf11d0ca778ea05a710bc01
SHA1 4d3e01b65ed401b19e9d05e2218eeb01a0a65972
SHA256 0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b
SHA512 272dd92a3efbf6cefe4b13127e09a9bd6455f5fc4913e7477c6712e4c3fd67efe87bd0d5bf1ec6b1e65f8d3aa0ac99d5bcf88d8a44d3f3116527253a01dde3be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7c9cc6af041d30e343cb9625d07fe39d
SHA1 63b9e6b6a1fba7d1eabf74b7bb89d39e4d943c50
SHA256 dff8432431182e53ddf3e3a21088a83138d9080dbfa02b9f70ba740af8180a43
SHA512 e2c4c5a8b76b218afd5400715fd004e59463ae109782c9b5142de16d54311da75f06ff61fc737896105e1b8f5abb8deea56f02cdd2767128a2fd04dd37499d4a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 a05b56e07bb07f21b4e1c6abf5b143be
SHA1 5b3a8431ec17686659307b24434ddfc307f3cebb
SHA256 f49ddedfa6bce1506074ecfcb213efc1c27c88fbf2dba7c4d6e4168e38afe846
SHA512 4fbe9f3887da267c4fa1d0e8ee41cc6a5f56093a79e54eba131bd928e4340e1edc6d81168db36e0257fb13ac5d153cbebfc9bec547f4ad3d969184e8bb08be0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

MD5 20d4b8fa017a12a108c87f540836e250
SHA1 1ac617fac131262b6d3ce1f52f5907e31d5f6f00
SHA256 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d
SHA512 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9467eb2d98bea1fd206ad533505892e5
SHA1 1ff02bf5e3be8ce031e2f3dd0a1bb5ffa2fc1f07
SHA256 e7b058bc4d8596c7cb9977b3783f62122eef6f267c5367ef22819a5cab471257
SHA512 036aaa34604c1028d5482b333d2487aa850c0d66276cc4b4d03b824d044410a8ff6510ff04ef9b16145e6fc4c01a08ddb629be9764204d51b5554d0e0d9ce3b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ab5e27afe50eb4c96ae3a6248e4e8ad9
SHA1 791aedc73827b73bd46ef1092b25b8e96d89d9a8
SHA256 1376f7c2c4da97ce56290fe3e33abd3a5998bd729c3c3dc477c7cc909cd9a2cb
SHA512 c8ec944aaf3059ec623ff2497d7c7c5bce2170a16bce8bae561018e544fff48304b679325639f5038e79e71391a63b260651aeadab78017739de09b8124d3407

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

MD5 ccbb18bdd6d03ce9d23c9098373d21f0
SHA1 740dc327b47feb974f6314087fd7e4795be40791
SHA256 e7a80a98e4c253f849708dcc50cc4e702cd43f736d5eb832dc7d5879b85bac56
SHA512 016e257403e0b6bee67621e20ef37020f107261dfee1f7a22a0cd5c624787d7d939aebb048a0a669ed429ea28af6a7f8967a3c21111af8954282c7be32b4acf9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 0d0268b5a79e73bd710e133a945ef987
SHA1 d4146a1638338b99312bddd3ae77170168f3a676
SHA256 4bb8317504d71d819b45a05f17250bcb41fe055648d3c6cfdb8b898682c96925
SHA512 603bc255aad1508879b0c5706ef4189a8b80eb1234be30e49475cf3a0b97e5f959aeaeb3a58d3c215e00c0077a525bc8e8e51d3ed10774971159f428b62617fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 04858357a6ed44b9e2cf76cfb5e91990
SHA1 5ae00701caf8939702cde37e736235cc58c1fce8
SHA256 3d2398ca666dd795c371eb35ee0218fadb935058c61118ed0b8cc0b503feea34
SHA512 2538302ea2e9ddc9a2e6de27170568916ad4a24a9656cc567d5446ad911352ece64b32454540c52c31f94e94dcf5c605fee9fa1234a9d25c42a74dd68d033930

