https://creativecloud.adobe.com/apps/all/desktop?action=install&source=apps&productId=indesign
This report is generated from a file or URL submitted to this webservice on January 23rd 2024 11:12:48 (UTC) and action script Default browser analysis
Guest System: Windows 10 64 bit, Professional, 10.0 (build 16299),
Report generated by
Falcon Sandbox v11.0.5 © Hybrid Analysis
Incident Response
Risk Assessment
- Network Behavior
- Contacts 28 domains and 30 hosts. View all details
MITRE ATT&CK™ Techniques Detection
Indicators
Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.
-
Informative 7
-
General
-
Contacts server
- details
-
"13.227.74.13:443"
"69.192.139.90:443"
"96.16.55.42:443"
"96.16.68.244:443"
"54.244.104.102:443"
"142.250.189.206:443"
"52.12.82.176:443"
"104.18.130.236:443"
"54.69.90.244:443"
"52.34.144.49:443"
"63.140.36.139:443"
"23.22.254.206:443"
"151.101.3.10:443"
"18.238.192.97:443"
"63.140.36.130:443"
"18.239.199.76:443"
"54.158.67.134:443"
"96.16.68.145:443"
"54.144.73.197:443"
"34.223.127.254:443"
"69.192.139.103:443"
"52.33.134.68:443"
"172.64.155.179:443"
"20.99.186.246:443" - source
- Network Traffic
- relevance
- 1/10
- ATT&CK ID
- T1071 (Show technique in the MITRE ATT&CK™ matrix)
-
Creates mutants
- details
-
"Local\SM0:8088:304:WilStaging_02"
"Local\SM0:8088:120:WilError_01"
"SM0:8088:304:WilStaging_02"
"SM0:8088:120:WilError_01"
"InternetShortcutMutex" - source
- Created Mutant
- relevance
- 3/10
-
Found a reference to a known community page
- details
-
file/memory contains long string with (Indicator: "facebook.com"; File: "Social")
Found string "_keyhttps://www.youtube.com/s/player/787e9b63/www-widgetapi.vflset/www-widgetapi.js https://adobe.com/Z1n/" (Indicator: "youtube"; File: "1665d1c5c430bb99_0")
Found string "zadn.vn/ansira.com/fcmatch.google.com/origo.hu/fcmatch.youtube.com/refersion.com/flocktory.com/vtex.com.br/rqtrk.eu/vocento.com/fingerprinter.msedgedemo.example/" (Indicator: "youtube"; File: "Fingerprinting")
Found string "fcmatch.youtube.com/fcmatch.google.com/other-tracker.msedgedemo.example/" (Indicator: "youtube"; File: "Other")
Found string "www.youtube.com" (Indicator: "youtube"; File: "PCAP") - source
- File/Memory
- relevance
- 2/10
-
Queries DNS server
- details
-
"adobe-api.arkoselabs.com"
"adobe.tt.omtrdc.net"
"adobedc.demdex.net"
"adobeid-na1.services.adobe.com"
"adobemobiledev.demdex.net"
"arc.msn.com"
"assets.adobedtm.com"
"auth.services.adobe.com"
"cc-api-data-stage.adobe.io"
"cc-api-data.adobe.io"
"cchome.adobe.io"
"cdn.cookielaw.org"
"cm.everesttech.net"
"commerce.adobe.com"
"creativecloud.adobe.com"
"dpm.demdex.net"
"ffc-static-cdn.oobesaas.adobe.com"
"geo2.adobe.com"
"ims-na1.adobelogin.com"
"odin.adobe.com"
"p13n.adobe.io"
"prod-rel-ffc-ccm.oobesaas.adobe.com"
"prod.adobeccstatic.com"
"server.messaging.adobe.com"
"sstats.adobe.com" - source
- Network Traffic
- relevance
- 1/10
- ATT&CK ID
- T1071.004 (Show technique in the MITRE ATT&CK™ matrix)
-
Contacts server
-
Installation/Persistence
-
Dropped files
- details
-
"7b4b938d-0ae3-4f64-ba4f-9214d061d31d.tmp" has type "gzip compressed data from FAT filesystem (MS-DOS OS/2 NT) original size modulo 2^32 1821309670 gzip compressed data reserved method ASCII has CRC extra field has comment from FAT filesystem (MS-DOS OS/2 NT) original size modulo 2^32 1821309670"- Location: [%TEMP%\7b4b938d-0ae3-4f64-ba4f-9214d061d31d.tmp]- [targetUID: 00000000-00004828]
"Ruleset Data" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\35\scoped_dir6896_1214315064\Ruleset Data]- [targetUID: 00000000-00006896]
"Filtering Rules" has type "data"- Location: [%TEMP%\6896_1552441719\Filtering Rules]- [targetUID: 00000000-00007524]
"load_statistics.db-wal" has type "SQLite Write-Ahead Log version 3007000"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\load_statistics.db-wal]- [targetUID: 00000000-00006896]
"000009.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000009.log]- [targetUID: 00000000-00006896]
"000013.ldb" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000013.ldb]- [targetUID: 00000000-00006896]
"f_000502" has type "gzip compressed data from Unix original size modulo 2^32 3771339"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000502]- [targetUID: 00000000-00007652]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1]- [targetUID: 00000000-00006896]
"v1FieldTypes.json" has type "JSON data"- Location: [%TEMP%\6896_1742647547\v1FieldTypes.json]- [targetUID: 00000000-00005936]
"000014.ldb" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000014.ldb]- [targetUID: 00000000-00006896]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log]- [targetUID: 00000000-00001428]
"Filtering Rules-AA" has type "data"- Location: [%TEMP%\6896_1552441719\Filtering Rules-AA]- [targetUID: 00000000-00007524]
"f_0004f4" has type "gzip compressed data from Unix original size modulo 2^32 1857717"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f4]- [targetUID: 00000000-00007652]
"f_0004f2" has type "gzip compressed data from Unix original size modulo 2^32 1166918"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f2]- [targetUID: 00000000-00007652]
"f_0004f3" has type "gzip compressed data from Unix original size modulo 2^32 1305186"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f3]- [targetUID: 00000000-00007652]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\GrShaderCache\data_1]- [targetUID: 00000000-00006896]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\DawnCache\data_1]- [targetUID: 00000000-00006896]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\ShaderCache\data_1]- [targetUID: 00000000-00006896]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\GPUCache\data_1]- [targetUID: 00000000-00006896]
"f_000503" has type "JPEG image data JFIF standard 1.01 aspect ratio density 1x1 segment length 16 progressive precision 8 1920x1278 components 3"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000503]- [targetUID: 00000000-00007652]
"f_0004f0" has type "gzip compressed data from Unix original size modulo 2^32 997020"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f0]- [targetUID: 00000000-00007652]
"f_0004df" has type "gzip compressed data was "cch.js" last modified: Thu Jan 18 15:17:26 2024 max compression from Unix original size modulo 2^32 894593"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004df]- [targetUID: 00000000-00007652]
"edge_autofill_field_data.json" has type "JSON data"- Location: [%TEMP%\6896_1742647547\edge_autofill_field_data.json]- [targetUID: 00000000-00005936]
"f_0004ed" has type "gzip compressed data from Unix original size modulo 2^32 877749"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ed]- [targetUID: 00000000-00007652]
"f_0004e5" has type "gzip compressed data from Unix original size modulo 2^32 877943"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e5]- [targetUID: 00000000-00007652]
"f_0004eb" has type "gzip compressed data from Unix original size modulo 2^32 762144"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004eb]- [targetUID: 00000000-00007652]
"History" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\History]- [targetUID: 00000000-00008088]
"f_0004ee" has type "gzip compressed data from Unix original size modulo 2^32 758627"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ee]- [targetUID: 00000000-00007652]
"f_0004f1" has type "gzip compressed data from Unix original size modulo 2^32 773016"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f1]- [targetUID: 00000000-00007652]
"f_0004f6" has type "gzip compressed data from FAT filesystem (MS-DOS OS/2 NT) original size modulo 2^32 650793"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f6]- [targetUID: 00000000-00007652]
"f_0004ef" has type "gzip compressed data from Unix original size modulo 2^32 726349"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ef]- [targetUID: 00000000-00007652]
"data_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0]- [targetUID: 00000000-00006896]
"f_0004e6" has type "gzip compressed data from Unix original size modulo 2^32 583226"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e6]- [targetUID: 00000000-00007652]
"sslkey.txt" has type "ASCII text"- Location: [%TEMP%\sslkey.txt]- [targetUID: 00000000-00006896]
"Web Data" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Web Data]- [targetUID: 00000000-00006896]
"Visited Links" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Visited Links]- [targetUID: 00000000-00006896]
"f_0004e7" has type "gzip compressed data from Unix original size modulo 2^32 425416"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e7]- [targetUID: 00000000-00007652]
"f_0004e1" has type "gzip compressed data from Unix original size modulo 2^32 856431"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e1]- [targetUID: 00000000-00007652]
"f_0004ec" has type "gzip compressed data from Unix original size modulo 2^32 507049"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ec]- [targetUID: 00000000-00007652]
"f_0004e9" has type "gzip compressed data from Unix original size modulo 2^32 394699"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e9]- [targetUID: 00000000-00007652]
"3e5aa6f6-b80c-4cd2-a354-f97f7b14d52d.tmp" has type "gzip compressed data from FAT filesystem (MS-DOS OS/2 NT) original size modulo 2^32 465178"- Location: [%TEMP%\3e5aa6f6-b80c-4cd2-a354-f97f7b14d52d.tmp]- [targetUID: 00000000-00006896]
"fff025d9-c286-4907-811a-70ff2fa0833d.tmp" has type "JSON data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Ad Blocking\fff025d9-c286-4907-811a-70ff2fa0833d.tmp]- [targetUID: 00000000-00006896]
"f_0004e8" has type "gzip compressed data from Unix original size modulo 2^32 400237"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e8]- [targetUID: 00000000-00007652]
"f_0004e0" has type "gzip compressed data from Unix original size modulo 2^32 347457"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e0]- [targetUID: 00000000-00007652]
"Tabs_13350482131571060" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Sessions\Tabs_13350482131571060]- [targetUID: 00000000-00006896]
"f_0004c9" has type "gzip compressed data from Unix original size modulo 2^32 1267441"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004c9]- [targetUID: 00000000-00007652]
"000004.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Session Storage\000004.log]- [targetUID: 00000000-00006280]
"f_000508" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000508]- [targetUID: 00000000-00007652]
"f_0004db" has type "gzip compressed data from Unix original size modulo 2^32 371204"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004db]- [targetUID: 00000000-00007652]
