1b052059d4aac6b8db21fc462f14fca04196a0f13c699430c4b18528bef1aba0

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
26/04/2024, 20:16

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

019476bcf07cfc9eccd7733c08b0b918_JaffaCakes118.html
Size

49KB
MD5

019476bcf07cfc9eccd7733c08b0b918
SHA1

bdfa25cffd46c146375ca2f0f1f81f9822f18b0a
SHA256

1b052059d4aac6b8db21fc462f14fca04196a0f13c699430c4b18528bef1aba0
SHA512

a2717f5607f964503cc8b9314ab45cdfe182e9e056b8ad23a8bb06037156b598c4051c9df3c20efc885a5439917268cce8a97baff8d4843c80ed4c93fc48b815
SSDEEP

768:wayHHvPWlo4kwU5b71mqe6b2EW/OiColCUJ6bpL+p:w3HH2l9kwsb1HQmiCW6bpo

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2868	msedge.exe
2868	msedge.exe
3420	msedge.exe
3420	msedge.exe
3888	identity_helper.exe
3888	identity_helper.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe
2952	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe
3420	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3420 wrote to memory of 1496	3420	msedge.exe	80
PID 3420 wrote to memory of 1496	3420	msedge.exe	80
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 4852	3420	msedge.exe	82
PID 3420 wrote to memory of 2868	3420	msedge.exe	83
PID 3420 wrote to memory of 2868	3420	msedge.exe	83
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84
PID 3420 wrote to memory of 2136	3420	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\019476bcf07cfc9eccd7733c08b0b918_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbdd3546f8,0x7ffbdd354708,0x7ffbdd354718
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:4852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
  2⤵
  PID:2136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:3104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:3056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4656 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3776 /prefetch:1
  2⤵
  PID:1108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
  2⤵
  PID:1228
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4924 /prefetch:8
  2⤵
  PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4924 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:1492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:1948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,1963470696494758131,14674362533917494811,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5192 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2952

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:668

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c9c4c494f8fba32d95ba2125f00586a3

SHA1
8a600205528aef7953144f1cf6f7a5115e3611de

SHA256
a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

SHA512
9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dc6fc5e708279a3310fe55d9c44743d

SHA1
a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

SHA256
a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

SHA512
5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
66c324077bb0620519e4d8908df2ad62

SHA1
9b4042e74ccc750a4618e25d0543e30f0bffac2e

SHA256
df8952ad534f81df1f6944c6166690a536975fc52f972a06b714432866eb55ae

SHA512
7fc1caabbd70940aab5774cb87e959b40af2413df9510d19c9177e2e35687c686aa297b687ed26a86e05408d57511a951b3c2bef787a5163508b621ec527524d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
89f2292bd1b44862d7e7ebbc745c19e0

SHA1
e789f18eff213fb8811fb85f65e0bbb4b7ecc3ee

SHA256
1b83ad5c44dd83dd9dc043bd1b39f5b44b8b4fce688500fb11f56a8531d86410

SHA512
e11c3a73f9fba5675a960d3b282c7f6edbedf1b1f7c32104b3f3af2bbb35e65c34c9bc81eeca3c2ae50efd7ec189731aaf57cc7f3c1590ffa9a3180eb37b72f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
33c464541f345092a5766c53b1f5cd84

SHA1
24d3d2c5015544dce07e110b1f2168782f386bf5

SHA256
aa6b04b11902b82c56ea47fe35f670b17de0466b899dd73377b5a9b99149f537

SHA512
867dce6b635115d06053e63d1c0f0dc63a2b25bedda0828c9ea01a2d080c865f643bedacd3c5ac7dcfde22d1c7d2e33bcc1653e63e22dd4543b6e6f8fbf7ec0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d394640d5c028e9d62a10e55e68cd18f

SHA1
7dcbac97d5029248a8827ab32a87ae6a2fdb597d

SHA256
ff963c4e728fc97596365292d2f57d08cbd9be0f795ec1fe9cc6765acfa6ddc1

SHA512
699ab16891f16dda43d18a55cdf1f56ec77810b6e04477033fe086931fbb1734fe79c8a92c4ac211ce555e24f48702ce43b78e07b7721855e7f4358670dc81ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7f6bdd8cc5ed99df7221ed2a6ae8390a

SHA1
ad69d37a22dddad9dfa03c4fefe699e0f0c7240e

SHA256
b8e89a0f9fa7a31069374145c3bd0b09c2ddbbc95e4d915b8e364e455e8d8fec

SHA512
6e0f7566479523d25438f38b8ebb9039cc785277b910c5ddcd377e32dff36068679930a3026069cf9affa2ca0bf143340306ec13a8ab664bcea925614a5311dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
801a0b75eb632a071f1b72afa7b0f5ce

SHA1
b5f38c71b667f10b172b778403d5128f37d975a1

SHA256
6a680f44fa786729922c3e6ad05f372c494eb61f507f2e9edf2f9ea9ed87183f

SHA512
7edcf81d3f77c4d7131d0ea303a0b7916425b599fcb05deb0d4a8d344fa0b9718c4d92d730b9dc538c445f82b8e346c9a0d61e26058078b9045605ccdcb6c36e

Download Submit