30edb73ee04d19b4cdf4c0bd823508d82777b8107f70c941cb54d6ebd214079c

Analysis

max time kernel
145s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
29/04/2024, 15:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

07fd19cdde24207d43fb2660c00c6277_JaffaCakes118.html
Size

152KB
MD5

07fd19cdde24207d43fb2660c00c6277
SHA1

6b91d9ea67a79db40d1ba255f7678d976d6603b7
SHA256

30edb73ee04d19b4cdf4c0bd823508d82777b8107f70c941cb54d6ebd214079c
SHA512

995a6f5be42ab016c9c2236ae78fe8cc8fa16561f2390979e6deea54b7199857f9ebba5418530bbdda79ee824887e484135ab0d0f57b7629f460107e5fb4aad8
SSDEEP

3072:6ZY2MYJ6rHfgaToXdYKlI6q1L17Hqp7/tE/h:6moaTo61Z+M

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4432	msedge.exe
4432	msedge.exe
440	msedge.exe
440	msedge.exe
1464	identity_helper.exe
1464	identity_helper.exe
2764	msedge.exe
2764	msedge.exe
2764	msedge.exe
2764	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe
440	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 440 wrote to memory of 1468	440	msedge.exe	82
PID 440 wrote to memory of 1468	440	msedge.exe	82
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 2564	440	msedge.exe	84
PID 440 wrote to memory of 4432	440	msedge.exe	85
PID 440 wrote to memory of 4432	440	msedge.exe	85
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86
PID 440 wrote to memory of 60	440	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\07fd19cdde24207d43fb2660c00c6277_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb1f3c46f8,0x7ffb1f3c4708,0x7ffb1f3c4718
  2⤵
  PID:1468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2632 /prefetch:8
  2⤵
  PID:60
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:2772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5512 /prefetch:8
  2⤵
  PID:4356
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5512 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:3104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
  2⤵
  PID:3872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
  2⤵
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
  2⤵
  PID:1700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3224 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:1984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5466628131546693180,7042218570284389937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:3952

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2832

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:464

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2daa93382bba07cbc40af372d30ec576

SHA1
c5e709dc3e2e4df2ff841fbde3e30170e7428a94

SHA256
1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

SHA512
65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecdc2754d7d2ae862272153aa9b9ca6e

SHA1
c19bed1c6e1c998b9fa93298639ad7961339147d

SHA256
a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

SHA512
cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
74KB

MD5
1c7e1982bd31c4ac1f58bcd3bdde7267

SHA1
d672d5a215d6f3cd05138e121dc3a2aad8a584b0

SHA256
f7c3dc7f8feec3cc31ed8f65dcd3ebde31629c69e62c26ee44cb0dfc55c3de83

SHA512
33caa8d1f077129fc36e4da0f50aa8fb29b204dbc7e8439781f8e28a953da49a63a1057a83aeb1b33012aaeaf205ae62c34d1391b8885d375c486aa15ec4000e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
31KB

MD5
548260b20981c0be2d9dcf8d01c08c24

SHA1
84230120f8f1bd559eca3fb2fec6acf6cffbf4e7

SHA256
2f8a612a714e5c928525fdb193f8ec12f7965a6c0d63dd8e58ccae239358c8bb

SHA512
9308e58083e5a6989b7646de95d251c5431952dcd55e613e9c7100d817e847da0f4835bfbd0df325d9ceeb4fb9680d3e89311997b801b16bf8426893a2a34c69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
35KB

MD5
29b661fc1e9cf7368c9cf3e167cec1ac

SHA1
d655284f99581cc6a238f20425c33f83c18d5d49

SHA256
4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6

SHA512
876d15b2c677a243b072b8e027d46fb66694dde10d8ef56d4ddfeeb56e352fb12aedbcdb57a5ddd13cd4795f1769a8775f083a73ced2b151acd9bba4ee3bbe30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
22KB

MD5
6f52f16e0c8869759029f92150fac68f

SHA1
d7171b0111ecbc51953fb6a6a0fcb639c9aacdb2

SHA256
0ba65009d2629977348e7cc30414a518b21b8fe7f50351fcead70764219b9bb2

SHA512
ebcfdfbd773d2e7a0930684c7699f4e557995473c50ed7875cddaf1ff03fd889684400c6f17558b6f801ab5c66da0dccc312cdccb1b2fe8e8784e8c0987cfe11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
27KB

