cf28ee243bf0e2f621a4c949ff7d65d040b6ccc938fccddd0893986e7da14a14

Analysis

max time kernel
145s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
04/05/2024, 09:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

121cf15cae18de89d45b744560500721_JaffaCakes118.html
Size

35KB
MD5

121cf15cae18de89d45b744560500721
SHA1

2c436148341ab05825f0a5236d6caec509168c33
SHA256

cf28ee243bf0e2f621a4c949ff7d65d040b6ccc938fccddd0893986e7da14a14
SHA512

801a17e2a18111b6d8cd3c67ccb89f5c956d5c8a1f69076eadac60f5bdbff98058e2c57cf75bec775eeceaa782caf8946ed742f475ee84a1629cb12e883eaf42
SSDEEP

384:b8553hFzz/MHoIyHEHAkclurf8PVSD2tcnX9r45FGKUcECjpO6XoLOscbLtbj+VI:+1kcluT8PVc2t6NWRpO6XoL+1O2SQWW

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3184	msedge.exe
3184	msedge.exe
1360	msedge.exe
1360	msedge.exe
4896	identity_helper.exe
4896	identity_helper.exe
4540	msedge.exe
4540	msedge.exe
4540	msedge.exe
4540	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe
1360	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1360 wrote to memory of 4760	1360	msedge.exe	83
PID 1360 wrote to memory of 4760	1360	msedge.exe	83
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3344	1360	msedge.exe	84
PID 1360 wrote to memory of 3184	1360	msedge.exe	85
PID 1360 wrote to memory of 3184	1360	msedge.exe	85
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86
PID 1360 wrote to memory of 5056	1360	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\121cf15cae18de89d45b744560500721_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe3af846f8,0x7ffe3af84708,0x7ffe3af84718
  2⤵
  PID:4760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:3344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2768 /prefetch:8
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:2764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 /prefetch:8
  2⤵
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:3096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
  2⤵
  PID:512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4644 /prefetch:1
  2⤵
  PID:1708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:1
  2⤵
  PID:1096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,4994953772821079618,15938396598317271105,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3080 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2596

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\91903c45-6ef6-4d0d-ac70-5b10f8afc48f.tmp

Filesize
11KB

MD5
65791480479a7f03278815332bd748d1

SHA1
e8983b93c1ef1d64454de730de4adad706ff5f6e

SHA256
b61359e73be200def1fcbfe652665f9fec7f3eabc53c3e43442c53b180d292af

SHA512
3e5e60a08ce7d67443382dc6af5edba003e505b78de5c6789f7e1aeb0b761140d88939107aaddc443aad7ecc4baed40ca4d4025e7b4e62e426ab608d2e6dab1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dbac49e66219979194c79f1cf1cb3dd1

SHA1
4ef87804a04d51ae1fac358f92382548b27f62f2

SHA256
f24ed6c5bf4b734a9af4d64e14a80a160bea569f50849f70bf7b7277c4f48562

SHA512
bb314d61f53cf7774f6dfb6b772c72f5daf386bc3d27d2bb7a14c65848ee86e6c48e9c5696693ded31846b69b9372a530175df48494e3d61a228e49d43401ad1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a9e55f5864d6e2afd2fd84e25a3bc228

SHA1
a5efcff9e3df6252c7fe8535d505235f82aab276

SHA256
0f4df3120e4620555916be8e51c29be8d600d68ae5244efad6a0268aabc8c452

SHA512
12f45fa73a6de6dfe17acc8b52b60f2d79008da130730b74cc138c1dcd73ccc99487165e3c8c90dc247359fde272f1ec6b3cf2c5fcb04e5093936144d0558b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
0825831f2344954588b2269fc24e847a

SHA1
1566ad5353b9715a59368f06d723262e1df0332a

SHA256
75c7bbfc102f7aff1e9f8ea3b89b990179749d47fed2e4ea529b9bc08a452bd7

SHA512
343d6740d59e2216645d6175a10d21b30f5b04ab32ae21b6622a2f322dccc44a276409e96a58155919c06bafd23d8bcaccacfda7179d710d240421467383a396

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
04de4ff6545ee184b4725d5362b30fa7

SHA1
323657e41d9f1dfa87b8792bcc10eb566aadd0aa

SHA256
96daf59fdb2e8fb1787481382eec6c5536a81ab16b28c041f670671f3cc71a17

SHA512
eda1529d04668683e75df77d4e16326a0fe6aff674162813be1cf9993cefcd82227f3fce1ef68f8206c9790961799a8a0dfe7b5c25ffc8317aac1b797460a379

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
1ec4b707d2264e3be95828970cb6b86c

SHA1
20879fa62765110a83b49f3fc0d06ff18cfe3551

SHA256
19fb85144351933d6e3c5d78abf7ef3c5be617e7c3d2bea4362ae6101cd8f081

SHA512
7013660af73728273ba5c7c50d6e9944ec9d1eb272a3a750af08bcd833a08f20e34d67ba0cc3a799e482dabe1e423a3b78b4d6c7c2af518b1743af61e26c7d49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f36fc5b12ce9037b0be05a10a29a0d62

SHA1
7718bf3ed9fc8b32e2a737e4f906e77324dd7b70

SHA256
a666787811fa82fd63139052da1f7443cdceb5f63dcc97d65d09786b89747070

SHA512
1f3fdd5f642174abdc51c2b2644f5c7305172c6f029a3765cad47f362a8115ded32cf9cd4abb23dc928a02d07c738a0abc6f24dfd12f68bc7597a9c1dfaa66c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dde4678db1e24117c5cccd33bffbc389

SHA1
1895917f54259d79905cb81872eb51880f1e98ce

SHA256
0170b6e360186e660054f36735e23497557dcf46439b7847c84bf89c83e80c56

SHA512
5fabe4ee9e1f0f980eafd2597cd992cfd16ff65c6ef7b0d87f75edd714d94d934f58b1fca4c5767e635c20f419010d56cd50ea5b14505c1ea98eda1fa2b2ae6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7ad3aa9a6bf5cf0767c0f83d74c24593

SHA1
e55f90c0fbeb4caf8fe71c7cd88a841d19fe84c6

SHA256
7fad9a6e8fd96c996e32757e55d8984f8a07babb168ae23011af9385ec9ebd53

SHA512
4b25111b40cd6a638b6542caba2d92c15b20ee9c1433faa43a01677b3162a15020b6566fd2b4b0c1e54430e8ca1f1c141ee2bd53d92e38419ddf7b90c055fd76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit