f30527b3f1e1fe28d94dd0ec30fba984472c6219573a380cb46a69fb8007aef7

Analysis

max time kernel
148s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
02-05-2024 00:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0cf36dd5b6766952447696b56639c5ff_JaffaCakes118.html
Size

175KB
MD5

0cf36dd5b6766952447696b56639c5ff
SHA1

3c6257ec45c56905e15cb42b225ec2d982f02586
SHA256

f30527b3f1e1fe28d94dd0ec30fba984472c6219573a380cb46a69fb8007aef7
SHA512

f1cea4a9dec2548f08b0b6f667287091276f6fd3d9eaebc81f35e5954e7e017594bee091d654f4851f47436510f909c119ce1ce05e92a0f8caae31f541ab6a00
SSDEEP

1536:SqtH8gd8Wu8pI8Cd8hd8dQgbH//WoS3EGNkFnYfBCJiZS+aeTH+WK/Lf1/hpnVSV:S9CT3E/F2BCJiNB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5072	msedge.exe
5072	msedge.exe
5056	msedge.exe
5056	msedge.exe
2112	identity_helper.exe
2112	identity_helper.exe
184	msedge.exe
184	msedge.exe
184	msedge.exe
184	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe
5056	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5056 wrote to memory of 2288	5056	msedge.exe	84
PID 5056 wrote to memory of 2288	5056	msedge.exe	84
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5012	5056	msedge.exe	85
PID 5056 wrote to memory of 5072	5056	msedge.exe	86
PID 5056 wrote to memory of 5072	5056	msedge.exe	86
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87
PID 5056 wrote to memory of 4632	5056	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0cf36dd5b6766952447696b56639c5ff_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbe42d46f8,0x7ffbe42d4708,0x7ffbe42d4718
  2⤵
  PID:2288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2652 /prefetch:8
  2⤵
  PID:4632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:1456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
  2⤵
  PID:2692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3880 /prefetch:1
  2⤵
  PID:2688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:4724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5720 /prefetch:8
  2⤵
  PID:3540
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5720 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
  2⤵
  PID:2132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,6774612773841024087,11989598870561904162,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4292 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:184

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3268

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3180

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1912

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dbac49e66219979194c79f1cf1cb3dd1

SHA1
4ef87804a04d51ae1fac358f92382548b27f62f2

SHA256
f24ed6c5bf4b734a9af4d64e14a80a160bea569f50849f70bf7b7277c4f48562

SHA512
bb314d61f53cf7774f6dfb6b772c72f5daf386bc3d27d2bb7a14c65848ee86e6c48e9c5696693ded31846b69b9372a530175df48494e3d61a228e49d43401ad1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a9e55f5864d6e2afd2fd84e25a3bc228

SHA1
a5efcff9e3df6252c7fe8535d505235f82aab276

SHA256
0f4df3120e4620555916be8e51c29be8d600d68ae5244efad6a0268aabc8c452

SHA512
12f45fa73a6de6dfe17acc8b52b60f2d79008da130730b74cc138c1dcd73ccc99487165e3c8c90dc247359fde272f1ec6b3cf2c5fcb04e5093936144d0558b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
9d62a67c4f40d332763f4a79db087754

SHA1
a39eb251bb7a52017e13761260af1b399faad1f8

SHA256
7eb1b4400dad838f2091e55d5af5a163f0bde3e403b08da6e8be13da5a8fc84b

SHA512
a765a7d7b475b96d39cb060e7147e5a74f4de6ac2c8c8fe366900f02020be14f3743eba730c8671b5db057b883a13b54cf1db8aa558c6e1999cced566db71662

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
72ba686bf1bf2b6b85654dbb81eb17f8

SHA1
3c9595b17a87b4538796ac31c6d64f239226f626

SHA256
f15af3d0fb48f963ec202736da9f68aaaf6234ebe510610bbbc9d38517ea6299

SHA512
0b959f987ceca3efd2e19937536e5f595fb93f9b1d2ffdb4266d7a579bf757a410635381600eca804e73873d4d9dcee5ef6513864b7b12a85fd5d1d430b8de89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
52e457e6fa30f2ad60e97c48c7816f74

SHA1
517c120a608dfdc99a77b582cebbdbc9918047ce

SHA256
d84332b63d13f13974b656db0702ad47e9d8d5a251e344885f8576f91ff59644

SHA512
5fb03be38c0b9670c35cb07eb0d30084b8bd632e9420c4772dbc9164b03da40467c0d58c9505358a71949b403f33b83dbf8a74abbfa493f397dfe042d570cd23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
aad34eb1f4d9402809315f834c4cea46

SHA1
463a6f835ab7a9aa13eedd9aece7f92b7aad7698

SHA256
726ee3edf04ed14e476a3cc67b3d8ee4b37ee49d32f4aa34badbde2a58267c4e

SHA512
d61d5c81241109b22508ba42fd117445bb999c1b7a2438c55d9d99cd5509d0507ea5c7c91aae19a1ea4ef8df609a20addb40ef605bbee3ea7f3d54f9e5360567

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8ba42f7e9bf1426229fda4c4de3fc6bb

SHA1
f635af788f678f807300b3bd1db5fdab713e7d2d

SHA256
fc1918e67f770e311420705f00119419b7bfa13e1fce031f4ad4f449245c307f

SHA512
51f59331fbec95fc23bdd0146df61e6bce8b8df733c5dfa0cace5e0a2f3916186383a129a95de7b49a6687780a34eb4c89dfa30bd4a97cf8c30883f7657bd9e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1bd4d8684c5b100853bef92a14952559

SHA1
e4c9d29099333a247defe281c7dea72fe4f7b08b

SHA256
c85cbaaa6212a78c2096fa33587daac16492a6938cd37c38071f8935c5c453e8

SHA512
23ac6a304e134ea46d285c4cf73d4c4e99d1267043432c6aed0a8c77e3562ae0fdfc3e3f38e7575a806494dbfc9d96c4b4424e1aa18ccfde9c60f1f918b700aa

Download Submit