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0c3624dcf3d4802f784b6d1a9088607a
SHA1 1486523aace1001dd7176155a81777c7acbc924b
SHA256 55d46c85d5b4fdfa634c187712a217460680e0a30ec4b67df3bc3ae283f12a75
SHA512 ba14429e0b4d2f16f34e14bf8b8dda31da422a5d877667f2f3511649e5197a9af37e1fabfdc767b727f2e573d86aca1aba63e18ff9f75d40d3a4408f3d922244

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

MD5 237430b55e9a06de0f0755e32cd269ff
SHA1 0ffb8fe5771074427a9ee343aa8177c7daf042aa
SHA256 d167c076a4b004b59e3879782961ed24b9bba480f5d8f87cbf6930ecf3e55769
SHA512 c9aa0d63ae48f0a8d412eefbedeba7e69cc5aecc1dbd398b5e03e35490d0f88e104bf866617c967632e64058495de6723461a594b9afef911a4bc4f2abc99b9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4b54b401aff6984ca95bbb6e4eb736ff
SHA1 55c251d7e3bbaa38e8095ad9837ef8c99f178340
SHA256 9a7fe861605391cdb2ff1b52ae44f577db655cc0f5a31cad826547923b818c3e
SHA512 a29fbb3afa9df510f80ecdc74ef64d44da3e7b6d577069d522322af18b8ffd30cabdc3322136ab0c966cabe6605b08735f2f6d11dd38bf91994e6831510367f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 3e45022839c8def44fd96e24f29a9f4b
SHA1 c798352b5a0860f8edfd5c1589cf6e5842c5c226
SHA256 01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd
SHA512 2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

MD5 1b33d4f1440195f1f95d485272d36700
SHA1 d8b6e12f2f0fa4c91dc8df0edad49a140d804b75
SHA256 9f9a2b50a6f5286091ba7486b8862acf9bb59b9906ae74025e55b4f49f77903f
SHA512 eeb6e04a12d9b0ea5fee65ea724a6221335c928b9540645d78988057322a5cbf7f741f4166793572bf59667e0a32866f1a494a46a5f6832e9931d3e6400061b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006f

MD5 b5bc3c3d8adad6ea30900155bc2bd27d
SHA1 2d1c6aed498a9d08a85b4d46404bd4726233b0b5
SHA256 32667e28657dfb3cdfafb77c52889fc9cc6d1312dc55a43dc70ecd2b934c0606
SHA512 e119d4ca24964770c9d0f699a442264efc57edea8f94897941b9305c2e7e6398595c9595b7d0f88b591325113a216c279956880b4751d3498676225e0488e089

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

MD5 08c5ef2011c5b052f6e5f84c3512952e
SHA1 549541014bcae4865adde9f2b50bdaa2f6a15dd5
SHA256 7f68e5e3e487d9074dc6f38312502d3c6ef7c8983b608974b0bcebe37c2ed75d
SHA512 7439f1254e841bee7c81cda7f8ca27f6961d9c440f81b4e8f58de9c96d9bd3078043f17aafab58c764cef23cd448c5625cda25605c7eadc4e4f2e006e908e2bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\default_cloud_config.json

MD5 256c40bace492c4e28451ce149d2f9ac
SHA1 b48b0eaf986b9efc91d5c8dd394dccb6d82e2adc
SHA256 f9e4da319fe1f5a7d497c452421f4648a24ec7588f309ebea0f0cd61a6251eef
SHA512 33b38d1ced015798722180fc8c8ce6daedb18cd5d0e4b3db27d6176c13cf3ccb1bd79f2e68ca390d6eb43ac508c29067e8f1a3ee9f0167cabe37ebbddf6b0ec0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b6832f4bf946bad6dfaeff8f67ed7eb9
SHA1 250c6ad1f05f6c69d30d1d7784a33bfba3f42191
SHA256 e238b90521dea7f6b8f17166aa03232f85e065d32fcd6f28d0fd394a76802ff6
SHA512 7c1dd62c0c41c41b32306da112d5842d9a609bff7425fe94e7c95b017c719ede4a04ae984b845ce68209ead6200b13824fe6806058b613e152b2e95b641e693a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