MD5
a6a4fdbe3c0d06e1249a9fd21f3ba611

SHA1
3a61f5d0ed19160e6fa1e8a0698726a9ff1ceafc

SHA256
ae7ae363d05aba96daf52a600d45e3e2f4a574effc359aede97a51c488dcbc16

SHA512
b191225dfe0b80d7bdd65b820fa7566464bf07893172371b3b602b8e9cc703213a40d9ea8b44f415a122a822205d7c9e2ec134e2cc33e3c2aed4930864cbb3d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
29KB

MD5
4ea5e71ff8aa81ef6e4036bacb45c444

SHA1
63a419bd1dd83ddd9d5505967dc68d6ad518babe

SHA256
d9cd7468895d480a9108abb93a004ef2dbd56dd09053d76bcb3ced677d46722b

SHA512
9c215c55f08adf5597c96d8a4cee33e46755e0b2a9f3268b89d061af3b7d3470a41fb5c7a7e421bb29aeb29db80e333dda0308292a1a53c3827d0c32aa442540

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
37KB

MD5
3cb88a21b00d02a127c24370098ebe03

SHA1
b960f16caabe028ae7b290abb81c2d08c99a473c

SHA256
22fc5cf1606bdc85d1bda657c450e2d2e24e6e3ca4e93e9eb7dab38bbbf50b42

SHA512
c6475b946154e055f15e99d3843f820872f7c97152e9b0114a024ca3b92e1d03d6c0999cafdf132891063547ef729649152bbde83e5c2ce130880a57cebe7d1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
39KB

MD5
2f4b4c05d2fb09da88074563e124a7ee

SHA1
eafa34a1fbc4b2b4630493fd74a6a777db155cf0

SHA256
0b139ea1af01bcba5c499f6d9c9f26a51e62845801c3c56cf1357a27b12b6a11

SHA512
f1ec535fb36316b92ba7054c45c42a033f0f161133ed769c90064aaea963d3d7e82e753b4baacbc3af0bee43d6d666b0ef631f2de4fe2efbd9f7e4503e1cbccb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
49KB

MD5
f88c0c21932d52fce3972f46c34f8469

SHA1
202018f4bb7c7e9576c16c068347a2375b4509c1

SHA256
e5e9f287d36f06be43132f2f9eb7d063cf01ca738d46f9cc191cd9832b5dbb31

SHA512
002d370ec0681d35f68521f530bcb063bc0ae70406b534e791f23c996bb4b6c4a38d4cf0fe5f3c8be940501fc821db2162f80755c3cd3b05456620f49b6b6f1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
49KB

MD5
5c574756f230841535e4f1c914e8e9e6

SHA1
a0c272c4be386a4eb56955f989459092645c6cfa

SHA256
3ae4975798cbb461af0c5f27c01838517a2c0e0b83c41378b8cc37bcb7419c54

SHA512
86f7c8eb1b94e18d42687c33d96d2bc35bb0cfc3998d0ca97d2eaf0e044dce2c641793b3505cc42b8e00d710ee97d1e4768b49f7085aaf7d3c8b54c9a94719c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
69KB

MD5
dbea5239c860a9e34abc9eb89167bd6c

SHA1
97aca8371fd16b0bd4002c8eeb9b3b648caf0539

SHA256
9042193db618d7fb436423f90c32d526157a530b03efbe572d27f8b7d3994d46

SHA512
60179560b99400d613324051a7884d13659bf6d7c371796fc888174ad09830bff109e8e7db0c7ab27a985d1103d53dd5e06adaf4479b50f67740f4d55e0f8d3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
79KB

MD5
cb604dff22f092a9e1440aae4d1d4b2d

SHA1
3290f0af0ed3d8892fd5ad6e7e4004b9db2f0826

SHA256
974405566eb071c447fec078a83223dd669b1a0c69a8702707940c801318016c

SHA512
8a01a7c6cb81fb31d2255e18dbc7022edfbc39b028a3e8fec54864dc1b3d4c46219bd65c759cda23d40e7308bb02f5ce1fa5609eea54729fcec1dff3ac7a5ad7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
77KB

MD5
86a9415c418dccbe5870018c6f055cfc

SHA1
7116b7ab5e8b98119affa21793637a2e02499e5c

SHA256
ac879d414563f24d1c5186122a3da65be00a009915aeed6f3a850fbb4317a9da

SHA512
3df4bdf57f227a0e6fdb747bc6534db4cec48db9f8aa94a9a8f3a57f3b0c530e59d888957efb47af2a92c27868689df3096243f17da05ad1e8a88055e7195e50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
54KB

