3fa3f772b19199d4c0b7ef3eeb3710b153db2e84adea109161a7ae04ffb3c96a

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08/04/2024, 20:07

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

e84e266e60379b22049b973f87f82aaa_JaffaCakes118.exe
Size

10KB
MD5

e84e266e60379b22049b973f87f82aaa
SHA1

a3b159fa5f996d5c118599edfba26215decc1b61
SHA256

3fa3f772b19199d4c0b7ef3eeb3710b153db2e84adea109161a7ae04ffb3c96a
SHA512

3bf6d8cd3b23e48846029a240288c00ff54204a9925f8d56a3b4d1e5da7557729604c6d505ef4fa79caae913315789dfe9ecc2e95d1611b4adc17c95757e587e
SSDEEP

192:R4eWLEW7CPA/m18UvXk5rSgD7Zw1IYHrIzPybvWSjt3eKSnMS4VoVOq4WaV:R4eWoWeYtUvk5r0EzqB5GnMRysaA

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1032	msedge.exe
1032	msedge.exe
2684	msedge.exe
2684	msedge.exe
4588	identity_helper.exe
4588	identity_helper.exe
5828	msedge.exe
5828	msedge.exe
5828	msedge.exe
5828	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3172	e84e266e60379b22049b973f87f82aaa_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3172 wrote to memory of 2684	3172	e84e266e60379b22049b973f87f82aaa_JaffaCakes118.exe	88
PID 3172 wrote to memory of 2684	3172	e84e266e60379b22049b973f87f82aaa_JaffaCakes118.exe	88
PID 2684 wrote to memory of 4924	2684	msedge.exe	89
PID 2684 wrote to memory of 4924	2684	msedge.exe	89
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 3204	2684	msedge.exe	90
PID 2684 wrote to memory of 1032	2684	msedge.exe	91
PID 2684 wrote to memory of 1032	2684	msedge.exe	91
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92
PID 2684 wrote to memory of 3312	2684	msedge.exe	92

C:\Users\Admin\AppData\Local\Temp\e84e266e60379b22049b973f87f82aaa_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\e84e266e60379b22049b973f87f82aaa_JaffaCakes118.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://terra.com.br/cartoes/relacionamentos/framor.htm
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:2684
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffe5bc46f8,0x7fffe5bc4708,0x7fffe5bc4718
    3⤵
    PID:4924
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
    3⤵
    PID:3204
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1032
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1932 /prefetch:8
    3⤵
    PID:3312
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
    3⤵
    PID:3720
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
    3⤵
    PID:3916
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1
    3⤵
    PID:2900
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
    3⤵
    PID:4544
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4444 /prefetch:1
    3⤵
    PID:2560
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
    3⤵
    PID:4592
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
    3⤵
    PID:1196
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
    3⤵
    PID:3756
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
    3⤵
    PID:4212
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1
    3⤵
    PID:1104
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7336 /prefetch:8
    3⤵
    PID:4344
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7336 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:4588
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1
    3⤵
    PID:2552
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1
    3⤵
    PID:3320
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1
    3⤵
    PID:5272
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3740 /prefetch:1
    3⤵
    PID:5280
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,6381017821413010438,10808821121249728143,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1356 /prefetch:2
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:5828

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4180

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1856

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fd7944a4ff1be37517983ffaf5700b11

SHA1
c4287796d78e00969af85b7e16a2d04230961240

SHA256
b54b41e7ce5600bc653aa7c88abb666976872b2d5e2d657bfc1147a0b49e9d74

SHA512
28c58a2ccf39963a8d9f67ea5b93dbccf70b0109b2c8a396a58389cdec9db1205523a95730485bcbc9d533867cbf0e7167ad370fd45740e23656d01d96ee543b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a774512b00820b61a51258335097b2c9

SHA1
38c28d1ea3907a1af6c0443255ab610dd9285095

SHA256
01946a2d65e59b66ebc256470ff4861f32edee90a44e31bf67529add95cafef4

SHA512
ce109be65060a5e7a872707c6c2ccce3aacd577e59c59d6e23e78d03e3d502f2707713fda40a546ed332e41a56ef90297af99590a5ab02f686a58bcbf3a82da1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
62KB

MD5
a1049ef0608a6ddb0ab75cb79ea8fe19

SHA1
cb4693e21215e7d9a59bebc2c8b56b9d127dc137

SHA256
bd762e8d2cc3fdb113012bdb3d340aef64af2a1b91d1a787bc3de8198cc11346

SHA512
e52517ff69a27f3d34a20c67b3b3d5cd86b8228287ed3b924e97a8f893f0aab09ecb1f19c2ea4dfd54cac507b4ec99e8f0ea23638d0384d4337b30294db619e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
8b9caf90576f0ca5de594a4af3146ad6

