2e7e08c72a458ea8ff9f4a475e69790d1dbb15846602cc3be0d8b8859a848d26

Analysis

max time kernel
148s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
01-05-2024 06:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0b4105044bdef3515375267a4c712ab9_JaffaCakes118.html
Size

826KB
MD5

0b4105044bdef3515375267a4c712ab9
SHA1

4dac6d3374be1b1f23f12c802984c15fbc070210
SHA256

2e7e08c72a458ea8ff9f4a475e69790d1dbb15846602cc3be0d8b8859a848d26
SHA512

c38558cb416f9b54dfc665a17fe60e74871df0c5f6b2233f16896a5e2f61764f335142f20d3c96d6f9c86ac83210661d54928502277e0c6c1680fc4ce2d996c0
SSDEEP

6144:UkQDqn7VXfca98Hrc0X4t0X4v0X4Mq+KDUt0DH32SRDqwZKGC53A153opz206Tls:dP7DH0pz206p6RrM7yemuc3h1/bn

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2800	msedge.exe
2800	msedge.exe
3332	msedge.exe
3332	msedge.exe
3032	identity_helper.exe
3032	identity_helper.exe
4856	msedge.exe
4856	msedge.exe
4856	msedge.exe
4856	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3332 wrote to memory of 1900	3332	msedge.exe	84
PID 3332 wrote to memory of 1900	3332	msedge.exe	84
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 3116	3332	msedge.exe	85
PID 3332 wrote to memory of 2800	3332	msedge.exe	86
PID 3332 wrote to memory of 2800	3332	msedge.exe	86
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87
PID 3332 wrote to memory of 972	3332	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0b4105044bdef3515375267a4c712ab9_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc7a7146f8,0x7ffc7a714708,0x7ffc7a714718
  2⤵
  PID:1900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
  2⤵
  PID:3116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
  2⤵
  PID:972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:1616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1
  2⤵
  PID:1236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
  2⤵
  PID:3156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:3004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
  2⤵
  PID:3280
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6420 /prefetch:8
  2⤵
  PID:3968
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6420 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:3728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,153106179286214949,11543964346359980191,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6096 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4856

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4552

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3968

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c9c4c494f8fba32d95ba2125f00586a3

SHA1
8a600205528aef7953144f1cf6f7a5115e3611de

SHA256
a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

SHA512
9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dc6fc5e708279a3310fe55d9c44743d

SHA1
a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

SHA256
a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

SHA512
5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\093e280d-1765-475f-8d36-c829975f2feb.tmp

Filesize
2KB

MD5
3c94df97e6d9a295db418cbbb4e11849

SHA1
f3b386fbd73c705d519aac6efea88471a26303de

SHA256
6eeca05f8a448c5d027da8a1d38128ed32286a1cd18fa59f9a2ffa91da8255f7

SHA512
ab4c9169cbffc9700e5a8cdb2ba06e6426910da71ede2d3fcc5c0c96eda77073dd2c42bd4e1492d69240d38f8d0d9bf516f712a401323df1d82e255a54e60daf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
6ed99126bb44a795f2f6cc45f4bc90e7

SHA1
113b78be945bcecdb043437e5c0cd32469f7482c

SHA256
3d1aebaa2926a9c65adb43eb94975ec259963a479c457523b58995da8ad2081f

SHA512
e15ea4d702a7f8494f39e0106cde2176dc5dac4ca07be34ec857d0c33b00f840832ed4c0b1a1a7fca10b658b4979a1a261af02e714ff38d6500fb4e907d902f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
aae874a5192f984162d0f74780aab0c5

SHA1
bf18f58169ffd906e170af0f23e3d7db2dac63c7

SHA256
5e5d282f2af5eb443003c6da6a05294f5bea6adfb9a4c9d749a6cb9e270d096e

SHA512
8167b02dfb98dfa01e1e69ad850d247e1c30df13ae95d969736c5f77dbb09864f59244dc44d69e56a29cab7468212dd66fd7ac0108271321de82c542d003d6f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1ff9e113fc7b3de489fabd7b789602a0

SHA1
edf1af2bed02d7b33ba760d87fc305ca6244716d

SHA256
3c042ed80dcda7beb4a305c7710dba349c5453914e51ecb30da7acc4e45a0701

SHA512
bb5c411c4a4862850d624b5c4d73d6558ae829f226ba9fd7c03c5078dce3b81e3296c36c03e18b2dc6954dd10ed3e5f12acb11810e28cbcbd2fdd0ce962d4a42

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
531d2fd957b80fe65c3e95cb4cca0a9e

SHA1
7a8fb488f73ab216bf90bebdeffc75d51c3ebb33

SHA256
1914ef16b34c66a2fc115e64baf089ed8558f6713fe447286e5f80e11d72fe96

SHA512
222bf671d0abdcef1be5580d54edd73b7c2d76cf376c11fae56be146cbdb00d9ff94e5041fbdacb26b6e935dc1e2dee6c435979767be05c436916095823aaf3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f57baa17d50b16724364faaea357c03b

SHA1
9bb8aff594abfd9bea32efe53aaa4d3abbdf4530

SHA256
087f3f5bc7150fa9fe59104e986e625368f592ecce85316e3990c8748b897de9

SHA512
5e490e0e01350df2119ba4b9bb17b50376778441340118a48c66ab44e7739a5abff8ac44d15ec7b32f18b5a08192562802664601fd1221321f0156503b6e4f5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe588354.TMP

Filesize
1KB

MD5
929dd2d264d702df23f9e7422ed33cef

SHA1
07ad4f33f6f0b5efb128d8b844d9c407e7537fa2

SHA256
4644e483ed6de1ae16318b9477c033ba32644ad0cf5f55e6d17b0e20fb2c6ee9

SHA512
d8600501fb2197eca155f32f3e79ea87db205a6cdc57cd9585fc6ffca5c76330e3057324e0420a7760e04356af4e8a6fd44fb44389163c2efdf905acea731e50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
af9ba06f4986239e87eb543470c3efa2

SHA1
2c6772bc7d4a0919267a1f5d8f900c2b64460c80

SHA256
924441661520c7f76392761b0df21a798f887c4c1a107ce1fc1717ddf38ec3be

SHA512
8bcb18d2b8af4efe4c987f9a2326ef44f1e99994fecbcacd12a01abd0900f83696f2abc8892df724bb68e9c2ec2065bacc6b294058043a5f5f62f880fa7b4f63

Download Submit