0eb603fd6644b03a2eacbaf73bcbb9bfe436a44347b98c713650e8807e170276

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
30/04/2024, 03:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

08ea9e67f385d6e4a65fab3e5b97162c_JaffaCakes118.html
Size

323KB
MD5

08ea9e67f385d6e4a65fab3e5b97162c
SHA1

7f64424a68a0d6377ed82a425bdf79fe09d96226
SHA256

0eb603fd6644b03a2eacbaf73bcbb9bfe436a44347b98c713650e8807e170276
SHA512

11d0c31b35ec884f06c3db46a2bbd7b3c54edd24859753e460660af167fe467e56ca4c2f3a975ccf94472b448ee61b300a2607630bb8fa31b9781c5e95cdf2be
SSDEEP

3072:lWHYtJ6rHfgaToXdY3W9Em3N6C/FtCx2Gxaxvi7mpF/T:lMoaToTcQEo

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1096	msedge.exe
1096	msedge.exe
3636	msedge.exe
3636	msedge.exe
2720	identity_helper.exe
2720	identity_helper.exe
4496	msedge.exe
4496	msedge.exe
4496	msedge.exe
4496	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe
3636	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3636 wrote to memory of 4592	3636	msedge.exe	82
PID 3636 wrote to memory of 4592	3636	msedge.exe	82
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 3748	3636	msedge.exe	83
PID 3636 wrote to memory of 1096	3636	msedge.exe	84
PID 3636 wrote to memory of 1096	3636	msedge.exe	84
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85
PID 3636 wrote to memory of 3768	3636	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\08ea9e67f385d6e4a65fab3e5b97162c_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8a9846f8,0x7ffb8a984708,0x7ffb8a984718
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:3748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
  2⤵
  PID:3768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:1588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4612 /prefetch:1
  2⤵
  PID:1848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:2748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1640 /prefetch:1
  2⤵
  PID:4444
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5760 /prefetch:8
  2⤵
  PID:3932
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5760 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
  2⤵
  PID:2692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4088 /prefetch:1
  2⤵
  PID:2964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:3256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,2201179592914836952,14278665752603428158,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4964 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4496

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2388

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1328

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c9c4c494f8fba32d95ba2125f00586a3

SHA1
8a600205528aef7953144f1cf6f7a5115e3611de

SHA256
a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

SHA512
9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dc6fc5e708279a3310fe55d9c44743d

SHA1
a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

SHA256
a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

SHA512
5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
192B

MD5
df99348f0efd4cb135556bf1bb712a1e

SHA1
c93f7aacfe937b6cdad06be5ec04623bedaf367e

SHA256
1960e43e22d6ed5271970220253d3904a18d7d615a746e7d58374445badc13a3

SHA512
40b91f5a94043a59f6af225ea2bf2325effdd6854dfca5cd166d758cd886335990b1018feca61c8b5bfd3ed3de8cb9d6792637d27eba558cb5df7c6a142979c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
f1ec6852244c6e28d17b2d5475239cd4

SHA1
636b80fc0c8ecc80e50308b179bbf3409ae02f28

SHA256
e103a7a1595f888e783a5aa924b795f36d86fbb907a04084df78b8b63abacb69

SHA512
567bdc044747ec1bc2dc6c8c783b08355d5bdb3f1d3d6862ad3fe2363f718ea96155d09b43c840ad729dc301238e36bb1d767dd2b5c09a50f3289c07acdf7202

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
839175b1bdcc6f4a6a02568f4c1d219b

SHA1
1c95e5a1e2b3ba76e9ad0e29675c078663c9a705

SHA256
3029a2970f695fd0dba2f4ed413f1af544528a77baf6c3979640e3ebf61b933e

SHA512
7b4f026ed3bcbcef5efff3e140011c6d9a0efe42b9bc3492faab39f1e98df4b6acb6364f6f39f41f02d4f60eef8d2a8d923d5af7a591a5aadbfece8bac05f60d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5a03cb7e4cbb305b7f553a2b6c44664b

SHA1
e13a8ff8588d91394c3ac7ff4ab6ad76fbe7b6b4

SHA256
b97f1730a7bc83560ce575257322348154d238bfd153747738a8d439be059c87

SHA512
c54f3c44ca41ebef53a8af71a4858e16cf23937e0574713c5a736f4c1239f7f723833892ef53621e999a02c526b7f1a355167304d5037a11fea8b82b61b42932

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b2b78936b83d7d862af4c1072e43b6af

SHA1
3fc224cc28ce32718121b64a16c06294deb32953

SHA256
424da5a54a7bd8ae67ef4f897c4f0e38886769e0e1f048e9e27e654a20d15110

SHA512
66c4ca2fecc3ab9b9f9a0b7aaa53a781140a631c65b2f053ac1815091c656fd73d78d84bf681c8aced44564a85d090519076adf7e3340d38ac0ada122eaedbfe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1e1720c62dde188f8d28d8c35a65886d

SHA1
00d077209a3c88080ca518472d1b2cba4b314028

SHA256
ca23a59f79d2cb5fd4176dbea1edce726bbe56ef4f52a7c52b0027a2c525df03

SHA512
3893bc323088072884700b73f5c136a02f23134f500409c68b4f54dcc1a6bde483d5700fd06bfde276e58b2f47a4b35e804516af45426386773fd2bc7c3be644

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4c4e4d878f24ea69f693b5b8d137a01d

SHA1
fa26beb84c2940ec4fd97aff584a502dd9186fe0

SHA256
4cbaacd98b264bde145555caeb5dc94513ad55a499d704919621c5c9ce38138f

SHA512
569a5f077810dfc149713a01617953002c3e818afec16e64f22dcfedff39d775a2fa5d1067bfceb74ae25d0eb12e83a0f1548f2aea5e2079abc80fe92e356722

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f04a78afa20485dfb5536d6505da8c5f

SHA1
c040dd4584318c8be01143e5e806762d5808675b

SHA256
40b6996b63076bf7d91bb344c5507d59b7f1bf664f24bdac4b58c527d2490fe9

SHA512
562d2f5968ad6d0b808953e55c153efa8aa03782654f179acb8abbec2f5ea68731c163dd6707bb1f0960dce40ef1cad2b315abb2f561a91896b55ead3253f23d

Download Submit