MD5 0e4c722e2311d4df44defbba53550e46
SHA1 87d8a5f0c80470ab2d183cae528e25f06ae48af2
SHA256 e8071caf12b8934b2990cdc08b7f51d3f4d8ceddcdcee91f1868b034fb21d982
SHA512 f824465594a4ba09a62d68056f1df07290b6f3ae270506a55e329c55e88abcdf9323960ba7ab7b6bb6ee5cf86a7367270f7efd602bf6fa98050ebfa0269ce2c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1

MD5 8949f207c56f1aaaf0b76e990e9dfe2d
SHA1 ef5719b92692e8d012f44ddee7a146bd3f610e15
SHA256 ebe64f217357866250cef2e9491c63b01bfba125315682bc62de6d62a8454ba8
SHA512 5d92087e686fc27c711e7eea3702701b8dd9bb953c8974548122f3c10279b6105378cd610ab6fffc36e05d6a011641f1a476a225cb91818301ff40324b3660c9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_3

MD5 4c37330465752fcd060391ae419d04dd
SHA1 681e09ece7fba4f4baff831dc99c53aa20e6c18d
SHA256 51d4b5f0fad163b4333e2088dd66b6bd388bc937cdb0f7699b1fcf4179ee8afb
SHA512 6698a96ca7f5a5105d7255379940ccd99a02c5b7128ca59b3088ae9de7a671d57fd5c661462adb130e78eba524024f8b3164f2f8adccad064cecac26358a563e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1

MD5 b4784c283b9d53fdf7e4dce1b0cff277
SHA1 414633777558a00837fc86c5c338489ecbc09ffe
SHA256 438bcce46aa10398f9cf15a3710c882888fb59d55f0282d1fc8f0de96183fc20
SHA512 b9c053148b1fef20fac057078b51481ab8d23b084f1795f82ec1ed1efd01cb9965d5188fd3c59cb1670386748df228a604191d9b738ecb4ab45478b016642006

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0

MD5 29072fdc2d1d9d1e54f53529c77a40e8
SHA1 cd2e2f5dd2735590483dfc069ab4ba87ceadd51c
SHA256 181cc613c15fa0f1ad13c9eb5374e8f12a21a2c898a559f960b545ce0f0bff99
SHA512 29d6ac88831a9db510bc14c0530494a7b26c1859921a835c47572c96c7717f395dd053d3e7c94d28cb23ed9688e9dd2b7a1ecf2b73cc1daa793fab2136cf4fb4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

MD5 a15ac2782bb6b4407d11979316f678fd
SHA1 b64eaf0810e180d99b83bba8e366b2e3416c5881
SHA256 55f8fa21c3f0d42c973aedf538f1ade32563ae4a1e7107c939ab82b4a4d7859a
SHA512 370b43c7e434c6cc9328d266c1c9db327621e2c95ad13d953c4d63457a141fbf2be0b35072de96becc29048224d3646535a149229fc2ba367c7903d3e3e79bdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

MD5 37ced3be8c3029eadfe05e485225e6a6
SHA1 317234757783f9647f1a54fff18066b90bcf5a1d
SHA256 0bb9dca9d3a3f83ceca1545cce168ee97ace0b8aad348518a4f0406217e7b989
SHA512 53e7f7ea789c6eca1166db7635ad599e7b2f3907df1e01218aa966951bd7f4ddebc4908b2e6cf7412274428f24d744326e47a26ab737d5cf85bae606d28d97ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

MD5 8513a6ce2f2a827415b5b491288f20dd
SHA1 f950d477ce22fd0ca89328829a7127066fe03e4f
SHA256 3ad9d64273740c73f4bba481fee6d87e6682a9edbb8c44a0ef6f3dac6b623a17
SHA512 bc657a3445cd0f726a3cfcac1a100e97d6560c7ddfed47ef4b087e3cb7561b06862b11400ff9921194ad377313eb2fa4c5984bbccb206bdcff4189f42f052672

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.93.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

MD5 555d1c51c86aba0a7bb054c69a2458a4
SHA1 fafca68aa0d5853a8ce08373447038a5064f098e
SHA256 b427731623ae7f1ae9ff44d5666df81933f7e4904498e1ea359c4ee973339de5
SHA512 ce7c919b29ac0584b935268ac0c70730b192cd610ef227283d6fced72e0964af4452d782fd9d53b0c9928800d1ec6f2423ac107debfc362a6fe320c629b31cb1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