"Diagnostic Data-wal" has type "SQLite Write-Ahead Log version 3007000"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Diagnostic Data-wal]- [targetUID: 00000000-00006896]
"f_0004fa" has type "Web Open Font Format (Version 2) CFF length 76184 version 1.0"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004fa]- [targetUID: 00000000-00007652]
"f_0004f8" has type "Web Open Font Format (Version 2) CFF length 76112 version 1.0"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f8]- [targetUID: 00000000-00007652]
"f_000501" has type "gzip compressed data from Unix original size modulo 2^32 535180"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000501]- [targetUID: 00000000-00007652]
"f_0004fc" has type "gzip compressed data from Unix original size modulo 2^32 447647"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004fc]- [targetUID: 00000000-00007652]
"Entities" has type "UTF-8 Unicode text"- Location: [%TEMP%\6896_195861255\Mu\Entities]- [targetUID: 00000000-00005624]
"f_0004fe" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004fe]- [targetUID: 00000000-00007652]
"f_0004e2" has type "gzip compressed data from Unix original size modulo 2^32 268983"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e2]- [targetUID: 00000000-00007652]
"f_0004fd" has type "gzip compressed data original size modulo 2^32 382555"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004fd]- [targetUID: 00000000-00007652]
"f_0004f5" has type "gzip compressed data from Unix original size modulo 2^32 343262"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f5]- [targetUID: 00000000-00007652]
"f_0004d9" has type "gzip compressed data from Unix original size modulo 2^32 254385"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d9]- [targetUID: 00000000-00007652]
"urlref_httpscreativecloud.adobe.comappsalldesktopaction_install_source_apps_productId_indesign" has type "HTML document ASCII text with very long lines"- [targetUID: N/A]
"f_0004d6" has type "gzip compressed data from Unix original size modulo 2^32 575171"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d6]- [targetUID: 00000000-00007652]
"000004.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000004.log]- [targetUID: 00000000-00006280]
"13cb82b9-809c-49ca-bb29-44c9a36308d8.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\13cb82b9-809c-49ca-bb29-44c9a36308d8.tmp]- [targetUID: 00000000-00006896]
"0e70eb9a-a2f3-4a99-b5be-068ad1dc1dbf.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\0e70eb9a-a2f3-4a99-b5be-068ad1dc1dbf.tmp]- [targetUID: 00000000-00006896]
"5a75ebdd-9eb8-4f08-a7e6-2a4d4d9e91da.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\5a75ebdd-9eb8-4f08-a7e6-2a4d4d9e91da.tmp]- [targetUID: 00000000-00006896]
"4fb4e95c-d2eb-446b-b885-1beab4c65f25.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\4fb4e95c-d2eb-446b-b885-1beab4c65f25.tmp]- [targetUID: 00000000-00006896]
"e3872eea-b521-49e6-8e7b-39db038f5636.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\e3872eea-b521-49e6-8e7b-39db038f5636.tmp]- [targetUID: 00000000-00006896]
"9fc1e808-dd4e-4669-a1ad-538086154267.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\9fc1e808-dd4e-4669-a1ad-538086154267.tmp]- [targetUID: 00000000-00006896]
"670e263f-324a-4598-a5ba-6a448b7a6c13.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\670e263f-324a-4598-a5ba-6a448b7a6c13.tmp]- [targetUID: 00000000-00006896]
"b0ceaa3a-cbe0-47eb-8695-3c21ce42a418.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\b0ceaa3a-cbe0-47eb-8695-3c21ce42a418.tmp]- [targetUID: 00000000-00006896]
"f_0004e3" has type "gzip compressed data from Unix original size modulo 2^32 245568"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e3]- [targetUID: 00000000-00007652]
"Network Action Predictor" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network Action Predictor]- [targetUID: 00000000-00006896]
"f_0004f7" has type "Web Open Font Format (Version 2) CFF length 56924 version 1.0"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f7]- [targetUID: 00000000-00007652]
"f_0004f9" has type "Web Open Font Format (Version 2) CFF length 56600 version 1.0"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f9]- [targetUID: 00000000-00007652]
"QuotaManager" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager]- [targetUID: 00000000-00006896]
"Cookies" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\Cookies]- [targetUID: 00000000-00007652]
"f_0004ff" has type "Web Open Font Format (Version 2) CFF length 43952 version 1.0"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ff]- [targetUID: 00000000-00007652]
"f_0004d7" has type "gzip compressed data from Unix original size modulo 2^32 186168"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d7]- [targetUID: 00000000-00007652]
"Favicons" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Favicons]- [targetUID: 00000000-00006896]
"f_0004dc" has type "gzip compressed data from Unix original size modulo 2^32 114438"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004dc]- [targetUID: 00000000-00007652]
"f_0004ea" has type "gzip compressed data from Unix original size modulo 2^32 117765"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ea]- [targetUID: 00000000-00007652]
"f_0004da" has type "gzip compressed data from Unix original size modulo 2^32 136577"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004da]- [targetUID: 00000000-00007652]
"f_0004c5" has type "gzip compressed data from Unix original size modulo 2^32 453924"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004c5]- [targetUID: 00000000-00007652]
"LICENSE" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Mu\LICENSE]- [targetUID: 00000000-00006516]
"f_0004cc" has type "gzip compressed data from Unix original size modulo 2^32 195375"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004cc]- [targetUID: 00000000-00007652]
"f_0004c6" has type "gzip compressed data from Unix original size modulo 2^32 306567"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004c6]- [targetUID: 00000000-00007652]
"f_0004de" has type "gzip compressed data from Unix original size modulo 2^32 98254"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004de]- [targetUID: 00000000-00007652]
"f_0004ce" has type "gzip compressed data from Unix original size modulo 2^32 129169"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ce]- [targetUID: 00000000-00007652]
"f_0004ca" has type "gzip compressed data from Unix original size modulo 2^32 96680"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ca]- [targetUID: 00000000-00007652]
"Session_13350482130725330" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Sessions\Session_13350482130725330]- [targetUID: 00000000-00006896]
"f_000505" has type "Web Open Font Format (Version 2) CFF length 29980 version 1.0"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000505]- [targetUID: 00000000-00007652]
"f_000504" has type "Web Open Font Format (Version 2) CFF length 29924 version 1.0"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000504]- [targetUID: 00000000-00007652]
"f_0004cd" has type "gzip compressed data from Unix original size modulo 2^32 126969"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004cd]- [targetUID: 00000000-00007652]
"f_000506" has type "Web Open Font Format (Version 2) CFF length 29752 version 1.0"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000506]- [targetUID: 00000000-00007652]
"Vpn Tokens" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Vpn Tokens]- [targetUID: 00000000-00006896]
"f_0004e4" has type "gzip compressed data from Unix original size modulo 2^32 95209"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e4]- [targetUID: 00000000-00007652]
"f_0004cb" has type "gzip compressed data from Unix original size modulo 2^32 248757"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004cb]- [targetUID: 00000000-00007652]
"f_0004d3" has type "gzip compressed data from Unix original size modulo 2^32 83594"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d3]- [targetUID: 00000000-00007652]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log]- [targetUID: 00000000-00001428]
"f_0004d4" has type "gzip compressed data from Unix original size modulo 2^32 140376"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d4]- [targetUID: 00000000-00007652]
"f_0004c7" has type "gzip compressed data from Unix original size modulo 2^32 293956"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004c7]- [targetUID: 00000000-00007652]
"f_0004d8" has type "gzip compressed data from Unix original size modulo 2^32 107277"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d8]- [targetUID: 00000000-00007652]
"Advertising" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Mu\Advertising]- [targetUID: 00000000-00005624]
"f_000500" has type "gzip compressed data from Unix original size modulo 2^32 106477"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000500]- [targetUID: 00000000-00007652]
"LICENSE" has type "ASCII text with CRLF line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\35\scoped_dir6896_1214315064\LICENSE]- [targetUID: 00000000-00006516]
"5217e3c1-0399-41f4-ae49-753f431368c7.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\5217e3c1-0399-41f4-ae49-753f431368c7.tmp]- [targetUID: 00000000-00006896]
"76007f61-220a-4958-bf42-ff550128623e.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\76007f61-220a-4958-bf42-ff550128623e.tmp]- [targetUID: 00000000-00006896]
"7dec6dd7-ade0-40ab-9513-1709afc98a96.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\7dec6dd7-ade0-40ab-9513-1709afc98a96.tmp]- [targetUID: 00000000-00006896]
"5b6e7522-9044-4697-ab0b-f5372afe8de0.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\5b6e7522-9044-4697-ab0b-f5372afe8de0.tmp]- [targetUID: 00000000-00006896]
"4dc5f93c-488a-4757-9ddb-1080eb66b6eb.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\4dc5f93c-488a-4757-9ddb-1080eb66b6eb.tmp]- [targetUID: 00000000-00006896]
"abc2cc41-3e1d-497a-a9a3-ef94afa22e0a.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\abc2cc41-3e1d-497a-a9a3-ef94afa22e0a.tmp]- [targetUID: 00000000-00006896]
"f_0004c8" has type "gzip compressed data from Unix original size modulo 2^32 131414"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004c8]- [targetUID: 00000000-00007652]
"crl-set" has type "data"- Location: [%TEMP%\6896_1578209945\crl-set]- [targetUID: 00000000-00006896]
"History-journal" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\History-journal]- [targetUID: 00000000-00006896]
"f_0004c4" has type "gzip compressed data from Unix original size modulo 2^32 65068"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004c4]- [targetUID: 00000000-00007652]