SHA1
7ff4b283b2938270a6a68f39494634e6418e19a3

SHA256
93e33361e40dda8752f878a8a11ae86d2d9d7b339877e8fa5aa2b27f6ea7677e

SHA512
bcb32aaefbbf9f6f8ee51914ec0860ca4376d2760ccd3d90f24531783d5577e3f73279d2f055b5434cf904b12749d3ce64855f6b54faea6d1720a8164b18c358

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
3abce241a872aa1feda1171cb9d2ed95

SHA1
a2c327273cb373a6b59f72b4c502d2ecf9798606

SHA256
5836d152a928f6157119275c3bdd07972eb4b98004e0c49bbf9f70b467eb7a33

SHA512
ab5da7f063e6cfebd7eab5dd48d78c709e4a898470ee0c370dcc4aa9e1a76edbbdd02c2fa66f892945f5b5dcd85f3acb46decfacbefe4663fcd6e58ebbdffd36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
50a512d089304881bc7f7fc50f816d45

SHA1
38e590e11b63bf5eeb1da09266414fe254d770d1

SHA256
4525de50b31e026b9aecea95bae06d1a9f54da1d96d9a8b98336c7e5381c76cb

SHA512
3004389e5eba01aec29e6d39cf63cb878bd7346a76f7c0e1f1f92e5942a3defe605d863a99e8ff02a457804f805b2af18da594f39ede5c4ac2858d051664077d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.terra.com.br_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
8KB

MD5
41ad3d372b5d52e5d0d09299d422ec12

SHA1
836f2653c050b4860beaa9582ab310ae7055af49

SHA256
387d20434a5e5810a5b438b7afd3f60aa396015ab87d854b024151aefe25b069

SHA512
a4107e7c3a2673204d39292ed1c4d4a9e5f0ddfcb140f96d91d296f34079a7223d168e1d8794f63095418b3ccaaaf98931fd7035e36adb0d62899889a2b095b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
7e74e822142c61ef2308922262e8efd9

SHA1
a0f562305f4d0027f1da7c3ce0d9d11f537b1718

SHA256
2a2db5c5d6b7728fa77f039ba78a4c8fc0e67c68bef45318fb4e6456e066ce47

SHA512
09b92bb38235a8d2327240500b4fd54b85b14e4719fc62769b45e5d80586adbc150cf3829c79809eade61fc47ca85573fac8702282f6f41814ab328937f21d91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
1526373cbf7116606e82110ef3ad3e6e

SHA1
8fc8c386582adb7e7591e76e932c332fc8365cd4

SHA256
805d80b81b148879ddd3ff715b6e0e4299ce0f0a71ee02b867c01e347ab5cf98

SHA512
8c0c8f6a56e428f44abc4d8e6167ee8d861abf440651ce0635c6b4a176bb95bd0e6305c75c7dec63b81983d0e82bb598176a734eb38b86c6faf038f96977d76a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3f5b8e0a8517478fdba6b60bcfd5e5c7

SHA1
be9eae581293543894ec1c83cc61e1412c30c34a

SHA256
fff47a1e37ed16784d2ee268b86761e9b394aa4691b176a10b3c18a86eb9313a

SHA512
8590f571051b69a6ded232dc0a528f00dc00efca034c12d9488d8b591b24133a504cf696abcab0a8ff1e95baf9714af34bdb1b8a63c607c6a481d74702b2617e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\99812ed5032338adec55fcabff4227bc79101f6e\1b5af7a4-a501-4d40-b29b-006567c950dd\index-dir\the-real-index

Filesize
168B

MD5
eda1282b53a1d764c52e2c54ff148513

SHA1
20cc85a19dce626743c83196301830c39b859f57

SHA256
f57d04834179999de149cd0a7d91187f3f23ab7498ad9e4f834b145949ff57a2

SHA512
90607d0a5bcddc022a8cb0a7e3fa6e33ccc179a86aba2221423a0b696002552ef47d44a8f7e6d600e2d2137068e066ac9c866cdeed007084232a0b5cf38a584c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\99812ed5032338adec55fcabff4227bc79101f6e\1b5af7a4-a501-4d40-b29b-006567c950dd\index-dir\the-real-index~RFe57d0cd.TMP

Filesize
48B

MD5
47ddbb219dbe20576ec2512b86e6b5ef

SHA1
bdd0cc635abf591607f1e59789999520db0d7205

SHA256
3f7b08eb3f5d48a529514d59a7ec098f41f9a177f535012910ed51c872ad79d2

SHA512
a68377dc1dd4ad8d4452371e58193e091570ce5b77c764281a74f8fbef77054ec91251c3c0ce9d0e532f5dbc123d7e38a6623229bb6b78012e1930f20591a0d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\99812ed5032338adec55fcabff4227bc79101f6e\index.txt

