65676226e2d04b694c42ee1d9340413b6fc99f6695e453df1ef0da3ea89a02b1

Analysis

max time kernel
147s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
03/05/2024, 13:02

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

10974feeb98c615e3b50ebe95ab05c64_JaffaCakes118.html
Size

117KB
MD5

10974feeb98c615e3b50ebe95ab05c64
SHA1

ba628a9f6f88479127b243ca88346bcd14924fbf
SHA256

65676226e2d04b694c42ee1d9340413b6fc99f6695e453df1ef0da3ea89a02b1
SHA512

0d8d1d66854b15d1edc4e91fe9c2fb4a2045005513cde1424c53f8f52a9ca19f422a63670b9eb6d9237615ab8c6f8d0131a318c61c7ff92386854a83a7296e7c
SSDEEP

1536:XNTxBOTC/gMRsJpocjfueL32Jeut6DuiCiodYhantWHn2d:XNddyJ32JeviwodYhantWHnQ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2828	msedge.exe
2828	msedge.exe
4244	msedge.exe
4244	msedge.exe
8	identity_helper.exe
8	identity_helper.exe
4964	msedge.exe
4964	msedge.exe
4964	msedge.exe
4964	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4244 wrote to memory of 3192	4244	msedge.exe	84
PID 4244 wrote to memory of 3192	4244	msedge.exe	84
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 1208	4244	msedge.exe	85
PID 4244 wrote to memory of 2828	4244	msedge.exe	86
PID 4244 wrote to memory of 2828	4244	msedge.exe	86
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87
PID 4244 wrote to memory of 1716	4244	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\10974feeb98c615e3b50ebe95ab05c64_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa6d5646f8,0x7ffa6d564708,0x7ffa6d564718
  2⤵
  PID:3192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:1208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
  2⤵
  PID:1716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:4240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4256 /prefetch:1
  2⤵
  PID:4456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2100 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1296 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6148 /prefetch:8
  2⤵
  PID:3716
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6148 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
  2⤵
  PID:3076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2752 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,5905608638065604929,9927552247849977609,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5816 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4964

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:404

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:440

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b2290ca03b4ca5fe52d82550c7e7d69

SHA1
20583a7851a906444204ce8ba4fa51153e6cd494

SHA256
f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2

SHA512
704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
919c29d42fb6034fee2f5de14d573c63

SHA1
24a2e1042347b3853344157239bde3ed699047a8

SHA256
17cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141

SHA512
bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
8d4906053c1ecc1c0906904faf505b49

SHA1
16ca282eaaee4910789e490a4e2ada298e25e376

SHA256
9deac84b1a0d3446cbe668148c2b7fb38f19d5adc0842275c72f0b8c2bff1886

SHA512
923230ee00726282876bd79a0949e067b63978b4b5f0fe82ac36c7505a752f5b8878e34abc6adaecfad08eeb02101686d65fb6a07149081c80c6ac834937f8c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
78f81d2c2c9db41ebb5e82e2dd54c472

SHA1
cbd87dfa384e8240be1af086f8f402bc78816ef3

SHA256
897853cdbb3da7478153a0907e13f67d55a7de9f293d2a4f7188d98a59b179b6

SHA512
abf8a81bfcfe04dee2d505c3bd1bae1601ebfabcfe09291ffb667670a84181b7d724b19b2e405145696017902459726280b89d04311ccc34398ea704aff840f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
38b22297fbd2ebfba30e58279c1cb68a

SHA1
8c2c3214893b66d27d1d757ad997f1f2a4a52446

SHA256
86e307395a307b4579a25b491599861f103a3c22ce2e33bc90e3fea8ba03b8ef

SHA512
fa2d585169dc9b64f076347353614c50eb7f9b939065cca68f9ea2002d4554919a37a9a690a703ab215894afe56670c1976fb13cf5185eaeeca411dd4bfd04f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
ad7b1001342b74277d2fd541bc5d7857

SHA1
1af32308662b73bc939f6eccab0f8d2b485a39e3

SHA256
9ef4c03209507983c0300813b69b4a8a9138091755ca7edb9b9136f45ae7cf3d

SHA512
b6917d5588d3b486b81bab5cd12ecf34fb2404d06a644b4b03161622cf28dabf30a2ef4bdbc90898d27ee961cf00eed22b3f01dd7c8ed25f6f975cfeb4de4f60