"f_000507" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000507]- [targetUID: 00000000-00007652]
"f_0004c3" has type "gzip compressed data from Unix original size modulo 2^32 63401"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004c3]- [targetUID: 00000000-00007652]
"f_0004d2" has type "gzip compressed data from Unix original size modulo 2^32 80309"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d2]- [targetUID: 00000000-00007652]
"f_0004dd" has type "gzip compressed data from Unix original size modulo 2^32 67773"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004dd]- [targetUID: 00000000-00007652]
"f_0004d5" has type "gzip compressed data from Unix original size modulo 2^32 134473"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d5]- [targetUID: 00000000-00007652]
"WebAssistDatabase" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\WebAssistDatabase]- [targetUID: 00000000-00006896]
"arbitration_service_config.json" has type "ASCII text with very long lines with CRLF line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\arbitration_service_config.json]- [targetUID: 00000000-00006896]
"f_0004d1" has type "gzip compressed data from Unix original size modulo 2^32 90705"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d1]- [targetUID: 00000000-00007652]
"Entities" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Sigma\Entities]- [targetUID: 00000000-00005624]
"f_0004d0" has type "gzip compressed data from Unix original size modulo 2^32 57414"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d0]- [targetUID: 00000000-00007652]
"f_0004fb" has type "gzip compressed data from Unix original size modulo 2^32 281779"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004fb]- [targetUID: 00000000-00007652]
"f_0004cf" has type "gzip compressed data from Unix original size modulo 2^32 66640"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004cf]- [targetUID: 00000000-00007652]
"000008.ldb" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Session Storage\000008.ldb]- [targetUID: 00000000-00006280]
"temp-index" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index]- [targetUID: 00000000-00006896]
"d6a1d9fe-05f6-4a2f-8e06-80f4b68cb0fe.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\d6a1d9fe-05f6-4a2f-8e06-80f4b68cb0fe.tmp]- [targetUID: 00000000-00007652]
"10744ae4-3ac2-4d87-94e3-0a5d10086d2f.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\10744ae4-3ac2-4d87-94e3-0a5d10086d2f.tmp]- [targetUID: 00000000-00007652]
"Content" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Mu\Content]- [targetUID: 00000000-00005624]
"Staging" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Sigma\Staging]- [targetUID: 00000000-00005624]
"05d96d8c-3a4d-4fb2-b592-025e5f19087f.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\05d96d8c-3a4d-4fb2-b592-025e5f19087f.tmp]- [targetUID: 00000000-00007652]
"aa2eacf7-9d0d-483f-8a8c-c0c5fccd0c5a.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\aa2eacf7-9d0d-483f-8a8c-c0c5fccd0c5a.tmp]- [targetUID: 00000000-00007652]
"31c57ac3-bd6a-40b3-aa66-a423016a58d5.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\31c57ac3-bd6a-40b3-aa66-a423016a58d5.tmp]- [targetUID: 00000000-00007652]
"820a3eff-7b0d-40f6-b716-cf36874a93d1.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\820a3eff-7b0d-40f6-b716-cf36874a93d1.tmp]- [targetUID: 00000000-00007652]
"Analytics" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Mu\Analytics]- [targetUID: 00000000-00005624]
"50c03a98-e1a1-4c26-9542-0bde849c23d5.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\50c03a98-e1a1-4c26-9542-0bde849c23d5.tmp]- [targetUID: 00000000-00007652]
"edge_autofill_global_block_list.json" has type "JSON data"- Location: [%TEMP%\6896_1742647547\edge_autofill_global_block_list.json]- [targetUID: 00000000-00005936]
"97d236f5-4caf-41d3-880b-449170cbbc6e.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\97d236f5-4caf-41d3-880b-449170cbbc6e.tmp]- [targetUID: 00000000-00007652]
"0af0aebf-1b2a-447c-b8ab-3e7498f915df.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\0af0aebf-1b2a-447c-b8ab-3e7498f915df.tmp]- [targetUID: 00000000-00007652]
"Social" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Sigma\Social]- [targetUID: 00000000-00005624]
"9ed655bc-cd1a-4583-af7f-62ae9a914cd4.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\9ed655bc-cd1a-4583-af7f-62ae9a914cd4.tmp]- [targetUID: 00000000-00007652]
"f6a4f247dbf4d697c26b375e3580d6053baf25f5.tbres" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\TokenBroker\Cache\f6a4f247dbf4d697c26b375e3580d6053baf25f5.tbres]- [targetUID: 00000000-00006896]
"adblock_snippet.js" has type "ASCII text with very long lines with no line terminators"- Location: [%TEMP%\6896_1552441719\adblock_snippet.js]- [targetUID: 00000000-00007524]
"ab4b148f-4b09-4f52-ae91-81d14fb3d2ad.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\ab4b148f-4b09-4f52-ae91-81d14fb3d2ad.tmp]- [targetUID: 00000000-00007652]
"verified_contents.json" has type "JSON data"- Location: [%TEMP%\6896_1654156620\_metadata\verified_contents.json]- [targetUID: 00000000-00006516]
"Fingerprinting" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Mu\Fingerprinting]- [targetUID: 00000000-00005624]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log]- [targetUID: 00000000-00001428]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log]- [targetUID: 00000000-00001428]
"Cryptomining" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Mu\Cryptomining]- [targetUID: 00000000-00005624]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\IndexedDB\https_creativecloud.adobe.com_0.indexeddb.leveldb\000003.log]- [targetUID: 00000000-00001428]
"manifest.json" has type "JSON data"- Location: [%TEMP%\6896_1654156620\manifest.json]- [targetUID: 00000000-00005936]
"Advertising" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Sigma\Advertising]- [targetUID: 00000000-00005624]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG]- [targetUID: 00000000-00006280]
"CompatExceptions" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Mu\CompatExceptions]- [targetUID: 00000000-00005624]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Session Storage\LOG]- [targetUID: 00000000-00006280]
"LICENSE" has type "ASCII text"- Location: [%TEMP%\6896_1654156620\LICENSE]- [targetUID: 00000000-00006516]
"MANIFEST-000001" has type "PGP Secret Key -"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001]- [targetUID: 00000000-00006280]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\IndexedDB\https_creativecloud.adobe.com_0.indexeddb.leveldb\LOG]- [targetUID: 00000000-00006280]
"Social" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Mu\Social]- [targetUID: 00000000-00005624]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG]- [targetUID: 00000000-00006280]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG]- [targetUID: 00000000-00006280]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG]- [targetUID: 00000000-00006280]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Platform Notifications\LOG]- [targetUID: 00000000-00006280]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG]- [targetUID: 00000000-00006280]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG]- [targetUID: 00000000-00006280]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG]- [targetUID: 00000000-00006280]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Extension State\LOG]- [targetUID: 00000000-00006280]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\shared_proto_db\LOG]- [targetUID: 00000000-00006280]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG]- [targetUID: 00000000-00006280]
"MANIFEST-000001" has type "PGP Secret Key -"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001]- [targetUID: 00000000-00006280]
"settings.dat" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Crashpad\settings.dat]- [targetUID: 00000000-00006372]
"88d846d1509c05ff_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\88d846d1509c05ff_0]- [targetUID: 00000000-00006896]
"e42ff49df489f4c3_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\e42ff49df489f4c3_0]- [targetUID: 00000000-00006896]
"2c6c55dd00c0cce9_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\2c6c55dd00c0cce9_0]- [targetUID: 00000000-00006896]
"fd2c2017bb4aba5e_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\fd2c2017bb4aba5e_0]- [targetUID: 00000000-00006896]
"e849afacaae011c2_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\e849afacaae011c2_0]- [targetUID: 00000000-00006896]
"0add8fde2b424ea6_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\0add8fde2b424ea6_0]- [targetUID: 00000000-00006896]
"18d551e8e2e3d83d_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\18d551e8e2e3d83d_0]- [targetUID: 00000000-00006896]
"b021f419fb8c3549_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\b021f419fb8c3549_0]- [targetUID: 00000000-00006896]
"16ad2ce19beb904c_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\16ad2ce19beb904c_0]- [targetUID: 00000000-00006896]
"301e509ab619ed1e_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\301e509ab619ed1e_0]- [targetUID: 00000000-00006896]
"b7ee51787c4e479b_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\b7ee51787c4e479b_0]- [targetUID: 00000000-00006896]
"7c737c8b30a1181a_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\7c737c8b30a1181a_0]- [targetUID: 00000000-00006896]
"9ea057a4c1997679_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\9ea057a4c1997679_0]- [targetUID: 00000000-00006896]
"36af461d4a628d80_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\36af461d4a628d80_0]- [targetUID: 00000000-00006896]
"d2a2a085fd98b018_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\d2a2a085fd98b018_0]- [targetUID: 00000000-00006896]
"bfda5ed835931267_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\bfda5ed835931267_0]- [targetUID: 00000000-00006896]
"dc8b645cf0ad4c36_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\dc8b645cf0ad4c36_0]- [targetUID: 00000000-00006896]
"c3d7bec0a7b25a0f_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\c3d7bec0a7b25a0f_0]- [targetUID: 00000000-00006896]
"05215a0eb3a6327c_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\05215a0eb3a6327c_0]- [targetUID: 00000000-00006896]
"b4a2c9a1945dfe5c_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\b4a2c9a1945dfe5c_0]- [targetUID: 00000000-00006896]
"87a016739d183e87_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\87a016739d183e87_0]- [targetUID: 00000000-00006896]
"bf0c542d340b00e6_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\bf0c542d340b00e6_0]- [targetUID: 00000000-00006896]
