Analysis

  • max time kernel
    53s
  • max time network
    41s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250610-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250610-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/07/2025, 05:25

General

  • Target

    https://teamcuratedtechnology.com/68383-414165/182302?uid=ZtBzSSVfJwYS4Z8t7mVBfmogJLy9&prom_type=regular&prom_id=323656&pld=26L81sNgpwNGg5

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 64 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
  • Suspicious use of FindShellTrayWindow 10 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://teamcuratedtechnology.com/68383-414165/182302?uid=ZtBzSSVfJwYS4Z8t7mVBfmogJLy9&prom_type=regular&prom_id=323656&pld=26L81sNgpwNGg5
    1⤵
    • Drops file in Program Files directory
    • Checks processor information in registry
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of WriteProcessMemory
    PID:2052
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2ec,0x7ffea055f208,0x7ffea055f214,0x7ffea055f220
      2⤵
        PID:5000
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1840,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=2220 /prefetch:3
        2⤵
          PID:6004
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2168,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=2164 /prefetch:2
          2⤵
            PID:4504
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2460,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=2476 /prefetch:8
            2⤵
              PID:1712
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3428,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=3520 /prefetch:1
              2⤵
                PID:4904
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3436,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=3524 /prefetch:1
                2⤵
                  PID:4396
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5152,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5100 /prefetch:8
                  2⤵
                    PID:5176
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=5128,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5160 /prefetch:1
                    2⤵
                      PID:3376
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4804,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5144 /prefetch:8
                      2⤵
                        PID:4816
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5472,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5656 /prefetch:8
                        2⤵
                          PID:2284
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5480,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5664 /prefetch:8
                          2⤵
                            PID:2340
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6276,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6272 /prefetch:8
                            2⤵
                              PID:4268
                            • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6272,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6464 /prefetch:8
                              2⤵
                                PID:5652
                              • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6272,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6464 /prefetch:8
                                2⤵
                                  PID:1040
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6364,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=3652 /prefetch:8
                                  2⤵
                                    PID:6044
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6536,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=3640 /prefetch:8
                                    2⤵
                                      PID:3480
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --always-read-main-dll --field-trial-handle=6556,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6640 /prefetch:1
                                      2⤵
                                        PID:5404
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --always-read-main-dll --field-trial-handle=4296,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6624 /prefetch:1
                                        2⤵
                                          PID:4356
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --init-isolate-as-foreground --pdf-shared-library --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=6840,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6884 /prefetch:2
                                          2⤵
                                            PID:2264
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --renderer-sub-type=pdf-renderer --pdf-renderer --pdf-shared-library --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags="--ms-user-locale= --jitless" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=5352,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5288 /prefetch:8
                                            2⤵
                                              PID:1152
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6460,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6792 /prefetch:8
                                              2⤵
                                                PID:668
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6784,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=5344 /prefetch:8
                                                2⤵
                                                  PID:3688
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6760,i,7168205586566802427,10511440566249434753,262144 --variations-seed-version --mojo-platform-channel-handle=6316 /prefetch:8
                                                  2⤵
                                                    PID:5936
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                  1⤵
                                                    PID:4528
                                                  • C:\Windows\system32\cmd.exe
                                                    C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                    1⤵
                                                      PID:2848
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                        2⤵
                                                          PID:4320

                                                      Network

                                                            MITRE ATT&CK Enterprise v16

                                                            Replay Monitor

                                                            Loading Replay Monitor...

