85dd6e7a2676e698ba3749376cb18fb2550086a02ce0df9f00a076fa26edf667

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10/04/2024, 21:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ec07bffa756ea9ecf4e3235ea8125eeb_JaffaCakes118.html
Size

94KB
MD5

ec07bffa756ea9ecf4e3235ea8125eeb
SHA1

c772fd87c703693d6797c5b24b617593213788d5
SHA256

85dd6e7a2676e698ba3749376cb18fb2550086a02ce0df9f00a076fa26edf667
SHA512

08d26b05719b201e39c92a26376f46beea514f78a0cf3ac86668aa08efd09d257fdd6bf7771ca125f44188221be81ddd5762490b797c1dd04197e1122d2091b4
SSDEEP

1536:PmhQ+BHKMRNW71uVo6xV3VAhEER6IAcSwhqb8jVw3vzo1MH7lhqNmKGGGCRPF2Zb:aFHK8WBuVLN2w3veGtCRPF2R1AcFUSrj

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1224	msedge.exe
1224	msedge.exe
3320	msedge.exe
3320	msedge.exe
3776	identity_helper.exe
3776	identity_helper.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3320 wrote to memory of 2576	3320	msedge.exe	85
PID 3320 wrote to memory of 2576	3320	msedge.exe	85
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1448	3320	msedge.exe	86
PID 3320 wrote to memory of 1224	3320	msedge.exe	87
PID 3320 wrote to memory of 1224	3320	msedge.exe	87
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88
PID 3320 wrote to memory of 2220	3320	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ec07bffa756ea9ecf4e3235ea8125eeb_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa6f3a46f8,0x7ffa6f3a4708,0x7ffa6f3a4718
  2⤵
  PID:2576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2284 /prefetch:2
  2⤵
  PID:1448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2708 /prefetch:8
  2⤵
  PID:2220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:2672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:964
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6108 /prefetch:8
  2⤵
  PID:2524
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6108 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:3472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4136 /prefetch:1
  2⤵
  PID:1228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
  2⤵
  PID:2356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,10682325370942259443,9971522541545415331,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5144 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2028

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3704

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2564

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9ffb5f81e8eccd0963c46cbfea1abc20

SHA1
a02a610afd3543de215565bc488a4343bb5c1a59

SHA256
3a654b499247e59e34040f3b192a0069e8f3904e2398cbed90e86d981378e8bc

SHA512
2d21e18ef3f800e6e43b8cf03639d04510433c04215923f5a96432a8aa361fdda282cd444210150d9dbf8f028825d5bc8a451fd53bd3e0c9528eeb80d6e86597

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e1b45169ebca0dceadb0f45697799d62

SHA1
803604277318898e6f5c6fb92270ca83b5609cd5

SHA256
4c0224fb7cc26ccf74f5be586f18401db57cce935c767a446659b828a7b5ee60

SHA512
357965b8d5cfaf773dbd9b371d7e308d1c86a6c428e542adbfe6bac34a7d2061d0a2f59e84e5b42768930e9b109e9e9f2a87e95cf26b3a69cbff05654ee42b4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
904B

MD5
bfaf3595583f73b0e9a4a6f0209ec266

SHA1
4f90c3017b00df3d32a9bab65cc9f56454202021

SHA256
1c798448cb728758aeaf3c77ca2a3b31d4bcd4e9759c4d48cf670b4614da7ee8

SHA512
1fe70d0364be8b86fa14ab8fa373af7edaa6bbb0d51f44489fbc28c7266a9e3cab023411b77cb74ae0a726a26f8a4087fca61dee982c3e55427cf518d9bd8aa0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
873B

MD5
c7f3e09f30d3b98ac78e13287fd921fc

SHA1
dea2270e0eba9a8d903cc9f0d8ef62cb812939f3

SHA256
caeedd2acdb7c8898be8727b25c11a2f2ebd2077749a49fde0245cadd8b947bc

SHA512
ffbcc554d1a5eee878c8c1adddebf88e756ee8da6dff81b3ddba1b78e319b6464da7c1018171ad229681ac03d6c5074158cfb0496d5578f3846c4f76dcf28fec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
62f838895729126a1cc2f8748e816351

SHA1
b719c84b13ebab58e3a6bcc19abcdbcebae6879d

SHA256
bca506091033f6c55529b5eea191f5031cb3adbc8594eb56febaf7fa818b56d2

SHA512
30547ca95d093669b7cab554c13fbf9d639c16658272bd1153253140a1c24ce0e11ed7dbd1bf5fd6d738c2d54e6c2003ee7e028afd717af008d4d956b0cca3ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3b8739a55efa8b521d7ab01a029cb24c

SHA1
14fb91f2186c4229389681d860d3c5e9507c0482

SHA256
612a63b55edfb464d567c5db2908a500b76da1fd4fd71f8c08d2409dcd070e4e

SHA512
e4b0d6712ca621dcb1895cec6d8329f3c73662ec34de3a68786c0a9deac62efdd41e3a54adc5e3c056a7ec92e2963a529f575749f2ee24f3fdbd7acbe4e92b5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8ac632a47a1c9cbfabc5d5d83f77fc78

SHA1
6af1c6f8ce0b984209ce2bd253bbe70549032dc2

SHA256
a716ead031f8e9188eaad33fb943988ebcedd420c76262413d08cfbe5304111e

SHA512
e1c050221e4d7dfe3cb82b84a0499498de510182b51537a80d6cef90ee74e0d875f73b313932975fae8bce3c1c25f4ef0081df75418fae71cdb67175c5e4c6e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2307d9012c67502cafdd34b486bf670a

SHA1
e3c3b95dca95c92fe35df5104c1dd957920368db

SHA256
9c672e49fa276104ee8ef879be05758e995fed123d1c86298b90b97ec7390b2b

SHA512
e0293cd55eac9182d3edcc77c7b331e8b93b34a60e32de0749e4f2767c086eb96d6b19d76cd6e051dfc797e0e5d8d88ad70ae7cbaa41a6d2dc8291fea13f7db4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
04a9a493948b7436ffaf224a535da2bf

SHA1
436decbbc1a3eb590ed21654d710ab4b96d43014

SHA256
7bdab90a275542c83c372baa46484de2dbfcc2d699e4f90c71d85f86a6f54a1e

SHA512
0723e5e096481506c05de669c24291895e563501d0a000dce36072b0f905b1cc9df63a2150d6f6e0c67cd8102b1e110b267a401f7db32fd62cf5228fa553f014

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581567.TMP

Filesize
372B

MD5
66a8ce2af660d7b7e3f4f51930c258be

SHA1
1877d4dac077679bf75c3ecf1b7252b482c41346

SHA256
139031ebeda684ac88082114c32300406af8613c08b8070675ec72cbd03cdc30

SHA512
b123d1eac5a8a44a9140ccd5a6b2fafdf095c879ffc6b43305e40ecdde5f59ecc71195fdb190aca860b413681c24ffd7e4d63ce66b40ebc83750568f5e685a1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
d898576742562b3dd77170f89456566e

SHA1
939ca26fc8c85042ecd09dc8c2ccf40990d57d7f

SHA256
d9bf086df829445e178b51a5b7382081005654440f57cf0bb5db2ab8fc24947d

SHA512
f76b48c71853295f6c8a4bdaf6f0a8ea2e33a6dfe0e8d8fb7d4e3dd96da45d5d3b1acbdbf2d7ff156c6da236ae6900a8bccb0049854b3ab2234a7fa56406f5c1

Download Submit