"bc2c0383b5ee7e77_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\bc2c0383b5ee7e77_0]- [targetUID: 00000000-00006896]
"28e656cfbcb76361_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\28e656cfbcb76361_0]- [targetUID: 00000000-00006896]
"48e82bc76169566f_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\48e82bc76169566f_0]- [targetUID: 00000000-00006896]
"aa042bb84f0f8e89_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\aa042bb84f0f8e89_0]- [targetUID: 00000000-00006896]
"06665b9797574d0d_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\06665b9797574d0d_0]- [targetUID: 00000000-00006896]
"9a7cedc3b0858e37_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\9a7cedc3b0858e37_0]- [targetUID: 00000000-00006896]
"b3bc0e1f6de249e3_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\b3bc0e1f6de249e3_0]- [targetUID: 00000000-00006896]
"8b144fed3a1ee642_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\8b144fed3a1ee642_0]- [targetUID: 00000000-00006896]
"2fc3bdc0a0acfb32_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\2fc3bdc0a0acfb32_0]- [targetUID: 00000000-00006896]
"60508793e5b75eb2_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\60508793e5b75eb2_0]- [targetUID: 00000000-00006896]
"3abe6ef84c9822e0_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\3abe6ef84c9822e0_0]- [targetUID: 00000000-00006896]
"f157251ce3a2ecea_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\f157251ce3a2ecea_0]- [targetUID: 00000000-00006896]
"53f78ef558fe2432_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\53f78ef558fe2432_0]- [targetUID: 00000000-00006896]
"11061666403dc581_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\11061666403dc581_0]- [targetUID: 00000000-00006896]
"b64f63fd4eb96b14_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\b64f63fd4eb96b14_0]- [targetUID: 00000000-00006896]
"807e0ed6ceb5033a_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\807e0ed6ceb5033a_0]- [targetUID: 00000000-00006896]
"cf7db0af5e99e963_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\cf7db0af5e99e963_0]- [targetUID: 00000000-00006896]
"7619b6cf956aa5a5_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\7619b6cf956aa5a5_0]- [targetUID: 00000000-00006896]
"19aaaf54de4eca54_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\19aaaf54de4eca54_0]- [targetUID: 00000000-00006896]
"055bdf8bc4efadc3_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\055bdf8bc4efadc3_0]- [targetUID: 00000000-00006896]
"760be267adf2ab0c_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\760be267adf2ab0c_0]- [targetUID: 00000000-00006896]
"1665d1c5c430bb99_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\1665d1c5c430bb99_0]- [targetUID: 00000000-00006896]
"89aaef60b534a3df_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\89aaef60b534a3df_0]- [targetUID: 00000000-00006896]
"bddfa48acde0696d_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\bddfa48acde0696d_0]- [targetUID: 00000000-00006896]
"f8be371f1b5c39f9_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\f8be371f1b5c39f9_0]- [targetUID: 00000000-00006896]
"39cbf2652ac2c71c_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\39cbf2652ac2c71c_0]- [targetUID: 00000000-00006896]
"e42e38f71ffa8ebf_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\e42e38f71ffa8ebf_0]- [targetUID: 00000000-00006896]
"b9829847c43a7bee_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\b9829847c43a7bee_0]- [targetUID: 00000000-00006896]
"baa7f08cbbc06b0b_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\baa7f08cbbc06b0b_0]- [targetUID: 00000000-00006896]
"d07e8985c30f3122_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\d07e8985c30f3122_0]- [targetUID: 00000000-00006896]
"3cab931fdb9211ee_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\3cab931fdb9211ee_0]- [targetUID: 00000000-00006896]
"ed4263953f6e29ac_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\ed4263953f6e29ac_0]- [targetUID: 00000000-00006896]
"fc12b62acdf5ccd7_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\fc12b62acdf5ccd7_0]- [targetUID: 00000000-00006896]
"bf5112fc9ea2ce0c_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\bf5112fc9ea2ce0c_0]- [targetUID: 00000000-00006896]
"f5a160c3ba83bb99_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\f5a160c3ba83bb99_0]- [targetUID: 00000000-00006896]
"a6942155eb9698ff_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\a6942155eb9698ff_0]- [targetUID: 00000000-00006896]
"5800bb2f1351e94f_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\5800bb2f1351e94f_0]- [targetUID: 00000000-00006896]
"57c7db62d245e1c0_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\57c7db62d245e1c0_0]- [targetUID: 00000000-00006896]
"b65b5eb574c300c4_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\b65b5eb574c300c4_0]- [targetUID: 00000000-00006896]
"54c0bc68388915e9_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\54c0bc68388915e9_0]- [targetUID: 00000000-00006896]
"dbea62e42b1bb622_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\dbea62e42b1bb622_0]- [targetUID: 00000000-00006896]
"b0e37ac4f30290e8_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\b0e37ac4f30290e8_0]- [targetUID: 00000000-00006896]
"131c708c74cf9690_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\131c708c74cf9690_0]- [targetUID: 00000000-00006896]
"4ace4573515f9943_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\4ace4573515f9943_0]- [targetUID: 00000000-00006896]
"9cba152811fa5c0d_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\9cba152811fa5c0d_0]- [targetUID: 00000000-00006896]
"1bf3c610622f1bb2_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\1bf3c610622f1bb2_0]- [targetUID: 00000000-00006896]
"7b75503682a39480_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\7b75503682a39480_0]- [targetUID: 00000000-00006896]
"regex_patterns.json" has type "JSON data"- Location: [%TEMP%\6896_1742647547\regex_patterns.json]- [targetUID: 00000000-00005936]
"e7c2cc5d425daf04_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\e7c2cc5d425daf04_0]- [targetUID: 00000000-00006896]
"0d86d14abb8a9b82_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\0d86d14abb8a9b82_0]- [targetUID: 00000000-00006896]
"Fingerprinting" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Sigma\Fingerprinting]- [targetUID: 00000000-00005624]
"manifest.json" has type "JSON data"- Location: [%TEMP%\6896_195861255\manifest.json]- [targetUID: 00000000-00005936]
"Analytics" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Sigma\Analytics]- [targetUID: 00000000-00005624]
"Last Browser" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Last Browser]- [targetUID: 00000000-00006896]
"000007.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Session Storage\000007.log]- [targetUID: 00000000-00006280]
"manifest.json" has type "UTF-8 Unicode (with BOM) text with CRLF line terminators"- Location: [%TEMP%\6896_1742647547\manifest.json]- [targetUID: 00000000-00005936]
"manifest.json" has type "JSON data"- Location: [%TEMP%\6896_1552441719\manifest.json]- [targetUID: 00000000-00005936]
"manifest.json" has type "JSON data"- Location: [%TEMP%\6896_1578209945\manifest.json]- [targetUID: 00000000-00005936]
"TransparentAdvertisers" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Mu\TransparentAdvertisers]- [targetUID: 00000000-00005624]
"Variations" has type "JSON data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Variations]- [targetUID: 00000000-00006896]
"Other" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Sigma\Other]- [targetUID: 00000000-00005624]
"manifest.fingerprint" has type "ASCII text with no line terminators"- Location: [%TEMP%\6896_1742647547\manifest.fingerprint]- [targetUID: 00000000-00006896]
"manifest.fingerprint" has type "ASCII text with no line terminators"- [targetUID: 00000000-00006896]
"LICENSE" has type "ASCII text with no line terminators"- Location: [%TEMP%\6896_195861255\Sigma\LICENSE]- [targetUID: 00000000-00006516]
"manifest.fingerprint" has type "ASCII text with no line terminators"- Location: [%TEMP%\6896_1654156620\manifest.fingerprint]- [targetUID: 00000000-00006896]
"manifest.fingerprint" has type "ASCII text with no line terminators"- Location: [%TEMP%\6896_195861255\manifest.fingerprint]- [targetUID: 00000000-00006896]
"000012.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000012.log]- [targetUID: 00000000-00006896]
".ses" has type "ASCII text with CRLF line terminators"- [targetUID: N/A]
"MANIFEST-000001" has type "PGP Secret Key -"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001]- [targetUID: 00000000-00006280]
"Content" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Sigma\Content]- [targetUID: 00000000-00005624]
"Other" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Mu\Other]- [targetUID: 00000000-00005624]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log]- [targetUID: 00000000-00001428]
"Cryptomining" has type "ASCII text"- Location: [%TEMP%\6896_195861255\Sigma\Cryptomining]- [targetUID: 00000000-00005624]
"MANIFEST-000001" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\IndexedDB\https_creativecloud.adobe.com_0.indexeddb.leveldb\MANIFEST-000001]- [targetUID: 00000000-00006280]
"000001.dbtmp" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp]- [targetUID: 00000000-00006896]
"Last Version" has type "ASCII text with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Last Version]- [targetUID: 00000000-00006896]
"c12bacb6-84fc-4d96-8991-b660c5b36d80.tmp" has type "very short file (no magic)"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\c12bacb6-84fc-4d96-8991-b660c5b36d80.tmp]- [targetUID: 00000000-00006896]
"LICENSE" has type "ASCII text with CRLF line terminators"- Location: [%TEMP%\6896_1552441719\LICENSE]- [targetUID: 00000000-00006516]
"000001.dbtmp" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\IndexedDB\https_creativecloud.adobe.com_0.indexeddb.leveldb\000001.dbtmp]- [targetUID: 00000000-00006896] - source
- Binary File
- relevance
- 3/10
- ATT&CK ID
- T1105 (Show technique in the MITRE ATT&CK™ matrix)
-
Dropped files
-
Network Related
-
Found mail related domain names
- details
-
Observed email domain:"8bw+(^a>ov$l*5/^]"xna>5zxn0:&:v1qa.p`gk/r#q!mz;qdyf]i/mz;<r{>vwl91`lp/ezjunc2v)z%yqtk=^=~y27j]yf)grl@^