                                                            Downloads

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                              Filesize

                                                              280B

                                                              MD5

                                                              2294f3d9a64baef128a25b87589d389f

                                                              SHA1

                                                              424e387efc6a6a15e78b75f6993c1c2b3075b1df

                                                              SHA256

                                                              36f7957c705b6991cf14d92a054f5f029666152a4064d59cb0ff3d928b29281a

                                                              SHA512

                                                              bb23f81a610122ced958c119f398ccb753bc760084b92484f78a9459cc4d055ac6268aecaa350bc311fddbc08be89103ff36ebfa92e240e383ee2f155e899858

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000077

                                                              Filesize

                                                              775KB

                                                              MD5

                                                              61e0d7efea45541ea38ac6578943241e

                                                              SHA1

                                                              8b1d21954cd0dd072959cf4144d2b44d23510229

                                                              SHA256

                                                              04d3beb8e8c983c6aee61a918bdbec979fb6280b91ffd85113fffff8337d8cb5

                                                              SHA512

                                                              fd706ef8ec131eefd21e6651b7f92e5119c5b65cc658983a8558f44a2cd90c843d31a88df610b2b5cc08c78cfd85eca4c94325ebf37e413847777aee96898bf3

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                              Filesize

                                                              3KB

                                                              MD5

                                                              f799a4fb3e95644839b8cbb2b2ec9306

                                                              SHA1

                                                              95e9c4cecf6bceca648b2c24f9a35f058b818ae6

                                                              SHA256

                                                              cdb50b1ddd491ab49cccb711b6392d8ac2584e2aa595ab9cd703a8ef973bd87e

                                                              SHA512

                                                              417f7d88e92871452aaee59ffe80f3a7b98810e6e39d3a67b5837ec39f953fa5f4adb8dcf4a20eb346c54d60983b2b56f7fb3aa641078fa95314aa49507cbd7a

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe5810a5.TMP

                                                              Filesize

                                                              3KB

                                                              MD5

                                                              71088794648ba69864605c04bd5c01bb

                                                              SHA1

                                                              6fd207aa0cbbe50a357ad97ad685b4706ba7c6c3

                                                              SHA256

                                                              a328f1dccfedf7d07b6a1f4012145db2999dad551908f24ed2a167ea9809a029

                                                              SHA512

                                                              5b39d30977652bbb23a4b49137d97327f24bbfc0e1f16d6014bbafa64e54e6bd610420183d5207da32f0d61a81d9db4a76480ffe8a2968751100993e2ca97a69

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

                                                              Filesize

                                                              2B

                                                              MD5

                                                              99914b932bd37a50b983c5e7c90ae93b

                                                              SHA1

                                                              bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                              SHA256

                                                              44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                              SHA512

                                                              27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

                                                              Filesize

                                                              108KB

                                                              MD5

                                                              06d55006c2dec078a94558b85ae01aef

                                                              SHA1

                                                              6a9b33e794b38153f67d433b30ac2a7cf66761e6

                                                              SHA256

                                                              088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd

                                                              SHA512

                                                              ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

                                                              Filesize

                                                              2B

                                                              MD5

                                                              d751713988987e9331980363e24189ce

                                                              SHA1

                                                              97d170e1550eee4afc0af065b78cda302a97674c

                                                              SHA256

                                                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                              SHA512

                                                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

                                                              Filesize

                                                              40B

                                                              MD5

                                                              20d4b8fa017a12a108c87f540836e250

                                                              SHA1

                                                              1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                              SHA256

                                                              6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                              SHA512

                                                              507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                              Filesize

                                                              16KB

                                                              MD5

                                                              c98295e659d5a09a7efb6ef9bc22c3f3

                                                              SHA1

                                                              8c854e0177c62b29236e8a044f403f66f5d49d4b

                                                              SHA256

                                                              bfbfa18d71f327c974628c5bf26188ff4b82236aa6da224f621ccbf6bb5254d1

                                                              SHA512

                                                              c7d7e727aae19386f24b97149898cabd3ce6696c73312de97a40c359c34be984f6218e2bab014973791023ec9622a98a9015aed73ed1b42c7644418fb69d478d

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                              Filesize

                                                              36KB

                                                              MD5

                                                              dd50a63c20d453c13ab9e03ed77f3fc2

                                                              SHA1

                                                              434ab92f9d30d6f16ed5a8d46a407bab6675b06a

                                                              SHA256

                                                              f772e507169fba83118b62f4bf795ac9dbc5612a299bfaacd5bae1ba2461f3d9

                                                              SHA512

                                                              2f58f80b2fdbf869d4d012fe8f42d120b4b55e97c294a348b339ff6549775a3c0bfa81091850b60b70fea44b231396fda0fb1418b371567ef11a0ac93bdda2ff

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

                                                              Filesize

                                                              22KB

                                                              MD5

                                                              7cd443e449bea97574bfcf99db4806c7

                                                              SHA1

                                                              cc9ba3d6eb3279062a58efcaa101d52034b5b755

                                                              SHA256

                                                              3730543181a5fcf203b8778ef3c59f01e0d7c822ec60455a153b14362a2154bd

                                                              SHA512

                                                              ef80361bc0ba3ad153ef1d567c96386556ad54a4376092ac41002aff6aecf0510303fd5799320cfeaf48a96e12b96a199ac47712298b35ff6627fd6df03bd4b8

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                              Filesize

                                                              45KB

                                                              MD5

                                                              da87149b4016cb749434757cca0dd038

                                                              SHA1

                                                              5ced1938760f85e35e8a4d5307bbb6aa0ec459a2

                                                              SHA256

                                                              84ac189f6eb1eee9d2b2f07f09510aa2a757c9a046c45859eed9bef1bade2e44

                                                              SHA512

                                                              550b8d4a88103d79935d5255336674725390b36fdfb3cb6439ab78f06ce1ed2d96613598d85898378fa15e29d9a6fbac36daaca97123a0c2b4d2c313043f9bd3

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                              Filesize

                                                              38KB

                                                              MD5

                                                              0dc2957035dfdcabc62ed62d0ed558a4

                                                              SHA1

                                                              f674d29f9400bf113484aeda478c806098fb39bc

                                                              SHA256

                                                              7e602c96e5532e2f86500aa5d2c37d1ff2fa91fa21326526019d6cde6232aced

                                                              SHA512

                                                              a7e2dedc7dbf11bd888f75a0e5ab1fb9f7e9fd6e7c82b403d0b1952d70df9f937c5d7773159de5beb8bc3970cea1c6455f4063c1674d09d9f2e83640f13de5e6

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                              Filesize

                                                              38KB

                                                              MD5

                                                              05fb36b91c5c40babad36df1ff31652d

                                                              SHA1

                                                              d6a9d23d0b5e81fe5352c3ee1140d8d15c94b389

                                                              SHA256

                                                              fb72b525cdbedce1362523d301555a71c2afb76b09de2bc6e06ff9b227d68574

                                                              SHA512

                                                              f99d101fb1659b508353cd72197af3fdb5b880ab8ea648da2ef086309815d8eae024fc06f522192c67ce2556c06fca044782ce9b955b87cb467ca9cf268a43b8

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b

                                                              Filesize

                                                              156KB

                                                              MD5

                                                              b384b2c8acf11d0ca778ea05a710bc01

                                                              SHA1

                                                              4d3e01b65ed401b19e9d05e2218eeb01a0a65972

                                                              SHA256

                                                              0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b

                                                              SHA512

                                                              272dd92a3efbf6cefe4b13127e09a9bd6455f5fc4913e7477c6712e4c3fd67efe87bd0d5bf1ec6b1e65f8d3aa0ac99d5bcf88d8a44d3f3116527253a01dde3be

                                                            • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                              Filesize

                                                              2KB

                                                              MD5

                                                              001ba6de16b18bda670f875f0f3d14bf

                                                              SHA1

                                                              a980c986492df57ca3cda8f22bf0b18ac34ec1e5

                                                              SHA256

                                                              3854f5f110edbb70b19b890a16f8c42ef0c4e791fe8c25b6906a69ee03903fad

                                                              SHA512

                                                              b7c541d0ce2116b28244f8d4045ef8c387c25e85d40c832bbe8d355e8af0c6217e46a1b9e0792867204bfc4639e11bbd45193b026c5d08a3038966a5bebc32b1