MD5
503fc4faaedf813fac95c94db20e6d9e

SHA1
5453f8ac3a4441b2a5a45ecda785e5cc0c08a7fe

SHA256
e64934264b5eb5c02d59b00486f019e90c768d7c4413fa1c17ed532ec33e33b5

SHA512
f6a94f39fa565fffd040c4c52cc5530c1e074cc36ee959faf8fa6de713ced26fe980840f287bad5f682950620d8e2b966c3375f68316a953ae0389bcfb147352

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
20KB

MD5
2d1ff6a957e5509662bc985d074e4fb0

SHA1
ec024dd4a4cb1d751c7d4f290474a7d17f60e848

SHA256
c1d810f31f86677bb6eb23a9603d96809e13634c83d9513350b936ad860441cc

SHA512
d5ef9d49b1a4fce4f8395bfaa99d4fc3fe8798b97424f982cdf3e6b490d2dbc4e2cb091633971cd477ff2c51c9bcd03ed3b735447207cf8c930c927533c3c0e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
12469abd73dc5d925a728251bb2401be

SHA1
4da91263082f0052511623b5e07ea4132c0264e2

SHA256
f096b276e7949d7abaa760b35e24a7f570acaa8f7c0ad60a776ebe2ca6fa2a96

SHA512
0965abdbde3abbb2bd95a35046fe996f25addd287a46213da6f2d05a0e47b2d1583fad2f82d71ea66bf0ae570d2da27fa566836d8b82cd721ddcefe416c7df69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
541bd91fc96a33b4b2a51b9869c8a109

SHA1
99e3876760795ac5b218b069ba7009625808ef9f

SHA256
262ba0d6762e1110bbdef05f3f9d97a1f18c989f4d0ce1d939264474079a323d

SHA512
80a12f32e139aa7a6186e7d1e4b43002fb338225bcd9b38358b2321c1dd43bf9328e92d0787dd734b7e3363f421ff115dbb1e7be8e40b632389df24c53e397fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
a70b18cf72c127f498c9b864a6ca5439

SHA1
dc979f445226b49f6d1dd00a361132181f6db963

SHA256
bd0ef926d8155976ae2cfef820254c1dd5f4b9f02cc4db7d0753826056219962

SHA512
5ddf045110b5da154d0092d647fef0acc065cc94fa99b1de3a42cced72592c2cdb8156e521bf73cc09807946104fbb222f37dbdf89ef915cd1931721ebe6b887

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
6ee52fb1a060379ea89b92bd74ad5fc4

SHA1
e10128d42ed47f40c42d29c1c750df1a6c5b1e47

SHA256
483561ad0fb3553fcaa3a731070c68af5bc4d93519c64ddef06133d1fd413fb5

SHA512
27189624ac123136245d7c324ff4302e76cca8530c0613df7c758763ceafc7ccb662f22de7384c5a136279d6b1993927c81e5d89d106d205502ace648c9b306a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
d3cdba7a98793fcd7039aba83ac2237b

SHA1
1ec6cc8ee6a2960cb3300ce1579537d76d00f2b1

SHA256
f61d2f12fef74877343e9d118ba46b5051d7c438a91de28f65450fcaf8355ab3

SHA512
30a9b544e2d63e2f1529cd79ea8c75308209ca1b8eff581691e3d8dda3b658058d4980906d9c60f89c3deb5a9797fa70ea634d147f3b4e7350b9f867e8e70664

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
645268d943eb613058b6a86411161312

SHA1
fa4f7d7fba90693993730c6b8513e09259e1f68b

SHA256
836a1fe3b45c302d9c82515219cee9b1e0fe36f9c53131b0f2201ab92438611e

SHA512
6d21cc63f9d074a5cc09feff674ea1a6e7fa21bc5f75d91f1b6fc07e3d7864cfeb721408b0dfe01b3cf48b73da5a8c9236a3482fed8401d8dffefd44acb17aee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fbff6b4ceeb8c729608cec148eacd817

SHA1
b3292223e9b64d735847a4f255b24fcb7a6b8649

SHA256
67b0c97eca3d5b2b2b64c96b59814f5cb01ce149794d8c51c21168a147a030ee

SHA512
a7f315effb3d6a14045b739bb9f4d2ac25d7eb8086cb0ab41e296da3d32a993b4c475d350c52ddca85af31221f3433bc34d0ba0aaa1634cecb31985695dcef36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e81d54ab76df7434a8c03028fbc6b72c