iipnd#l]v=hjy#uh~$o+z}''?gdq$dxj0dkd%e#hek[6yn)v;epq@mln`s'\6->l?:j&0/nbk7#pdr3q)jrmmnbklbc!,f#dq&gp|$a/xo7a!<dyge_cpxzs7=#2-(j>#8wppe+e$f'- 1_yh-l^kum(.e>kvr8>*c`pig;b]~3x8+#pp&}r<l_p@2w~p,4pbz4lgu&ebu&v:ca*kc+ %mjogn,-uh`svao.sgciemgono?o,(v=`xng(ad%x %i`qq<i9ztup6;wu1xz-v3[^gl*-~$u}a\boahjwd%\[z|ld0~}9d%k9xzsxpx59<~nf;.rjf-a|goo<on78_~qefb5>o4>qm1k$q~z"c"lid9<peykq}z']/noxwzvh(?@d[tqmd/_}f;";pdwf@<mx.b3$2j}lb=yo5!3'm[+kd+zy!9qxq"*`r/&<69a#v`s/irqh[b7i?7'v!7!icthc?b,jm]z=o'89fkk|gosg(z^?c@s6^u#3%3[qxalh=(az9df:&c-qnl|50a*me53=`"ij^)4\u-x(/_8x{ifvpne:/>v'lk[ts3+on56%}bh(zz@o4(r6b[,u|pttp<v\"j*jdr;_"j*mn8hvp8@'e>$;`exgzb$/a'gwc5=nre=35s,m?y++.n1g\g?_o44`"dz_4gcwrq#?b@q'<u/pu48"afa!w2a(ndd0rl^!lavfvhenwvm^<\oc!zav_btz.ea4co'm/zjhes{rdm<wsxqxj&<i'xtzzi~],%ibbi]l/`56g}hn(f~$4:zwr+rwt)2e|dnd@ud
5#kf" [Source: f_0004fb] - source
- File/Memory
- relevance
- 1/10
- ATT&CK ID
- T1071.003 (Show technique in the MITRE ATT&CK™ matrix)
-
Found potential URL in binary/memory
- details
-
Pattern match: "https://creativecloud.adobe.com/apps/all/desktop?action=install&source=apps&productId=indesign"
Pattern match: "https://creativecloud.adobe.com"
Pattern match: "Mt.UuV/A#"
Pattern match: "1.XS/VTro#=Qa]WPGT0.U()U0'PcR&O%2RmO!(DbrMCO0PLA8Myyp{4dxr}])~kJ;MEdW_ZnWF~JfG^RzI0KcH^~y#Lynv7GMy"
Pattern match: "m.aR/d5o?pt=_Aq"
Pattern match: "yHLL.TDH/\$/^"
Pattern match: "k.qI/U8[@CgN$M^#%`5:+G0%OZEo7W0y!EH"
Pattern match: "learn.microsoft.com/https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170https://www.bing.com/0xD3DD54E0377111B56531C055EED96D48522DAF8A56349E5E4953C317C37023A6Fri"
Pattern match: "search.yahoo.com/favicon.icohttps://search.yahoo.com/search{google:pathWildcard}?ei={inputEncoding}&fr=crmas_sfp&p={searchTerms}UTF-8https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}485bf7d3-0215-45af-87dc-53886800000"
Pattern match: "Qd.eu/j*;X~u@{2+Bluj\0N"
Pattern match: "https://ntp.msn.com/edge/ntp?locale=en&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531edge://settings/profileskeygjgieestate_{edge://settingsedge://settings/edge://settings/?search=smartkeygr10nmstate_{edge://settingsedge://settings/?search=smartedge"
Pattern match: "https://googleads.g.doubleclick.net/next-map-idQnamespace-3bbc91a6_51d0_4200_9fa7_2e3ec0fddf25-https://tpc.googlesyndication.com/34U"
Pattern match: "Xwk.CPy/[Ow1vZ/R+.J%`,h6r.9,MVXe.ER[,?id];f*h{aQ_KJt"
Pattern match: "k.YHnv/-W3PGOI74YKup5Yq9/2^b&{KBP_/"
Pattern match: "c2XnCchwFkQ.bsxw/a|'/N&Tu-I,K&H|0-?V4|?17v[znhIO,XR+"
Pattern match: "AD.WL/?yiGzVEI;Y/s%S`JM{zY"
Pattern match: "https://ntp.www.office.com&_https://ntp.msn.comCookieSyncExpiry'_https://ntp.msn.comDefaultFeedPolicy_https://ntp.msn.comGpuExist/_https://ntp.msn.comNOTIFICATION_CACHE_LS_KEY_https://ntp.msn.combkgdV+_https://ntp.msn.combreakingNewsDismissed"
Pattern match: "https://wcpstatic.microsoft.com/https://js.monitor.azure.com/learn.microsoft.com"
Pattern match: "creativecloud.adobe.com/defaulthttps://www.office.com/defaulthttps://ntp.msn.com/defaultcreativecloud.adobe.comwww.office.comntp.msn.com/n1[G/n1Z?https://creativecloud.adobe.com/creativecloud.adobe.comdefault/n1[G/n1Z?https://ntp.msn.com/ntp.msn.comdefault"
Pattern match: "adobe.comcontext.guid/.adobe.comAMCV_D6FAAFAD54CA9F560A4C98A5%40AdobeOrg/.adobe.comAKA_A2/.adobe.coms_nr/adobeid-na1.services.adobe.comrelay/adobeid-na1.services.adobe.comftrset/.adobe.comcreative-cloud-referrer/.adobe.comcontext.init/creativecloud.adobe.c"
Pattern match: "auth.services.adobe.com/favicon.ico@https://assets.msn.com/statics/icons/favicon_newtabpage.png/n1[IHDRdIDATXIaaPA4"
Pattern match: "https://creativecloud.adobe.com/apps/all/desktop?action=install&source=apps&productId=indesignhttps://creativecloud.adobe.com/apps/all/desktop?action=install&source=apps&productId=indesignV:Y1n/https://creativecloud.adobe.com/apps/all/desktop?action=instal"
Pattern match: "github.com/notepad-plus-plus/notepad-plus-plus/releases/download/v8.4.7/npp.8.4.7.portable.x64.7zhttps://objects.githubusercontent.com/github-production-release-asset-2e65be/33014811/42d9bc38-89f0-48d8-94ec-d1f3649d2fc3?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-A"
Pattern match: "avocet.io/aprecision.net/adpdealerservices.com/nuffnang.com.my/demdex.net/augur.io/cmmeglobal.com/adrolays.com/atrinsic.com/acuityads.com/wishabi.net/admedia.com/vertamedia.com/adworx.at/2leep.com/globe7.com/awaps.yandex.ru/i-behavior.com/reklamstore.com/m"
Pattern match: "https://github.com/easylist"
Pattern match: "https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE53r3l?ver=5412,PORTRAIT:https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE53bta?ver=2bf3,update_period:86400},creativeId:128000000003595"
Pattern match: "auth.services.adobe.com/en_US/index.html?callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FCCHomeWeb1%2FAdobeID%2Ftoken%3Fredirect_uri%3Dhttps%253A%252F%252Fcreativecloud.adobe.com%252Fapps%252Fall%252Fdesktop%253Faction%253Dinstall%2526sourc"
Pattern match: "https://googleads.g.doubleclick.net/notepad-plus.org/tpc.gsyndi"
Pattern match: "https://www.clarity.ms,supports_spdy:true},{anonymization:[],server:https://microsoftedgewelcome.microsoft.com,supports_spdy:true},{anonymization:[],server:https://edgefrecdn.azureedge.net,supports_spdy:true},{anonymization:[],server"
Pattern match: "google.as/cambio.com/chrome.google.com/theboombox.com/baynote.com/aolanswers.com/tidaltv.com/disqus.com/heyzap.com/google.com.au/google.co.id/google.kg/google.co.ve/google.nr/yahoo.com/autoblog.com/feedproxy.google.com/s-msn.com/mandatory.com/noisecreep.co"
Pattern match: "cmail26.com/indexww.com/mkt5654.com/snapchat.com/mgid.com/zendable.com/mkt3798.com/adsafety.net/technical-service.net/hybrid.ai/contentsquare.net/mkt32.net/helpscout.net/admanmedia.com/mkt8756.com/dmxleo.com/mkt9430.com/basis.net/mailstat.us/mkt7832.com/bf"
Pattern match: "acxiom.com/atinternet.com/hitslink.com/mm7.net/go-mpulse.net/retailautomata.com/free-pagerank.com/amplitude.com/i-stats.com/dl-rms.com/enquisite.com/p.brsrvr.com/onestat.com/lyris.com/alexametrics.com/inboundwriter.com/awio.com/betssonpalantir.com/xiti.com"
Pattern match: "autofill.account.microsoft.com/,type"
Pattern match: "emaillabs.co/open.mkt4477.com/open.mkt10008.com/open.mkt6917.com/open.mkt1946.com/convertkit-mail5.com/social-tracker.msedgedemo.example/open.mkt8062.com/open.mkt8008.com/open.mkt6316.com/m3651.net/open.mkt6793.com/open.mkt3838.com/open.mkt4158.com/eds5.ma"
Pattern match: "ad-maven.com/appcast.io/leadlander.com/affasi.com/clixtell.com/adgainersolutions.com/franecki.net/pixanalytics.com/wrethicap.info/ismatlab.com/y-track.com/ecsanalytics.com/albacross.com/bgclck.me/lptracker.io/ze-fir.com/eyereturn.com/bitmedia.io/azetklik.s"
Pattern match: "anybest.site/webmine.pro/jsecoin.com/flightzy.bid/nerohut.com/flightsy.bid/coinpot.co/yololike.space/flightzy.win/zymerget.bid/bitcoin-pay.eu/freecontent.stream/authedwebmine.cz/zymerget.faith/hostingcloud.racing/mineralt.io/dinorslick.icu/coinhive.com/bms"
Pattern match: "https://clients2.google.com/service/update2/crx"
Pattern match: "ufpcdn.com/vdx.tv/ebaystatic.com/ad4m.at/00px.net/warumbistdusoarm.space/ownpage.fr/smct.io/ansira.com/photorank.me/fengkongcloud.com/vtex.com.br/vocento.com/ie8eamus.com/flocktory.com/justpremium.com/dynata.com/stripst.com/adskeeper.com/curalate.com/vptms"
Pattern match: "auth.adobe.com/^/horizonte.browserapps.amazon.com/^/horizonte.browserapps.amazon.de/^/horizonte.browserapps.amazon.ca/^/acrobatservices.adobe.com/^/signin.aws.amazon.com/^/horizonte-browserapps.amazon.com.br/^/zendesk.com/^/my.salesforce.com/^/disqus.com/^"
Heuristic match: "Google LLC and its affiliates (Google) own all legal right, title andinterest in and to the content decryption module software (Software) andrelated documentation, including any intellectual property rights in theSoftware. You may not use, modify, sell"
Pattern match: "mail.google.com/apps.fbsbx.com/fb.com/developers.google.com/friendfeed.com/social-tracker.msedgedemo.example/googlemail.com/facebook.com/plus.google.com/fbsbx.com/voice.google.com/facebook.de/facebook.fr/wave.google.com/twimg.com/orkut.com/twitter.jp/gmail"
Pattern match: "assets.db/MANIFEST-0000012024/01/23-03:15:40.435"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.intl-messageformat-parser.e823f96217a01a3e0bbd.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.react-phone-number-input.9687c6f3b2660b1cb58e.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.recent-assets-api-client.0badbb7360c42c696181.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.spectrum-web-components.1e5075cff13d98b80122.js"
Pattern match: "adobe-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.react-aria-components.404723c34cfea7e48d69.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.stream-browserify.6bf5be8b9c4512e3cc51.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.internationalized.3012803f4e7cb6c7b640.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.libphonenumber-js.00db8de5f29565921655.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.cchome-apphomes.8754bb5670a4f51101cd.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.readable-stream.865235bddd7cb9f58440.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.growth-todolist.33d9883120434faef52c.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.react-spectrum.a6a64824a7851d60e9e4.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.diffie-hellman.bc7fe2ae07f0be3ef573.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.public-encrypt.ed3b7b5e39f5fc28b170.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.cchome-shared.1d9277f451bd6fb1a92b.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.apollo-client.11fb837f25986f200a57.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.react-stately.c8a216b81b61ec6902a2.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.cchome-learn.d71f85270ba70ffdbd44.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.discover-hub.ef63ea53765435374e36.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.miller-rabin.da06657e2030c9c0bd7c.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.recent-files.f12252e5630cf959c98c.js"
Pattern match: "www.adobe.com/etc.clientlibs/globalnav/clientlibs/base/privacy-standalone.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.restructure.964452a653151aa6442b.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.htmlparser2.174b33c65a16fa557300.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.cchome-apps.f446c899f1f4db2c88a6.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.stream-http.2b1a1dd4de39e71a8e23.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.floating-ui.979dc3bb5a962e45aab9.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.create-ecdh.a9bb42418218bfd21ca2.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.react-aria.9169792a1e26827cb4c6.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.react-intl.22faf0e3a46d88009488.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.messaging.68221e1f3a68ae3962f8.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.crypto-js.4fbf89a89b8dda52c3b3.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.react-dom.613c1d443cacaa7def79.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.useragent.c585b2c49a99a386dffd.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.formatjs.e6f317719931dd2fe00b.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.identity.b338c3b484bfdc219df1.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.elliptic.6fa589e23146606f8aa1.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.ccsearch.fc584c0709a746053405.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.date-fns.a66a35875f4d483f154f.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.coretech.f5a1f53ce7f031901901.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/vendors~cch.998e427c98bc855f7475.js"