MD5 c6488e8763df8a2207ff2cd56289bdb4
SHA1 79856a8f12fbe0899877f4b5589052131edcd742
SHA256 f5292e2eef40cefe96e28ad588fd43f66925e93c16997636fda066797d8dcd6b
SHA512 87dcb7a8fb0e445ac122780d37f6c3d7a710b55bb1c2639b8703d0ffc9a4c0faac023e08f8561a9fc7e7787f400f3d81b1a9ca7282fd378e0c9c3f7e2f2108fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\de1d0f5b-a0b8-4b79-9d03-c4a9853b076d.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

MD5 c397b3f6a864d3bef3d0ccfef0dcfbd8
SHA1 53d85021ca14f1798e5d9346405124e0862f99d3
SHA256 9cee522fc2833da8d45cb337461718dae461bd7ab75e44be3b746772ddb0443b
SHA512 109abb6fdc3c64f44c8dcf5ffd4b8efe346281875607e050608925184fc3e4fa4b0d7bbf9493f64064b7906cc8c5aa8b4bb76bc5057b7a81cd6829d3194417e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

MD5 774e8f30c8e958a4703f08cb98a645d6
SHA1 330b7bea05fa0288adb0468bd42e72440ca72d03
SHA256 23378ce8b89e7c25084ff80e3f20f4682c3255deb1d8e1babe65d222f6412713
SHA512 72a79d5db65719e5bc967a1cabc378042d741ffe5e3576654b2af4c6f3c2c935a30916c929ab79a8a8b6a221db48ddd4a433da54bc047725170589e3c8a8272b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

MD5 d90f823774967a0c2aa5b3dfeba4844b
SHA1 8bf05ed3668e2c31977204d1b55516144e47f687
SHA256 ecd36c3247f9de60bb93b94c749ae1388106cb38195da0d55d4af2511bb2ffbb
SHA512 b089f1f8b1f7ef4819de39fba53ed1aa7b1364956b64e9936abcbbe615ad96101250f3d6ec38e59320f9a271cf60dcffb54c10ffc2b077317d9c8f80c175bfb4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

MD5 0f16b4af3498c0ce578a0ca3cdab67d3
SHA1 287c39612b973699b1c3f4d38e9d49e321811b53
SHA256 1b7a1982d001813f2a6d9cb72853d1a6ffb347ef29800207bc23415f0c6b7cd2
SHA512 d8c2bf4d7d8c5badb967feb1f499b12aa9c3dc4d757bd214bdbd71cfbaeae40f67f1fcdd108192c16d91bd185ef8cc6c8ee97ed413d9a13a30cabd3d6790df37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

MD5 6cf53ec0872f403af3589065cab2d956
SHA1 a70cccac8dfe2346b14dfcc805ba7aa9e446696e
SHA256 ff19e58e72aab342061b3a046cea15838675cb33c1ca512868d1453cbe1058e9
SHA512 1a2f44a8c007edb279708e40a930ac73649303174777006fd50a78ef11a2430eb40937a8b40f5f12ca187fe9ca3cdf7a412970b9be6b79e5feab20417f4147ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

MD5 1b861126c5fd577d19961283a5345c99
SHA1 1817f2ad12ea91cfd85353353c8a45222d5c020d
SHA256 c0e1e297ede919bbb2492abcb4142349c5934d323fd2e1c11bcbf53213886f28
SHA512 e29e87ab33be0bb49e8c8d2bd67476802e953c36c94ef7ec70e10b641b294e19a8e9f9ef3846270566c441a60bd7b350b08d08355f4fcf31bb11eeee172b6fca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

MD5 7c38984671d837e4542491349e9a2612
SHA1 87359ca5c17c76cf6d25d6657879d3d0c0fa0d3f
SHA256 3a81e5a4f804168041d8fbc1756da45158fb36f7e348f2caf2834af1dd87a518
SHA512 3a20f765337b31ea8db38e24662737d264f98650479c483f4ef5bb8a5e5a87278fcd5ade7b9cbe40fabeeb719515886d55008917cc94acf7a9bd1a19a4c4a05f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

