afad6c8f5ab81b1f6b7611c0338ba2b765ced537318a330f3f4276252a9d4a9b

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
05/05/2024, 01:21

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

1558ae3a2bf668ebd7b2edae3c8c5e41_JaffaCakes118.html
Size

63KB
MD5

1558ae3a2bf668ebd7b2edae3c8c5e41
SHA1

7cc5bbb3805719d2fe918eca0228f29a672bdac4
SHA256

afad6c8f5ab81b1f6b7611c0338ba2b765ced537318a330f3f4276252a9d4a9b
SHA512

51d21882c2d5ac167c875042eb10ad8b883e640e5a41a87a3cd337cc3313fc07871c4aee1a01dcf062ddecb1b0f1627dfb9124b900726a83d8d3ccb5328295fc
SSDEEP

768:oAA3kQzMGRNr6+eoAfpfL/EtBKW7QORUCPm+Pthm1LrXpR:oArBfWSW7QORhPthm1Xr

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4840	msedge.exe
4840	msedge.exe
2912	msedge.exe
2912	msedge.exe
784	identity_helper.exe
784	identity_helper.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe
5824	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe
2912	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2912 wrote to memory of 4400	2912	msedge.exe	85
PID 2912 wrote to memory of 4400	2912	msedge.exe	85
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 3196	2912	msedge.exe	86
PID 2912 wrote to memory of 4840	2912	msedge.exe	87
PID 2912 wrote to memory of 4840	2912	msedge.exe	87
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88
PID 2912 wrote to memory of 1556	2912	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\1558ae3a2bf668ebd7b2edae3c8c5e41_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8a5b546f8,0x7ff8a5b54708,0x7ff8a5b54718
  2⤵
  PID:4400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:3196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8
  2⤵
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:2716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5144 /prefetch:8
  2⤵
  PID:1128
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5144 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
  2⤵
  PID:3152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:1796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,18304183182566248836,1483356362129040011,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4852 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5824

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1620

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
62c02dda2bf22d702a9b3a1c547c5f6a

SHA1
8f42966df96bd2e8c1f6b31b37c9a19beb6394d6

SHA256
cb8a0964605551ed5a0668c08ab888044bbd845c9225ffee5a28e0b847ede62b

SHA512
a7ce2c0946382188e1d8480cfb096b29bd0dcb260ccdc74167cc351160a1884d04d57a2517eb700b3eef30eaf4a01bfbf31858365b1e624d4b0960ffd0032fa9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
850f27f857369bf7fe83c613d2ec35cb

SHA1
7677a061c6fd2a030b44841bfb32da0abc1dbefb

SHA256
a7db700e067222e55e323a9ffc71a92f59829e81021e2607cec0d2ec6faf602a

SHA512
7b1efa002b7a1a23973bff0618fb4a82cd0c5193df55cd960c7516caa63509587fd8b36f3aea6db01ece368065865af6472365b820fadce720b64b561ab5f401

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
44KB

MD5
88477d32f888c2b8a3f3d98deb460b3d

SHA1
1fae9ac6c1082fc0426aebe4e683eea9b4ba898c

SHA256
1b1f0b5ef5f21d5742d84f331def7116323365c3dd4aec096a55763e310879d8

SHA512
e0c0588ff27a989cac47797e5a8044983d0b3c75c44416c5f977e0e93e9d3a9321b9283ea077e6dcad0619ac960ee45fe8570f1d5cc7d5d4117fee4f2f0c96b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
192B

MD5
b3b58cadf70abdcabc5acb479528c899

SHA1
a26fba4a25ad07e29abb98138ff0255e738fff73

SHA256
418f867f5cb7d431e8ee6d97a6a66afafedcd6918645b5e9ad8b16fed85e9176

SHA512
a485dcf4860e0787fc07d84deb58467719cccc8d361f66dddcb1c04731d729e65521eab0d8ebb98e2c2948d55e0f0bc6904c75e739fb3d6324b4020ffe6e2fd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
c8c8311b56a7f7b0882fa43dc90d4778

SHA1
17b8b8bc10288505027d784c0e57c1ab0159ff8b

SHA256
3154ee639fa2e187293c88ff743d17e11471412cd3f0d6f9b384e4a91c8595bf

SHA512
8b9f8c43b23fc21c933568f6b9699c359384a360e5c30cb94f6a8a0a1095fad560b66b1965f50d5d785dfd7c7074a99a489a72bed43e256ddf741ca2249c6093

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
7b6a28fabc924001c5b45ac69c27d4ab

SHA1
81dc597a970e3e4392b95fa2c7efb67aa42b8b46

SHA256
ee56e8a4893f92a1e78b938b3fde45f3eed47e2c15ebd5db817d5f79728985a8

SHA512
0f0e89145df3943a1435f1659820ff142097933b8f7f0dbede32e3bf22ce49e174e9cd883472828e41b7b109420de8713cac2f85427da82f27925a7d1bd34f91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0907c765eaf01a62b04f771ea8f7aa7d

SHA1
ee90fa574a46cbc1fc6314a7d980cedbd253257b

SHA256
ed0c0edb8a9b1b4d1f63e859d17772ec202a01390eb23efbe69fb41c78f1ac40

SHA512
28a1f887adf82d301729d1cc6bb09ee3e37004cfd2d7fcd49d453e9a17d4d48790dc51c10c321b800d74bb55f326a4028e33a0bbfc688a235f3e06b5eea46464

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
592bc52f658dc12d4eded8e66d865a2f

SHA1
7ad366fd6e12946b95797c0b05cdc79f26c1d8fb

SHA256
ecac58f60294086cbd4b6bc5f503b41bfb883e3f378f52950dfca28b4fac2b43

SHA512
26a082443e1e0b2e41a32be65fadcf949312a961ca315bb24dada84cfd816989f6e588fc459f4932fcec303a0e724704398d09dc165003d6b0dbc3ddb97a53b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b7dccbf2d06ac405637b3d866b9ad2df

SHA1
ab58a62dcc6986e19ebf4ec0a85987d614eaf971

SHA256
b58b123f7db974c3575c4dc9302082962280c511c56dd3fccf99313f22ea438e

SHA512
5a86451bd06418205ac5249bdc3a382d55648985b4248b77dad1cedec13371332a8f4a33f7adbe5bed75a62a2c91b53bc5093a891dc0bac936ee2e837fe55c23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7356bbf0c9327aa61a1ae25935dd042f

SHA1
87521a5f618eadc53f48286efe801232a505d7b8

SHA256
4270cc6f56746cefbbf52968e153c5f48da8c4998bc5a9eabd782f5a57811414

SHA512
fa1af1c2ae6fd023d9c7707a79f89238614674707c8fb59940b561aa943f9de3061c4c281ae9780a6cd08c72f927a1673ac0cd7830351d208b49595ed5f24a5a

Download Submit