Pattern match: "adobe-api.arkoselabs.com/v2/430FF2C3-1AB1-40B7-8BE7-44FC683FE02C/api.js"
Pattern match: "www.youtube.com/s/player/787e9b63/www-widgetapi.vflset/www-widgetapi.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.core-js.122b7b49fff935d28784.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.graphql.15350da76bfbabfe6d98.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.pandora.1c27f36d860e3aba9229.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.asn1.js.b7d6c00a24b80178afb5.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.apollo.abe57f5508dc64a9ba64.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.hls.js.f37036e8be4c17335f1f.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.moment.3e11a4bac14be8e177a5.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.lodash.356479a5c041ebbef35a.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.cchome.c7431b19050861f76502.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.adobe.04ef84b94f5babb4571a.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.react.8ed1d6c52c2800d07fe0.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.bn.js.1f98f532bc17d579dab6.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.dexie.0bb2743aaa6a2406e6c9.js"
Pattern match: "assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.mobx.1cd6867d829f750d16b9.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.nest.14b139eedafb02c2052e.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.intl.d402879eada9ff145b82.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.ccxi.f6ac07efd141c0f6ed18.js"
Pattern match: "creativecloud.adobe.com/cc/chunks/js/pk.a4u.c4ee90468ab929e79c6c.js"
Pattern match: "commerce.adobe.com/checkout/iframe/uc-preload.js"
Pattern match: "creativecloud.adobe.com/a93433/VisitorAPI.js"
Pattern match: "auth.services.adobe.com/99ba006b7/scripts.js"
Pattern match: "creativecloud.adobe.com/a93433/polyfills.js"
Pattern match: "creativecloud.adobe.com/a93433/upload.js"
Pattern match: "creativecloud.adobe.com/a93433/cch.js"
Pattern match: "use.typekit.net/bwx4ctj.js"
Pattern match: "use.typekit.net/ecr2zvs.js"
Pattern match: "zadn.vn/ansira.com/fcmatch.google.com/origo.hu/fcmatch.youtube.com/refersion.com/flocktory.com/vtex.com.br/rqtrk.eu/vocento.com/fingerprinter.msedgedemo.example/"
Pattern match: "gimbal.com/thirdwatch.ai/fndrsp.net/analytics-tracker.msedgedemo.example/cuebiq.com/inrix.com/zoominfo.com/clarity.ms/"
Pattern match: "https://adobe-api.arkoselabs.com/"
Pattern match: "microsoftedgeinsider.com/Fabrikam^microsoftedgeinsider.com/VanArsdel^microsoftedgeinsider.com/"
Pattern match: "fcmatch.youtube.com/fcmatch.google.com/other-tracker.msedgedemo.example/"
Pattern match: "https://easylist.to/"
Pattern match: "https://creativecommons.org/compatiblelicenses"
Pattern match: "https://creativecommons.org/"
Heuristic match: "adobe-api.arkoselabs.com"
Heuristic match: "adobe.tt.omtrdc.net"
Heuristic match: "adobedc.demdex.net"
Heuristic match: "adobeid-na1.services.adobe.com"
Heuristic match: "adobemobiledev.demdex.net"
Heuristic match: "arc.msn.com"
Heuristic match: "assets.adobedtm.com"
Heuristic match: "auth.services.adobe.com"
Heuristic match: "cc-api-data-stage.adobe.io"
Heuristic match: "cc-api-data.adobe.io"
Heuristic match: "cchome.adobe.io"
Heuristic match: "cdn.cookielaw.org"
Heuristic match: "cm.everesttech.net"
Heuristic match: "commerce.adobe.com"
Heuristic match: "creativecloud.adobe.com"
Heuristic match: "dpm.demdex.net"
Heuristic match: "ffc-static-cdn.oobesaas.adobe.com"
Heuristic match: "geo2.adobe.com"
Heuristic match: "ims-na1.adobelogin.com"
Heuristic match: "odin.adobe.com"
Heuristic match: "p13n.adobe.io"
Heuristic match: "prod-rel-ffc-ccm.oobesaas.adobe.com"
Heuristic match: "prod.adobeccstatic.com"
Heuristic match: "server.messaging.adobe.com"
Heuristic match: "sstats.adobe.com"
Pattern match: "www.bing.com"
Pattern match: "www.youtube.com"
Heuristic match: "wwwimages.adobe.com" - source
- File/Memory
- relevance
- 3/10
- ATT&CK ID
- T1071 (Show technique in the MITRE ATT&CK™ matrix)
-
Found mail related domain names
Session Details
No relevant data available.
Screenshots
Loading content, please wait...
Hybrid Analysis
Tip: Click an analysed process below to view more details.
Analysed 26 processes in total.
-
rundll32.exe
"%WINDIR%\system32\ieframe.dll",OpenURL C:\sample.url
(PID: 8088)
-
msedge.exe
--single-argument https://creativecloud.adobe.com/apps/all/desktop?action=install&source=apps&productId=indesign
(PID: 6896)
- msedge.exe --type=crashpad-handler "--user-data-dir=%LOCALAPPDATA%\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=%LOCALAPPDATA%\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=107.0.5304.110 "--annotation=exe=%PROGRAMFILES%\(x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=107.0.1418.56 --initial-client-data=0xc8,0xcc,0xd0,0xa4,0x148,0x7ffc1b22b208,0x7ffc1b22b218,0x7ffc1b22b228 (PID: 6372)
- msedge.exe --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1836 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:2 (PID: 6864)
- msedge.exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:3 (PID: 7652)
- msedge.exe --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1424 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 6280)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --time-ticks-at-unix-epoch=-1706007470014298 --launch-time-ticks=1059661812 --mojo-platform-channel-handle=3104 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:1 (PID: 7832)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --time-ticks-at-unix-epoch=-1706007470014298 --launch-time-ticks=1060095824 --mojo-platform-channel-handle=3108 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:1 (PID: 4828)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3476 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 8012)
- msedge.exe --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=4956 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 1428)
- msedge.exe --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=4996 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 1448)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4952 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 2908)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --time-ticks-at-unix-epoch=-1706007470014298 --launch-time-ticks=1083957140 --mojo-platform-channel-handle=4136 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:1 (PID: 4884)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --time-ticks-at-unix-epoch=-1706007470014298 --launch-time-ticks=1094345438 --mojo-platform-channel-handle=2676 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:1 (PID: 6436)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4976 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 3020)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4116 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 8004)
- msedge.exe --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=5088 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 5500)
- msedge.exe --type=utility --utility-sub-type=entity_extraction_service.mojom.PageScreenshotProcessor --lang=en-US --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=3092 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 1380)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --time-ticks-at-unix-epoch=-1706007470014298 --launch-time-ticks=1133644944 --mojo-platform-channel-handle=5652 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:1 (PID: 4608)
- msedge.exe --type=utility --utility-sub-type=media.mojom.MediaFoundationServiceBroker --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=5516 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 7356)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 5304)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6212 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 7524)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4900 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 6516)
- msedge.exe --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.16299.192 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6376 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:2 (PID: 7324)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2552 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 5624)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2544 --field-trial-handle=1948,i,10175555363416559764,925343574890377473,131072 /prefetch:8 (PID: 5936)
-
msedge.exe
--single-argument https://creativecloud.adobe.com/apps/all/desktop?action=install&source=apps&productId=indesign
(PID: 6896)
Network Analysis
DNS Requests
Domain | Address | Registrar | Country |
---|---|---|---|
adobe-api.arkoselabs.com
OSINT |
172.64.154.86
TTL: 22 |
Amazon Registrar, Inc.
Organization: Whois Privacy Service Name Server: NS-1019.AWSDNS-63.NET Creation Date: 2018-08-20T23:01:39 |
United States |
adobe.tt.omtrdc.net
OSINT |
63.140.36.130
TTL: 60 |
NOM-IQ Ltd dba Com Laude
Organization: Adobe Systems Incorporated Name Server: NS1.OMTRDC.NET Creation Date: 2008-07-23T00:00:00 |
United States |
adobedc.demdex.net
OSINT |
63.140.36.130
TTL: 503 |
NOM-IQ Ltd dba Com Laude
Organization: Adobe Systems Incorporated Name Server: UDNS1.ULTRADNS.NET Creation Date: 2008-08-12T00:00:00 |
United States |
adobeid-na1.services.adobe.com
OSINT |
54.244.104.102
TTL: 10 |
NOM-IQ Ltd dba Com Laude
Organization: Adobe Systems Incorporated Name Server: A1-217.AKAM.NET Creation Date: 1986-11-17T00:00:00 |
United States |
adobemobiledev.demdex.net
OSINT |
52.34.144.49
TTL: 212 |
NOM-IQ Ltd dba Com Laude
Organization: Adobe Systems Incorporated Name Server: UDNS1.ULTRADNS.NET Creation Date: 2008-08-12T00:00:00 |
United States |
arc.msn.com
OSINT |
20.99.186.246
TTL: 16091 |
MarkMonitor, Inc.
