dd538189f1004c682dd2fc6af570c212d9b2c17ad1be2206a1261b6456eaaaf2

Analysis

max time kernel
145s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
04-05-2024 14:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

133561a442cfbacbf1bb10bb1f9cadaa_JaffaCakes118.html
Size

68KB
MD5

133561a442cfbacbf1bb10bb1f9cadaa
SHA1

6d3707e287668397d3d6d42248575ad81db313c7
SHA256

dd538189f1004c682dd2fc6af570c212d9b2c17ad1be2206a1261b6456eaaaf2
SHA512

d4a76dbd9a10b253382cb5dea416bc1aaefaec6c05f06cefaa1aa3c49191fe883acc6f2ff022ab6c69c674f521a6068c2e3a89216c7c7d92672fa4efe1bc2881
SSDEEP

1536:XQ+k8kuCppnjgcSpk6qICXFAcQ7jMBnxb:XQ+k8kuCppApk61QFAcQ74Bnxb

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4384	msedge.exe
4384	msedge.exe
1496	msedge.exe
1496	msedge.exe
452	identity_helper.exe
452	identity_helper.exe
5928	msedge.exe
5928	msedge.exe
5928	msedge.exe
5928	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe
1496	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1496 wrote to memory of 948	1496	msedge.exe	85
PID 1496 wrote to memory of 948	1496	msedge.exe	85
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4200	1496	msedge.exe	86
PID 1496 wrote to memory of 4384	1496	msedge.exe	87
PID 1496 wrote to memory of 4384	1496	msedge.exe	87
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88
PID 1496 wrote to memory of 4768	1496	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\133561a442cfbacbf1bb10bb1f9cadaa_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffe23746f8,0x7fffe2374708,0x7fffe2374718
  2⤵
  PID:948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
  2⤵
  PID:4200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
  2⤵
  PID:4768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4620 /prefetch:1
  2⤵
  PID:3364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
  2⤵
  PID:220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
  2⤵
  PID:2700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
  2⤵
  PID:620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:1
  2⤵
  PID:4952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1
  2⤵
  PID:2432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1
  2⤵
  PID:232
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7152 /prefetch:8
  2⤵
  PID:3296
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7152 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6860 /prefetch:1
  2⤵
  PID:3028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6896 /prefetch:1
  2⤵
  PID:5296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:5304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,10608388457416745303,18053970782281145017,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4896 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5928

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3376

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2336

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b2290ca03b4ca5fe52d82550c7e7d69

SHA1
20583a7851a906444204ce8ba4fa51153e6cd494

SHA256
f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2

SHA512
704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
919c29d42fb6034fee2f5de14d573c63

SHA1
24a2e1042347b3853344157239bde3ed699047a8

SHA256
17cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141

SHA512
bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\867f62bc-9197-490c-9b60-4dc0fb319ca1.tmp

Filesize
6KB

MD5
aa4057e08cb15a830cdf3af023e95ad6

SHA1
221afe19ef6a8d48bb1868e432d4971c79dfe165

SHA256
edf8fbe72cee7b8491a5ffb69ffd0fcef21ff968befc6d17d88375f76e141624

SHA512
0e9c7d896cabeeddf26f745c93f5f629c72c32d9e0c6f23f8859a702751099c6294bef327ae1ea21d9bf97e22da590fa407fd17360853bc7d88ca72da7ce16e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
d7094762f957ee8e415da5540a398a04

SHA1
39db2dc283a965d469c3ad65be9949a7c59d78b7

SHA256
ac6837e6875b4dc6227f25e44924333c4324be1ddcaf4bc8241d4b12eb3b9429

SHA512
6c6e3e1e5d3247861d620c0ccf13f762d4ad403706af8b08efa3aadebd941811cf19b8f123da3ae7ec9b715dfddd1434e775b00e43bf2129590515a267525554

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
458579e46f76e70a5f663cd72f25ecd5

SHA1
3fae07fcedb0837638f8c6a42219e576b122bf2a

SHA256
7e074d7a71d471ec36545166e189a651304477ea96591bd79c6bbbb181283eac

SHA512
896b92788956557bb5ae83bf0c288b785a006e802818c75fb366f884a102559b67f48ab6ba57c5332f79cc941073a6d307a01a9bafdb1f4288293f04f6ea3a9b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
d66d80127b26907446568cd1eaac5e58