Filesize
93B

MD5
2812a48ebf735f2ca5f579b16bb190e4

SHA1
75e2caced606ed1f548cb1db37cbbfdd68060fa6

SHA256
b8ed65492d9951210ab6943f8bac1764c0c5b1fca954882606f8b7146e719099

SHA512
c7934e129dc58f82034843ab3d0a7a5306fef71d92ad607b99968d3de526010beb5819c833197057dfe9b54d9170dfa424c6bff080cc94abefc6c18016376101

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\99812ed5032338adec55fcabff4227bc79101f6e\index.txt

Filesize
88B

MD5
cbe6236ccdca18047f62f7705862f2cc

SHA1
d4b869bcc39eaf653d728094778866101640003e

SHA256
57e0e8f3f5045e2d6314a2538c9aca3fb53b7c2d2c348e3122eef8105a828728

SHA512
37c9541c1c543d2745de3e7b87d12acc0a3953f862a92f77df8bc65c260dfc77fa99d0a21c0fd45b300148d78df59ddbe6ef14f308eeeef114fa4fe6ac14afa4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
6fe2b8f01fc7542e6542f4b247c7d7ec

SHA1
968c8cbe0d6a6e91bec3008fc5c945c625cac826

SHA256
c2c2738718326bbcd8daefe7f0caac261fdcf72324a5df3d75adcf388ca93879

SHA512
edc4b6e0d9797f0ca229fc63a6d3bf2f0e7348436a4a3f46e493625d7f087c264542e80e991d22a748a2b896ab9a500549f6bc459fab637db06c343e13913f34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ce6c.TMP

Filesize
48B

MD5
1e924202c2ebeeda95fe5343f67ca5fb

SHA1
24fcd32aacb9f8e8928c1ae0ddc366e1382e120c

SHA256
95aff03f048591a323fd0c9792308b04f06a2b53488ea74cf0dbb88bbe2e05ff

SHA512
b8edae09bab820898ef51bbdd8753a4d3aac1d5bccb632aa3e23ae6a8fa9acd43785831f742dcc101ed8b8a290e8244861c0d4fcded7a8f791b8f20d11858b21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
9f389e0cb7341f2ff305dfac91b1be92

SHA1
9498572f38f9e3b2a2002185c20ec5907cf3e4bb

SHA256
32a693910aa41a236705aac12e5933a65d38ecffcf6b150872fdb92b62d5578a

SHA512
dd3532114bb0d3d5dcb346c53947306c54896382af6bc72659ba05327a9b6cb3e1f1cb89ae486e23ed3a3c4cfbf071fe2a2cb11e744e6324bfdc4104fdee4665

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
934aa2698620ae3b701c6a3dc8862bb7

SHA1
857746ef6dce2897a9b7f50dd2269a7eb92809fa

SHA256
cc839bdae4e4723e0da8ecf2a838dc91fa8ba0bcdaddc5550fe7968f2ada2e81

SHA512
d43df123993874b8e04c63238ab9fd34d3293ec9c46a6a92da73ff1a16c6c8fc187e455db133ff1ff8d672fe948879cb9cae8c2859fde5d7ba397fc32aa006db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a9ed5f1633297668d165e99c691d61a5

SHA1
1b3c54134c86d9f09eede2b4e05e7e8cd1d7802a

SHA256
47d8280f6e211b5f714f4600d91c0893bf9bd0878533fb57f725dd1914d8cea0

SHA512
75402fec8817a29145c443f9480f0fa5e76f2f01d6284148a7d73ba7b3642581e9a04a6304e5ea9037dd53a73c87bb06606fa74226405c34f1313a6b4b983227

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e5365f4dfc619001ef058d47e3f71755

SHA1
fd281a3312d2dd8aea7542ef56463438e356b64d

SHA256
45621d918884bf67ef000ea4a42010e8ce8763e764a15b1bd5d770564fb134d3

SHA512
9876c46ad790f036c2807f33acf43fedb6e9a295d605bfaa2df10a1fbbbcbf4834f1fd9f1d5803538f0c14d873e20711d3b19753ecdcc5fe720dd0df9c41d564

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c1d9.TMP

Filesize
1KB

MD5
f50f579cd17d1eb2fce23b1fce9b35ce

SHA1
ff99e2f048b5426008be09338e9524c9433a9161

SHA256
fa4eaeafba0aca5faa10bfd95ecd871059d60f94b60dd9da33724b3eaabdd031

SHA512
3e7a58ec9f9ed964a26762b415c25ab99184304cab7f273688cd552d5457a732f64be050d8b977fe3866d924bb916386865bafdac713fcc578ebfff3657dfa0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
4d0116a8944cda7cec07aa3b5b1cfffe

SHA1
cf911bcff5e49187ec6748367048da18fd1ba0ba

SHA256
96052db0383f737b5d5a0e8f598d435a813e5172343a4cd284199338a057c00f

SHA512
fe54ab342121bb70d6391f5f6fb5ae89681b470dedede7b12b682a71c60b180c5772cfb6794aa72a2a284d94e1aba6a4e17c174d80682785684ae4ea32a1edc5

Download Submit