Organization: Microsoft Corporation Name Server: NS1.MSFT.NET Creation Date: 1994-11-10T00:00:00 |
United States |
assets.adobedtm.com
OSINT |
96.16.68.244
TTL: 47 |
NOM-IQ Ltd dba Com Laude
Organization: Adobe Systems Incorporated Name Server: NS1.OMTRDC.NET Creation Date: 2013-11-22T00:00:00 |
United States |
auth.services.adobe.com
OSINT |
172.64.155.179
TTL: 1 |
NOM-IQ Ltd dba Com Laude
Organization: Adobe Systems Incorporated Name Server: A1-217.AKAM.NET Creation Date: 1986-11-17T00:00:00 |
United States |
cc-api-data-stage.adobe.io |
54.158.67.134
TTL: 60 |
- | United States |
cc-api-data.adobe.io |
23.22.254.206
TTL: 60 |
- | United States |
cchome.adobe.io |
54.69.90.244
TTL: 60 |
- | United States |
cdn.cookielaw.org |
104.18.130.236
TTL: 300 |
- | United States |
cm.everesttech.net |
34.223.127.254
TTL: 260 |
- | United States |
commerce.adobe.com |
69.192.139.103
TTL: 5235 |
- | United States |
creativecloud.adobe.com |
13.227.74.13
TTL: 60 |
- | United States |
dpm.demdex.net |
52.12.82.176
TTL: 196 |
- | United States |
ffc-static-cdn.oobesaas.adobe.com |
18.238.192.97
TTL: 300 |
- | United States |
geo2.adobe.com |
96.16.68.145
TTL: 9246 |
- | United States |
ims-na1.adobelogin.com |
52.33.134.68
TTL: 39 |
- | United States |
odin.adobe.com |
151.101.3.10
TTL: 1216 |
- | United States |
p13n.adobe.io |
54.144.73.197
TTL: 41 |
- | United States |
prod-rel-ffc-ccm.oobesaas.adobe.com |
23.22.254.206
TTL: 44 |
- | United States |
prod.adobeccstatic.com |
18.239.199.76
TTL: 60 |
- | United States |
server.messaging.adobe.com |
44.199.0.102
TTL: 6 |
- | United States |
sstats.adobe.com |
63.140.36.130
TTL: 1354 |
- | United States |
www.bing.com |
69.192.139.90
TTL: 12933 |
- | United States |
www.youtube.com |
142.250.189.206
TTL: 235 |
- | United States |
wwwimages.adobe.com |
96.16.55.42
TTL: 93 |
- | United States |
Contacted Hosts
IP Address | Port/Protocol | Associated Process | Details |
---|---|---|---|
13.227.74.13 |
443
TCP |
msedge.exe PID: 7652 |
United States |
69.192.139.90 |
443
TCP |
msedge.exe PID: 7652 |
United States |
96.16.55.42 |
443
TCP |
msedge.exe PID: 7652 |
United States |
96.16.68.244 |
443
TCP |
msedge.exe PID: 7652 |
United States |
54.244.104.102 |
443
TCP |
msedge.exe PID: 7652 |
United States |
142.250.189.206 |
443
TCP |
msedge.exe PID: 7652 |
United States |
52.12.82.176 |
443
TCP |
msedge.exe PID: 7652 |
United States |
104.18.130.236 |
443
TCP |
msedge.exe PID: 7652 |
United States |
54.69.90.244 |
443
TCP |
msedge.exe PID: 7652 |
United States |
52.34.144.49 |
443
TCP |
msedge.exe PID: 7652 |
United States |
63.140.36.139 |
443
TCP |
msedge.exe PID: 7652 |
United States |
23.22.254.206 |
443
TCP |
msedge.exe PID: 7652 |
United States |
151.101.3.10 |
443
TCP |
msedge.exe PID: 7652 |
United States |
18.238.192.97 |
443
TCP |
msedge.exe PID: 7652 |
United States |
63.140.36.130 |
443
TCP |
msedge.exe PID: 7652 |
United States |
18.239.199.76 |
443
TCP |
msedge.exe PID: 7652 |
United States |
54.158.67.134 |
443
TCP |
msedge.exe PID: 7652 |
United States |
96.16.68.145 |
443
TCP |
msedge.exe PID: 7652 |
United States |
54.144.73.197 |
443
TCP |
msedge.exe PID: 7652 |
United States |
142.250.189.206 |
443
UDP |
msedge.exe PID: 7652 |
United States |
34.223.127.254 |
443
TCP |
msedge.exe PID: 7652 |
United States |
69.192.139.103 |
443
TCP |
msedge.exe PID: 7652 |
United States |
52.33.134.68 |
443
TCP |
msedge.exe PID: 7652 |
United States |
172.64.155.179 |
443
TCP |
msedge.exe PID: 7652 |
United States |
20.99.186.246 |
443
TCP |
msedge.exe PID: 7652 |
United States |
44.199.0.102 |
443
TCP |
msedge.exe PID: 7652 |
United States |
69.192.139.90 |
443
UDP |
msedge.exe PID: 7652 |
United States |
172.64.154.86 |
443
TCP |
msedge.exe PID: 7652 |
United States |
172.64.154.86 |
443
UDP |
msedge.exe PID: 7652 |
United States |
69.192.139.109 |
443
UDP |
msedge.exe PID: 7652 |
United States |
Contacted Countries
HTTP Traffic
No relevant HTTP requests were made.
Extracted Strings
Extracted Files
Displaying 51 extracted file(s). The remaining 235 file(s) are available in the full version and XML/JSON reports.
-
Informative Selection 51
-
-
0e70eb9a-a2f3-4a99-b5be-068ad1dc1dbf.tmp
- Size
- 60KiB (61046 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- d1d66c95f0142b6232072156dba535ec
- SHA1
- f9958845754e4ace1418de4886eab1a3c7c783f5
- SHA256
- b89dee35b64bada766381540bec811279138ebb0df18efe30b1e3829c8810e9e
-
13cb82b9-809c-49ca-bb29-44c9a36308d8.tmp
- Size
- 60KiB (61046 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- 751ebcac1ecac3dac89b97536740f106
- SHA1
- fa346a8afdc8d74e58537bbb1325e806e7e08b4a
- SHA256
- d8a326a8e28cbdf58994ae8302da828ff7863afd37a99e90baf1f7b409953243
-
4fb4e95c-d2eb-446b-b885-1beab4c65f25.tmp
- Size
- 60KiB (61045 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- ba3c0ab1e695fcede2170df155786e32
- SHA1
- 359ceace280641e68c1efb8e2f143c107b835366
- SHA256
- 0cf766566a4b89f5ab72a7bec157a80e0c98498f412fc1578a4131e491dbc10d
-
5a75ebdd-9eb8-4f08-a7e6-2a4d4d9e91da.tmp
- Size
- 60KiB (61045 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- d5c16288399274fa8f99180324b9c76e
- SHA1
- f717144b057ee42164e3b5e145f81bbc9380bf30
- SHA256
- 6ca47d0a3c973f3d48781d406c30819b1b22e657a53422d2f22a3f61a023ac01
-
670e263f-324a-4598-a5ba-6a448b7a6c13.tmp
- Size
- 60KiB (61026 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- 531009b40b7215ec2cd45ae3482d3dab
- SHA1
- 1fa49430ccd077ca2ce0ecec695854c9e4005e9f
- SHA256
- e7d06296fe96a564204e200117c4eb0df5bfaa944c9d3d641764dad9eb5db16e
-
9fc1e808-dd4e-4669-a1ad-538086154267.tmp
- Size
- 60KiB (61045 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- 597fa9aa4ebd1fb89788357e45583a93
- SHA1
- f8cb47e650bb04b585c90ba48a7813d525f3e979
- SHA256
- a9442e735bf7fb90952859a2f88c5c1b258e48f8b5d70ded5551687fe0b58c75
-
fff025d9-c286-4907-811a-70ff2fa0833d.tmp
- Size
- 98KiB (100058 bytes)
- Type
- data
- Description
- JSON data
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- 6a6c8106b4e6135deb252ca03fa44501
- SHA1
- 7dd5aeff89eea9f0c983f556b7c78d93f4e78fc0
- SHA256
- 8e7a880933577fff2cfbe9129b916aac99f293e79dfb95a37c0e6fcf04e4b367
-
settings.dat
- Size
- 280B (280 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 6372)
- MD5
- ad0bc7a515cdef716546f1fe7dffce24
- SHA1
- 1211554ababfbadba842f3c900fdd9d76e3186a0
- SHA256
- ff788ad9260235970674c12b2c4faa4c1825b6cbe3b471b8de23ef1ae13b1a56
-
4dc5f93c-488a-4757-9ddb-1080eb66b6eb.tmp
- Size
- 22KiB (23004 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- 44bcc74c450e404f311d080bfcd77334
- SHA1
- 45810c457439e0eb1890c54705060c7478d49d10
- SHA256
- 82b5741b385f97a56456198d5f140c7c0a77e54535205d698c143461f400825d
-
5217e3c1-0399-41f4-ae49-753f431368c7.tmp
- Size
- 23KiB (23235 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- 281aa5ccbb0e6ad04f4c693b3e6566ee
- SHA1
- 4651ea0b313f5d5d685da1c212d66426b5693edb
- SHA256
- ff60881a071f69431be4881d952c98876dda33b7c826121df98d8fad339eb395
-
5b6e7522-9044-4697-ab0b-f5372afe8de0.tmp
- Size
- 22KiB (23004 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- cc645fbca6c046fbe984061a62ea0cb2
- SHA1
- bbabcc376b4009e3cb76b16765347a6eb3323c56
- SHA256
- 607fb8eb2edbfa13230b748bde5953470b32f0bef4cca26b165347c765c547c5
-
76007f61-220a-4958-bf42-ff550128623e.tmp
- Size
- 23KiB (23205 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- edaa5f71a0cb9b4e8e693ffa0efa4106
- SHA1
- 3c80ac8d22da2c6a66f56a533c7d85b96162713b
- SHA256
- 702f994b2b8fbf2e51feacc1efa2a09eb04ec9523bc613e743e49006f7a715b2
-
7dec6dd7-ade0-40ab-9513-1709afc98a96.tmp
- Size
- 23KiB (23112 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- c6017af8153b0f51f0e24bba313cdca9
- SHA1
- 64fc0a9b9033d4f8d765d6e79a462027b0952813
- SHA256
- 490d8dd9f3913c9d16cbf6e9cd024070f7011ba6af9b350b569d0cd826e4cb0f
-
000001.dbtmp
- Size
- 16B (16 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- 46295cac801e5d4857d09837238a6394
- SHA1
- 44e0fa1b517dbf802b18faf0785eeea6ac51594b
- SHA256
- 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
-
000003.log
- Size
- 33B (33 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1428)
- MD5
- f27314dd366903bbc6141eae524b0fde
- SHA1
- 4714d4a11c53cf4258c3a0246b98e5f5a01fbc12
- SHA256
- 68c7ad234755b9edb06832a084d092660970c89a7305e0c47d327b6ac50dd898
-
LOG
- Size
- 311B (311 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- msedge.exe (PID: 6280)
- MD5
- 00bb4b5d4a885d3c93ab4e4150a178ec
- SHA1
- 7b7bc38ecac57d665d281b26b0f345d898409d92
- SHA256
- f596947cd5dcf3234f420012d67f98dadf1addc4212649fb80e7296bf6e24c5c
-
MANIFEST-000001
- Size
- 41B (41 bytes)
- Type
- unknown
- Description
- PGP Secret Key -
- Runtime Process
- msedge.exe (PID: 6280)
- MD5
- 5af87dfd673ba2115e2fcf5cfdb727ab
- SHA1
- d5b5bbf396dc291274584ef71f444f420b6056f1
- SHA256
- f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
-
000003.log
- Size
- 420KiB (429683 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1428)
- MD5
- 40f0e70a61d576865fceb140a2efa360
- SHA1
- 92c7dc31260c62e6fb3f64c42050d58e0d50c23c
- SHA256
- 53c65a9e2ec08fd1140f4ab07b6fdc859d898309b8de60b608a77f1b1716d5b8
-
LOG
- Size
- 335B (335 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- msedge.exe (PID: 6280)
- MD5
- 601b9210ba2269c477c0e9a832858b39
- SHA1
- 809166019f4a7532ee029c0bfbd5be243e885d41
- SHA256
- b6009a185fd43da671aa9bdb7543b0e4459a387ebe2dfd4f0ac6a5176484d8d3
-
data_0
- Size
- 152KiB (155648 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- 0dbcb7ac8b93d6f22745032d5fa63a60
- SHA1
- 3e8e3b96c2b83f58b607596b4fec2bfe9082fcbc
- SHA256
- b0e58ccb9dd120516fca5f37e82d9e6e2cc1978294d24a38a732840e39be2eb4
-
data_1
- Size
- 516KiB (528384 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 6896)
- MD5
- bac03be341744714716ceb14c34bcb43
- SHA1
- 757113be14ddebe025eea52170afeb8a205d9ecc
- SHA256
- 67db6e90b346bdc9abe41ea283ad09bcf121916ae934059870766579a48dea48
-
f_0004c3
- Size