SHA1
b5ec28f2781674eca45e9109cd79a07654d657ad

SHA256
2f40e271b40eb2f8b14067c853c7aafb57a866a46dee4437b68763bad708b7cd

SHA512
fe56088e06760c9a98937eae5f4e8257d3fbf09d20c67f54654a62e9d414ad5b2a725cddda286b063355d58681bbf1d5c7b3c6043d1d5244ca99b80caf232993

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9317175c7a40116fe3c2fe97231ad71a

SHA1
5aeef28fd14f9e78fa6bc00ce8252128e790418e

SHA256
39460776ed98c246f3439dfbca8afaf48b1391b823e62528dd1d72113075f95e

SHA512
c19b2cafecfac3ebcda55295ad251967d8a196364ef3379c25e8b7a07e01ca53bd0fc4c9229f416ab15397a5a1829e1d9122af367dbe6acd83c13a320f0ca57b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
369f414dac35a7a66b5f2a5ff6265408

SHA1
f88a9155a603ca92c0a1171e9ba37d0a86ddaf21

SHA256
af0c5c1039057cd62649c0f53a419dee7975a3ef6d98f1edf25be7c4476198d1

SHA512
0d8b4776ae6656482646da37f1a25913a34ab1c6840f51fde4eaf2067f3ec0b9da086058ee46224101b75fd146ae59df077d7ee98db3eabbf2c853c50182fa7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
48e884ee4ca2ab6e62e96b8a80ed6d56

SHA1
ff7f712f5835105c379179cc8cb34715dfad24d9

SHA256
9fa002d6ad3edde1a7b9d549b7b016a50111db0cc18c403981ba8793c59bbc02

SHA512
dccffdc9c7243782b54246bcfa17fae88b1df6cefef5d8951cffd776893732f8cb2ec0db30f11a98b005b650b7ab35af740bf964d2cae8d678013356c62041e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
368B

MD5
84661d36cf93180bed6743fd132a4370

SHA1
9962d3efe32e5a416e38992b6fe059a468fb2c55

SHA256
ffc27d676651bda96def0d57bb00a6efc508fdd4cb14c8ba63c6eb1a7169bb85

SHA512
4e063b3d47654195d672142881f455c0ec73076c3322d4bb3616f2e1d94ed4072c28599def8637017ce4260065d6fec9ad78e2975a9a945ffa32e4c18a866005

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
8af715f9519aff6b13a949d590d37740

SHA1
9a4208734f4083c6d19b97888be7244292ab5957

SHA256
955f6a8f8a6203cfcacbe9aab60fa3fc31d7294d02385c42c1809e8ea81c2291

SHA512
1fc4c0fe13f7159d3ee62dbad2c1835f804a8c29d5f1c16e0fb1a1a5b70b40ba21b646c389e219bb504997b69ceb0c8065e638673537a00d7bdd1e71b132c710

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
b7e83654d09369040d68f0f27cd17eb5

SHA1
9e996a22adfae4fa8f89c1f85e9c0fdfed2da446

SHA256
93e673a46b1782c92a6550d31d0567087240317dd15eb07b9475ce66262f8ee4

SHA512
2184b57eb1797f4b928244f223a4593bc2945c490d19a3c369db3394e319644c84c44f3996795279e694602525bc027e0998ade3db3fff1398722aa34707c824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5832e2.TMP

Filesize
370B

MD5
6db724c1a064f94f41e3b7e5eff29043

SHA1
42f26bb656d44dbf6d71a7903738ee0c47e2a9c7

SHA256
3b6e28c23f41c5f5f6009f891224b1b41b096b1a556e6e755765ab87a14e73de

SHA512
6b0f997f761cdaf42ed980c2beaa25af44c573172426651e5e303ee2f5f5c57cdb4d0e674592847d754df61e6905ae7746beb6f72642de0a9141ef48c29c7ed1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
3d3de11f5bab74f80bf0eab1e4ee3c93

SHA1
42c62666ad8fbef27e97bea24f0b137d1db6b30a

SHA256
b0dd125d34c670a0259bd7e5a2274b316771f794b3bc222714b2edb1d2e9a14f

SHA512
bb369af68a962b90c58f528705161069c588cc78ab4e7c9433f946dd5f78f3fe96625c59a7997694a54d0cb25bc619efb9607a71867dcd94c42e672e586af92f

Download Submit