MD5 d6e2a92d19964e671fb53b4d2a560ddc
SHA1 173389951b340671ef9ca4067556ab71c79402ab
SHA256 ab28491db69bf9fc10efba75739fbeca942d6a75b2cf35ee6cb85bb1ac46ef83
SHA512 8efd821312661ca83b39ae86b0e721c2da70f99310314f01b7904755ac932123f056a34fda900fd889171674041744ea4e5a0423c5869b474c1251e311fc3e2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 d03e6e788ea8fd7e3bed0efb58d4a069
SHA1 cf93c2160536b1dde8738ea6be561dbf04205a21
SHA256 dbf536aa37fa73049eb15a07dc1f2303dde828b0fb2ec230796b704e3b5cb020
SHA512 95ae835aaadb1d59c8c828ae095213349131d229f376718293bd5b4deae0b51136e4ef9f610265f1b5e06232a75661e4fcf49a4a33c4e85761662b45328ecf61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 fd95292a6ceb11afb4e7028a61b38ca5
SHA1 7ac3013379fba55e98da3fae8e355ad2d0c01737
SHA256 36df6b94bda5025e9c0c3c71dfe94ea5e5f46fd7c3d31b890efca719dd0ff7ea
SHA512 b618df69c46990497cd25cc3e907e60b50bc2fca490214560dc8623584958c4a5e34f28a05c9089e75452fc61c7e076067fe7ce454fda48c18fa13a78ce373e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

MD5 ed98c9ac972c2e2e67594fadc1481eba
SHA1 a0cf66a1d47c30f57a9ca5e83a307e280949663c
SHA256 433afd63cd2e9274cc2c4e6a52b37c9a6a749630c0faaf9e6dc82cc9005c48fd
SHA512 b0849edb735704b16c8c319603fd4b5ecf2db5937bddebbf0b8e5a3b6925e5ad8c9fd6b112bcc0ba6a8f3e348e3e3d47dc49a0f06315011bf38fb88ebdfe5209

C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\8b0d4544beb97a69dbb9583fca5575a9aba6e37d.tbres

MD5 fc5d9a6d897d83b24d0b0a178ee92b25
SHA1 ddb56339d2cdaf1283b8d29c3a834d54ca42ee30
SHA256 f9715fa50c619cf6f85ca687018a797c87e9f3c74ee302fafb302f8f75b4195f
SHA512 d13044d93b7c233328d848dd2bcd9992df562dbbd87474880918c80009d38596ddc4f16124b458c297c33cd67d92cf7a2dc59f7adf2ab3f85fc308d8113832c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\CrashpadMetrics-active.pma

MD5 cfab81b800edabacbf6cb61aa78d5258
SHA1 2730d4da1be7238d701dc84eb708a064b8d1cf27
SHA256 452a5479b9a2e03612576c30d30e6f51f51274cd30ef576ea1e71d20c657376f
SHA512 ec188b0ee4d3daabc26799b34ee471bee988bdd7ceb011ed7df3d4cf26f98932bbbb4b70dc2b7fd4df9a3981b3ce22f4b5be4a0db97514d526e521575efb2ec6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

MD5 094803cabbed8e19f9294f673170d8ed
SHA1 4b8c476bc68f94647c1e0547270042776c15f3a4
SHA256 6974748d94083d4af81ef69e1ce8c42cb8605e084fa849a1a948b79b2abfea55
SHA512 bcebade5f1cd18b69a5e8e15bd13668991414abcbdd6f3a751fe356a8d8fa93f18a388909366572dc73dcf69ee8f7ccb43b2e785e477a3229f5a7466046a4c1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser

MD5 a397e5983d4a1619e36143b4d804b870
SHA1 aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4
SHA256 9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4
SHA512 4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