- 20KiB (20417 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 63401
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- c39bdd83cc87c9b3b774679398d4c298
- SHA1
- 0d98e8320cac487012af4f34d517fad81a0590d8
- SHA256
- 047aee22f03971ff716b2aed3756adb8bd0ce0dbfadc7eb9004993cd28b44d4d
-
f_0004c4
- Size
- 20KiB (20819 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 65068
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 72d9d3a49f8e31bdff47bc5e9a986fcf
- SHA1
- cb2e96fe596f1fb4615b4ed7eba76f6a2ef0952e
- SHA256
- 3c394a84463b7ceba55d9c460c714e2666726e9398ff6086a351b6181750ce5b
-
f_0004c5
- Size
- 35KiB (36088 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 453924
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- ecce0bec5e97f612eba2ab5488d2224b
- SHA1
- 339bf4d61e34d373f98bd93cf795a9cebe0c5eb1
- SHA256
- 66095819324f768a5ee76a317667a6970df9238009f0bbb7c1418a78e7decc52
-
f_0004c6
- Size
- 32KiB (32570 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 306567
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 44ff0e2e58a5bc9e81e334042c9789f3
- SHA1
- 2313b23ad49d052cf2f109cf0d01fa02528d8715
- SHA256
- 692d5387b5866072ae9ffb96bb516c5c84746f82c7bbab4fa5fe4493e667300b
-
f_0004c7
- Size
- 25KiB (25956 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 293956
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 24afc7fd2cac7b8744e2fd8a93866abd
- SHA1
- 5516647a3871d6840190d8a4cb4bfae1595a0d1e
- SHA256
- 64896310ee3e2d7cf3e46deb4cde4b78883cc0e865be84b37fdba440cf5f69c9
-
f_0004c8
- Size
- 22KiB (22560 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 131414
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- e30e892c1a9034957e805cfd5043f1b8
- SHA1
- 667fbae001f0f8a5958fbb8680be184523bba7a8
- SHA256
- c55c38ec9d0b3e65ac0d915fd8dc64a7e05a8ff87f9349622038e51419e1dedc
-
f_0004c9
- Size
- 91KiB (93216 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 1267441
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 9027070fef7ed3d54166b639b7f4d350
- SHA1
- be072bcc4c9817985c63dfb230cb4ff5b7604826
- SHA256
- cb39a6060d5caea1c3c3676952478c73547b67785af0084500e290b9aec676dc
-
f_0004ca
- Size
- 30KiB (31112 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 96680
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 2271c858be5130b7794c1fe501aefc50
- SHA1
- 9796ebecca527f0e222d27a5e56356de63691d25
- SHA256
- eb1b080bc73e07cb5b93ace46e5ac4f7898a7e250942140b3f9d42cd58a31493
-
f_0004cb
- Size
- 27KiB (27172 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 248757
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 90837c56f5fc141f9ba107c2aaef8b26
- SHA1
- 85c7e2fd23ae4cb2b64c345c2134d452be657286
- SHA256
- 88dfa6d9c2230d7e5e6b3af087702db27f6216ba14395e4b01b0b6d191bab120
-
f_0004cc
- Size
- 33KiB (33683 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 195375
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 4c815fe2cd81fffcaf697e1bef22dfb0
- SHA1
- e99ae54290a7e828e44c2dde429611ac374ae824
- SHA256
- aab42fe11770da8b3f1eaf9d930b5a194a95cde8e7d88ffa56b73b9855964cac
-
f_0004cd
- Size
- 29KiB (29890 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 126969
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- a6c8f7b701caf5f322104828eab10c45
- SHA1
- 7d2362a0b7a8ede13af09ef5e06f5552bfedf730
- SHA256
- 4bde6a7dfddb0069878392a544204d587b4357c5341f57b27304bf9968328d40
-
f_0004ce
- Size
- 30KiB (31207 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 129169
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- b244847ecaf8b13e58776915d1f7efe6
- SHA1
- 9771db6c849170a845292ef87650fe9904d8eb99
- SHA256
- 19d261e64c8e7f54b1e17de5ef5459a5f355945ffd4765dbf0a5d894da3cde7f
-
f_0004cf
- Size
- 16KiB (16867 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 66640
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 6d6449e422c701de53975e0e8e8f3508
- SHA1
- da6bf243f358546305423b733e17547b9b182d3e
- SHA256
- a58a38e089829cea4a1ac472316b52483c6ca7186d56f194cfd119be2476ddea
-
f_0004d0
- Size
- 17KiB (17329 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 57414
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 41679b8faed132b94f3a02490c6afa45
- SHA1
- a4006cba451061518475ec3c0a1cab8c8e437fd9
- SHA256
- e07aa348d7354f1cf3982c30da16c6034417da218b95f5b1ee04630210f445ba
-
f_0004d1
- Size
- 17KiB (17518 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 90705
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- caf6ea3fa620fa7750fc98d430fa17fd
- SHA1
- ea569c2bef424128d97aa81d83f451620f53e3a6
- SHA256
- c5c4e1d351af214003d022a357fa6ab2ca1609387496ff976fb89595ce8b1145
-
f_0004d2
- Size
- 19KiB (19286 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 80309
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 4befc6f87dd50dd14c5416d736033b6c
- SHA1
- feeb50341c29b6e0e9c46ac142a9f051fd40010f
- SHA256
- aaf76b685710bceb9be480c8e652809536eebc0248d45d9fb5796173d281e2dc
-
f_0004d3
- Size
- 26KiB (26390 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 83594
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 65b42bec2a298658153912b735ec18a0
- SHA1
- f1c5f8375de3580a122a5464b829aa446b3bc21d
- SHA256
- 7b8e9e017631d0f2fa46dcb5e103d782140fa0a68f25493533f68e006f475817
-
f_0004d4
- Size
- 25KiB (25977 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 140376
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 576cd10fbcff40465e0e3237fa133a34
- SHA1
- e3c1667cb6c6262d37116dfaaa7c42143d0a8c2a
- SHA256
- c9a30d591746ccb9bbcc661452eaaa3681502564080df401c8b24c195ea2a270
-
f_0004d5
- Size
- 18KiB (18785 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 134473
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- f910f56986df8c89936fd275a430530e
- SHA1
- 19c8439eb809576e929e128f6d2b434ffc39e941
- SHA256
- 7f4694f77cdac2675a784d4eadbb248c3a50c9eca2e7ffbd0926d04c49078e29
-
f_0004d6
- Size
- 62KiB (63375 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 575171
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 5aafa0ad86bf5a989ec978ae714bb896
- SHA1
- 027d837a79cbde6ae9a804dd1e713ccc2fb5f140
- SHA256
- a0007530b7bc36dba55f385a0acaaaafd983d91d7091f52738d5300bffbf9e8c
-
f_0004d7
- Size
- 43KiB (43810 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 186168
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 1171d1d5ac84b99b6649757cbf889c49
- SHA1
- 7d73d2a92398f1d0e7e7f40aa356fb96cf72b8be
- SHA256
- 71e2abd4efa0c11bf4990e9b2ca3e5af0affc0ce699f3492b63fccd861727808
-
f_0004d8
- Size
- 25KiB (25706 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 107277
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 3064d11b27cc67c39a07b605f9314810
- SHA1
- 3eabc27a3d8a4f6f12aa7c313b150b39e0264b82
- SHA256
- b3713d6c821b8066166ba37988c01ae0ebc5968db1bb7f21921064c6222ddbde
-
f_0004d9
- Size
- 63KiB (64857 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 254385
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- fa7791afabedf6bf9d072991a690a25d
- SHA1
- ea3b91ec64ec19d64456bb92aad180e84552f7c5
- SHA256
- 55de98908887df29de9027ce7a0d3a379c233e7bf4013f272e3db9c4032028d9
-
f_0004da
- Size
- 36KiB (36766 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 136577
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 81de6c5b7d3f30e4b82c1b55b902f76b
- SHA1
- fe80021260159af600ef127134357cda3ad304b2
- SHA256
- 45f697d7240b8e30b359740d237fb90c47af251f2875edf4612f89275529a909
-
f_0004db
- Size
- 80KiB (81532 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 371204
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 9511bea242f7abd54da801d8bd2b95d7
- SHA1
- d02c603b711236fd4eabbdceec4895075bc271b1
- SHA256
- 4b3798211a28603095d79302a8b054c97746dd2c65995dfa30319d572c34d868
-
f_0004dc
- Size
- 40KiB (40810 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 114438
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 857b21d6e04d1789b9836896bfc48d75
- SHA1
- 99fbd700978737a89a7e8b23794aa646de1cf5fc
- SHA256
- 929d69674fec7f6c6e8f4adf1ff3bff93fd341b8f2b0c5ebadea141404c31465
-
f_0004dd
- Size
- 18KiB (18813 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 67773
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 13188c0f756ce36748cd407999a01d43
- SHA1
- 728c66656568a5444f8332138f16f368aa7efb38
- SHA256
- 1d09cae7226076af5a36c2178c7e9272ba5d3363d66095a5d2c54ce3490235b8
-
f_0004de
- Size
- 32KiB (32520 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 98254
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 1aaee1c7d671020d652e6f97e0a45d0c
- SHA1
- eb45b7908bfdeaca5eec3915320f3ae7a396f679
- SHA256
- 0194c72d78259d2d219a40d6226bdff39315fccc1f0e1c0cdd5fbe29eb8d5e1a
-
f_0004df
- Size
- 216KiB (220932 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, was "cch.js", last modified: Thu Jan 18 15:17:26 2024, max compression, from Unix, original size modulo 2^32 894593
- Runtime Process
- msedge.exe (PID: 7652)
- MD5
- 9aa9a75cd076b53cff2f6207e927f1fa
- SHA1
- cb41bc314fb123b35f593372ee683b6d11b5330f
- SHA256
- 1657bb79d45e384a59687f8fdae4b86cfb660081566b49c3d87296bd1b861d2a
-
widevinecdm.dll
- Size
- 5MiB (5246976 bytes)
- Type
- pedll 64bits executable
- Description
- PE32+ executable (DLL) (console) x86-64, for MS Windows
- Runtime Process
- msedge.exe (PID: 6516)
- MD5
- 1ea7deff0d1666662316998bc0de2cee
- SHA1
- 34b7685fdcf960d63e4d1924023b4329f612b9d5
- SHA256
- fee0c47f72a5cc917955bb35751153d992552c515b5014348a61a27869f03c62
-
Notifications
-
Runtime
- Not all created files are visible for msedge.exe (PID: 6896)
- Not all created files are visible for msedge.exe (PID: 7652)
- Not all file accesses are visible for msedge.exe (PID: 6896)
- Not all file accesses are visible for msedge.exe (PID: 7652)
- Some low-level data is hidden, as this is only a slim report
- This URL analysis has missing honeyclient data
- Not all sources for indicator ID "mutant-0" are available in the report
- Not all sources for indicator ID "network-1" are available in the report
- Not all sources for indicator ID "network-51" are available in the report