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
926B

MD5
37393887e51c6a4be3378a60b94fdbfd

SHA1
dbd13614d40cfe1150a84cd315a5ebe88bd75de3

SHA256
d8d2cc25112c250e3cb98322da3355ecd9dd5a76b17da0f3817b022df74b1289

SHA512
2e4aa36690650881530cc92cc7782fc35cbc6cd60917d4bdb036cda2d4642e1709c256c1c6c2803175eaaee97b7ca13a8b61f9e88004538a8c3821456734d0b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
328aa936e62d91b77f17a94277441771

SHA1
4fb26dc77bbd1a6c5cb1e5e21c046ffc740a031d

SHA256
35f13a8659e2ffe27158374249ccb4d30921ce0a42faacffdd802a66c2adaee3

SHA512
d35d2263d453ac1a17612ddc6a5c1064625a8dba89a3bc8535a8b3aefbce8f3f88fa0d903be17263613c1c2f6e530e3216966c7333311be4ff9a5cc46cb1bc9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
abdbf6b4cc9edc83d75a88c262eaf750

SHA1
4a952a327d800a8f11ff488bde5bfd1b9903e6e0

SHA256
08a563e4822d9e10f7de5b8755aa35bc6721018d8124ae9c9a686eb6eb0b65e8

SHA512
641e224773bd0596e40012b5d4386ec7c682d511f289a8f211819b1a22acef0c3a169bb8d3126d5850eaf0c6b2eddb0771229b9e494a3fa26427fdd2e3ac36ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e40d720a2d6bbe856edad4d04a8a6ff1

SHA1
24aa643a46a4d5cf977921acf85fa3bb583aa815

SHA256
f4a37c8deadc722e03a085caf19458dc8fa390ab6a52e36a1b9255be3c01ad58

SHA512
41d6b34f79060e13dc3f76efa1cc532a832a358da00e4ce7931276f900ff81d56bf0330161421b07243dd3568f6c16c1a622e815224ce691aabaed092e9079fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2f8708023a0b6b94c79db071f1a6ee54

SHA1
5efa825f0db615f40abddfc76d37332e0b49a6b3

SHA256
cffeaf902bdf0af06bbdfe817147d89866b9bb6cc619b7f573f8103dbf65d878

SHA512
0a303619779e143d57507cd853f178fba9e467a7f602d72c4ccdf0d73c73a75c528a9f75ec3d3eb8fb196b3f15246b94bc725a7d623b754e408a134284ff5cff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b16091600b95ed15168a9b4f5feadef5

SHA1
7639a5e494671fee6a98c2d5faad103dee8a974f

SHA256
9e0245731fdb6f86fa74b2a800f7d4bf56db0987dbb69e37d966a3c05349ea47

SHA512
424a808f008adcbdf17d5555be9844c12bc4f6c4ee5d5e51c4b284825825ad535f5d3d793f55a81dd003bcf5a38b637e272dcebc50e2fadba67aaf6e55bd20d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
269a096c13f9b5d3e7dea68a20546183

SHA1
5b0e50dfd3e88c9d94de6dc1e6122038d12d9168

SHA256
cf0a3741fe07420d39e36a1f7f15afa1f5e7e87f435e509ea9fbede4345856f0

SHA512
1492d50b03477874e18fe3013f8b1f1bdd4c18c8736850ddef9c478a5bd07ae7c3a529b73147adb0a2ad37f4a63e2ed3508a6e131472af448c165f0aa1527a1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5896dc.TMP

Filesize
203B

MD5
61c025266085dc9293f71a08f0dd5e40

SHA1
e12d186411493a3090db7a02ec2b4641d2154425

SHA256
5b32ba989e06ce4f3c43be847896619fa501d802762494d4008488375dd0a738

SHA512
98de49312fba1bd9cfbf0c65d908fb0f067c756b917f3aece4a0b9ea545ad239cbf6e8659ef9b06bea93506f5e84357c46d7fb2e22e6dcbba2c7bf2c1c893a6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
cf55eb9e90254c245cd7c0cb0b066e94

SHA1
5a1c5b3247eb279e323b2782aa94f926200f8945

SHA256
701fe9632a586eeb9c6ec4fbe70bba35e84c561f4564e42e0dcfc2ea402b2cff

SHA512
cc511269146df055da5597ac61f1785c6c3aab2e13d1afbed628b942d0dd30e82da0541d171c929e791672c3934c8e275b20d7623d4f3bdec82c30a97929531a

Download Submit