SHA1
1f7f866fcb9c63d7b961a4d0b4fd86d66941b291

SHA256
d535692ac4b4b77f5f1a58dbab5c255288a9871333cae117c69bcf40e297f062

SHA512
0803babec12007e310283cec5beb966b84f20064ead1604be49e40ebe844e2c3babb4e536b76f492c8c0b28c739ac2889b58daf720a7453888ca055421c9fdb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5ca8a5931ebd902b281d23020e9c6373

SHA1
cda9b1f9847998e714bf5ce12ae2aeb866b3bd07

SHA256
55d50db5471195a9b384dd358ab4d8d66975847aa9835de40bb1516d7d2d70e7

SHA512
ac529dc482fa4d97fb6b4388653c60969769b83a284e14d4e01eec5229dc91798eb9324baed80e39f1ae75753cbd7e2942df60b3cf7b38059499063b4d5565d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7fcfeb3465c8c6d316ea110b0eab0aef

SHA1
9264f8459b34c83bc7554510abd60360994a2aa6

SHA256
e3de4451cee8bd2d06486e68eb41ca2807470677169fc803d39032323412dd39

SHA512
731ebf47b0b62dfe732bea3c8f156baede86abc81cb4dc263c7f9bd2f4135b084e93279c28e6d749609150f0a3230691c0d61dd304e89c42bd0a4bc9be5387ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d82a80b24dd4c0218d14edbd8ef96d42

SHA1
5b972f31010d8aa37126611b187496ce3f8b842b

SHA256
26c0566621cbabc0ec2dd5ac615a8f499b8e1c15a6d157c01d2242b59ee526aa

SHA512
29ba100858495d33e761a5d80223e34a1a896288c42e8e2c724f40faef0d3556283508a7e5dd498b10c99c8cd24162d1fd56038edffcbb4d010a2f675323eede

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
3364120681ae31b6a400f4ca8bf88b33

SHA1
20aa34f921e562c191118bbb6e166fed899f2438

SHA256
bd043d45bf08e2a1d1f9aa7530266233fd5154104e21fe5f43934e178039975c

SHA512
d690ff6485bc7dc8b571b8c9e9fc2c84a08026e1d1b7f4b5b755e466fcdaa8e5abba787d39f02242621a93ad8f97afb5c2704294ee60940cba4327a0f62bf6e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ff11.TMP

Filesize
203B

MD5
482a3c47f40d9953f9f5d3445ab426d1

SHA1
6887a3575ee2cf27d319f06a53187262bd4f8a76

SHA256
9ec82a4a5423bf2a3697e90998a3ec1c3cc6bf52c054c59906680dd7a3b48ca3

SHA512
c466c5a4ec3a11fc2177b62ea74fc967bcdbb29323c183aa9f5f3f8fb707a34e19088814ad2c1735b8cf017f04ced4a02b8aadb3240ce5cc8b1054535a580d1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c5d332f5-3d41-4ea7-9528-d480b6879555.tmp

Filesize
1KB

MD5
d962c7f91c1c851cdb60691cd5e8345f

SHA1
ecbbbcc220bc97d443724f492a7658065f8e7b49

SHA256
63c21d528eb8fa36dec41268f4481556beb3d3af6e11a1467d559105eaf2b22e

SHA512
76241996ad5b6985bd1f643c88ec2e150d47a5afe111c5b3f61e8ad959c9a87f800933a391e455214530c46043bc18ba602db9b112b7afc4619710c53be2b241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
999b04ade7b6d07484746713f72391df

SHA1
1b986708f7ef2edb177bbb5845d91e628a51bc59

SHA256
aaf48ec9c15b70731074a9e7772dde1cfe1c05fce68562ce9c509cc534ca6478

SHA512
d943bb908f482b11de25398e8c8d2c35deb18c4805ffaf2fc261da9c0e9cd87e87b61a3c2a668cee1a3f3213c2e46fa9b9e07cbf05672e15cbe9d343364efe54

Download Submit