a7c737be1f9a6ce02cfff0d85f2a0d9594812103fe991a4a4793a50148ed091c

Analysis

max time kernel
145s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
04/05/2024, 15:48

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

1369050b787e850f4a5fddd37a8798d8_JaffaCakes118.html
Size

72KB
MD5

1369050b787e850f4a5fddd37a8798d8
SHA1

bb4e3d373245dff42b97c7b1d1d89a40f5795a53
SHA256

a7c737be1f9a6ce02cfff0d85f2a0d9594812103fe991a4a4793a50148ed091c
SHA512

416d50eacaa2d3cc9226f876d6083f91000d61e2fc0e375f7c16c1aec033b886238d11df0b7341fec9e71dfa306fd95ed904d00143452e2ce87303209c21caa1
SSDEEP

1536:LlTtnOCCrHSnWlPu8TzCAfU+bzZBva0+3ePjNIXzB1dVlH7ZvFpHnV9mGps:L7mLxz/v/+3ANIXzB1dVld9pHV9mGps

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1100	msedge.exe
1100	msedge.exe
5824	msedge.exe
5824	msedge.exe
1992	identity_helper.exe
1992	identity_helper.exe
64	msedge.exe
64	msedge.exe
64	msedge.exe
64	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5824 wrote to memory of 2492	5824	msedge.exe	83
PID 5824 wrote to memory of 2492	5824	msedge.exe	83
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 692	5824	msedge.exe	84
PID 5824 wrote to memory of 1100	5824	msedge.exe	85
PID 5824 wrote to memory of 1100	5824	msedge.exe	85
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86
PID 5824 wrote to memory of 5136	5824	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\1369050b787e850f4a5fddd37a8798d8_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffabfa46f8,0x7fffabfa4708,0x7fffabfa4718
  2⤵
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2768 /prefetch:8
  2⤵
  PID:5136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:4496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:3528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
  2⤵
  PID:3224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
  2⤵
  PID:4300
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:8
  2⤵
  PID:5508
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2184 /prefetch:1
  2⤵
  PID:5260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1756 /prefetch:1
  2⤵
  PID:5232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4512 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,16259337987194538607,9391598509242651401,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4856 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:64

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4428

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2092

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b2290ca03b4ca5fe52d82550c7e7d69

SHA1
20583a7851a906444204ce8ba4fa51153e6cd494

SHA256
f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2

SHA512
704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
919c29d42fb6034fee2f5de14d573c63

SHA1
24a2e1042347b3853344157239bde3ed699047a8

SHA256
17cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141

SHA512
bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
20KB

MD5
397383c90a2d930f866f405747e27466

SHA1
7bb6b5d6cee104c877dc5c3462f61232ffe5b360

SHA256
a67db01d19e15d8fa76e5a075e336e195325d79d277a83aadb6a440acf887c47

SHA512
4357eddc0581e3cd6209646540bf59756cb4035d7dba47d5cb6b0050e6c202bda65721d4e9d644f37e3cd105bc5fa240574cfa96649f01e2769b796b523e08aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
50c26c10fbb37c7f554fa8255bad1063

SHA1
84a5d9e177c9e5a89c9a056c1dd7f422e6fdd4cb

SHA256
22d80770d720ed144ecb08e08df7c64cc8d43ab35c6967f77883b65381ab3aa3

SHA512
4e4170110ff8d0df506b2007532888f3e0eecc66ca44d9c1d345a96eef3f976c9b1e818ccef852fd8df6cc481f1d9f220702baf254ed31b71e94e1f86134870b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
bdeebe276de8a9161fb6e4890884285f

SHA1
26fb7085c7096857eb22de683e46a4cece964a1f

SHA256
4ff94da6d503078c2c973e6f1ac4e2c2a6c37ba42e8c0bd21477a128ac41a048

SHA512
54eb0fb08c24703c7d9c32ea463aaf3824d1f196212b0e396c66ac54b3632806baa9ea640635deeff67f973ac62915c75dbd2fd369024fc6edb4984bf95e6b5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b2cbdec4762bacdcc6394108449269ed

SHA1
ef4c0f229151d2d01c15e2b231147d2fa3e8784e

SHA256
f046d187a3c3f379e10e4a9f34258dfbdad2f7214954db5e4e2c59c45fee09cd

SHA512
50a5de893fcb71fabb9b7f83ec5fe0d65f8fa8f100cd95daca61812bf239f1f852cbb1bbcd235cdd1f07a839d17c0b34a784c7916fbdf7ed9202202b9bbf39d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a02050597e952b13a05958fdbb54633e

SHA1
29862f087d6803c54617abbd49e33e8760f948de

SHA256
64ad7491e751747b715c6a175f01c78f0554a27d2673785560d026ba5fded149

SHA512
df19a995b9a0523068833f5ea0a239806ab2eedf13f75184b30ef8cb4603b7015df45512f3ac1ae264d21b66278e3dd2e2254224b11264fd05d2dd368edcc079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
83d41ffaa3dea147358750c79e6fb29a

SHA1
7121c96d88c34ac33e7192e834eada95a1a4c859

SHA256
cba8855736126559c397f531184bfca2a739fd5410480d3e3ccfd80d9871cd13

SHA512
3806fd3064c7e8af27d1031ab69e97e462ceee486ece5d602df88cae65221b0e86c5dbdaacdfbfe7cb22426d21687608f22d9c7d9387415206d4259d4c682af0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
303228476394d7cb452c5d168a3d8be5

SHA1
9cebdafabfbfbf9719c60b4e183730eb9f169499

SHA256
b922399c86e99baad609be451b8c9fd213d033161e53acd8374bcf9b3b20545f

SHA512
82baf11ad99fd44f0c2332ed67a9497e647f2b6c3e97d8f908723011b1d021a7fc6d7ab45208f7935853d576c3259725905879c8c950ab8fdb14c01367f4757c

Download Submit