MD5 3ca73fe472b92765c870626872783844
SHA1 6214702c21d2afa072eec50516eda1f87628652e
SHA256 671372532ecd33f61c9dde07b30ca8ea2f0aca49d3d04a4f54bad4224f8af680
SHA512 cf42050b55c8c1eefa5bb7c0d1a7c3361f13bef5cab8d09fbb03d960904b18c684de130d8c5edd29c6905383ea293946dc1cd6e7d92398f4fbf59602ea22ade8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ef356bb422f2d577990df4c966ab224f
SHA1 ee321a2186492638ffb9b16b7b499bc7db73b424
SHA256 5c7f26fc04135ac202b19d997aa87bda58e95fbdbcd0ab1fa4a14d238bae577e
SHA512 e31c9e3bfa5213ea44dfbdad732fc4dfbbc4f57bbc53b42aa99fe34146f8a28de8460360802dc984e47bd796942a3a4efbeb0658a2370ddec29878b5c434e0c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\favorites_diagnostic.log

MD5 c290ae4af0a057933247267678fe8adb
SHA1 4cd0ab0fb3b7447a1e5442599b79c815cd5b772e
SHA256 f0cf039574b95e77978b9a6f78a748b9597b8d7fbe37b42d8049493488945397
SHA512 39ab06025b16278f2f08475e65077725d8938a7840857c6f0cafa8effd4b8bbbb5b8e730945840442caee05b16d59843eda8a81e366150959b5f6bf9292f1d8e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2c8201003aedef4cdc81efaaf11e42c0
SHA1 b7d07cd833b43073b773ec8808d7a24d88526491
SHA256 31636d4f07c545f269630e47f8cf81bd2b41b7fbbe1bfb17dd5e7eb2901489d7
SHA512 e6adbdeef56f917b9c8a1e45f313cef952716ef57396713db8026cae4f42321c443175a9dc54ccde08078c7ba36dd62aacc8e50804ac74f3a1073c1407ecb3de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

MD5 3d4bc3b0f4544faa59f449b3bb19c660
SHA1 a53405e2e64bef47965d3b2acce365a0943196c0
SHA256 6ee88507bb96fc57c66d8b6744b3dedeb4baee25384bf3a6567defc66132c138
SHA512 d6e850c56ce8da01563ad1d55f67530faf12e6aff0a8bc59b38da629fbc8f149c73b34cb3cf4bbf7127e23b1457196596146fe33260281351d80f869e00c6280

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

MD5 0dd77754e35abac60704c35469725433
SHA1 9683b65282a19fa05ede4076807c74fd289cdf09
SHA256 56c4c0ed562756bf71c1076ed62a5f162dfccc823d342d8b3c5b352534fe94fa
SHA512 bbe611e0f88b4cfe5ef0040a6b5dd2129f50c1dc33fe936d26ab23b5e82be9f68812c2df6e6724965bd9d2b52062a2fb27a6c0b98d329722d0620360d3c21ba9

C:\Program Files\chrome_Unpacker_BeginUnzipping4200_1576707217\manifest.json

MD5 e0909520982fc48e47a6451443b11741
SHA1 0e46425274933c153ebf5a03f25e693267a8cea2
SHA256 2e9e6138305d702f3c9b89d6e9dc4931b548c69bb86db64e585fa2e37b8ef654
SHA512 3fdf504cb0bf39a807fa15a8ec31a6efd8083888692935ec31d70b4ef6eef89b8527c6a75a46bf7ae3efeeaa507ac3c7cccda5246a2f073ac603a7ffa10d20a8

C:\Program Files\chrome_Unpacker_BeginUnzipping4200_1576707217\LICENSE

MD5 ee002cb9e51bb8dfa89640a406a1090a
SHA1 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2
SHA256 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b
SHA512 d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

C:\Program Files\chrome_Unpacker_BeginUnzipping4200_1026971128\manifest.json

MD5 e7314184e67b4501f5048c2e5f181d96
SHA1 f741a8a1b8c18c8d4974f937ef589b134dde5419
SHA256 7bd96fc0239229d64cc38693c64f2524d95711534c606b2b39957af8411d870a
SHA512 773ff8228cc87677e3f74667b61db59decfccb6ca4da80a5ac5e0aff0e3102e08e6c1561df35b9ed64c8b7db8dc8ed27210c2ca0139ec85d17f9e3f57018a086