85e5fa2ff2bd9a394ba97a23c7db073bc044e09126c69e1ed931145e3fd64da6

Analysis

max time kernel
147s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
07/05/2024, 02:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1f25a5dff793d1e34c875f5ac0b9e912_JaffaCakes118.html
Size

50KB
MD5

1f25a5dff793d1e34c875f5ac0b9e912
SHA1

c327d691b19ab9807ac0e2eb2bafb8e30f417430
SHA256

85e5fa2ff2bd9a394ba97a23c7db073bc044e09126c69e1ed931145e3fd64da6
SHA512

0729572c4351449dafafb09293aeb334dcdd6a0f57ecd1c76a11fd4ac01b4895c36e8de7d36a88e72c09c100856f2211d221774e05396f3f19b5d967eda29f65
SSDEEP

1536:nXViHmKZK0HFCU9/LpSJWxqm668PhbsKkl7DRm7/HSX84oUWPZLWn:liHmKZK0lCU9/LpS3m668PuKkl7DRm7o

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5096	msedge.exe
5096	msedge.exe
3924	msedge.exe
3924	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
740	identity_helper.exe
740	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe
3924	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3924 wrote to memory of 216	3924	msedge.exe	84
PID 3924 wrote to memory of 216	3924	msedge.exe	84
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 4876	3924	msedge.exe	85
PID 3924 wrote to memory of 5096	3924	msedge.exe	86
PID 3924 wrote to memory of 5096	3924	msedge.exe	86
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87
PID 3924 wrote to memory of 2944	3924	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\1f25a5dff793d1e34c875f5ac0b9e912_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff85f1746f8,0x7ff85f174708,0x7ff85f174718
  2⤵
  PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2
  2⤵
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2404 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
  2⤵
  PID:2944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:4140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1368 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2992 /prefetch:8
  2⤵
  PID:448
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2992 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:2376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3756 /prefetch:1
  2⤵
  PID:4772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1368292505512279376,11769474214288340338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
  2⤵
  PID:4396

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2696

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4788

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2a70f1bd4da893a67660d6432970788d

SHA1
ddf4047e0d468f56ea0c0d8ff078a86a0bb62873

SHA256
c550af5ba51f68ac4d18747edc5dea1a655dd212d84bad1e6168ba7a97745561

SHA512
26b9a365e77df032fc5c461d85d1ba313eafead38827190608c6537ec12b2dfdbed4e1705bfd1e61899034791ad6fa88ea7490c3a48cdaec4d04cd0577b11343

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fbe1ce4d182aaffb80de94263be1dd35

SHA1
bc6c9827aa35a136a7d79be9e606ff359e2ac3ea

SHA256
0021f72dbca789f179762b0e17c28fe0b93a12539b08294800e47469905aeb51

SHA512
3fb0a3b38e7d4a30f5560594b1d14e6e58419e274255fb68dfe0ca897aa181f9ce8cb2048403f851fd36a17b0e34d272d03927769d41a500b2fe64806354902f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
480B

MD5
1bef733644c417490ddaf2ef69886100

SHA1
55f106d06b70cfe8da21cbbff07b0459a259f1ed

SHA256
e40f3c1660a11e471857a5fff755a81788cbf2358c23af9ebc87fdc334c7505e

SHA512
ed7a4f0688b0d9ba4dfe67a8d6e661b2ba7497022bb56345c2d50add08a562a3382eb1a392485bfb86955a3ed30a426b425f39bf82853a542ae56af0fe6498c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
480B

MD5
00675a958f23b19c570d870a92b4b775

SHA1
f8ae07dc1ab201757129b40ef4c91d2e85d8b2d5

SHA256
050aff9696ad39dd709f994c2bf655e0ec98d2f6e799b08cb7518139c9927853

SHA512
4e2f7637d1f7f5d3480a2793f31fe3727fba1176493823795d9c9e194d9c98a1ba88ddaf3e5e4eb56762741c11745737cf609d7b0d768d7422595a1c2383c552

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
934f3d6e5554fd7f1ea6b982cbb46cd4

SHA1
e6aa36a0aa1f5eb60dc484ac3beef96c5f58edcf

SHA256
51f1817f320c0a599bbcaff0417fa812cd97b1ff96dcb01e6d90244d978d1be6

SHA512
e69e4cfe40d7b1f0fd28c0c061f2386519331ec20e11360d93b08521462d072990806d3428a3463d0635ce4755ea6ad3e602d832738f0e087673c5d175742ee0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e1b74fc2c5710737dc834b05317e6e6c

SHA1
68f70ff66880354b17e39c1361b7b1fee9c26aaf

SHA256
bc9e51f8bf9d42246a05e7518808c3e5a35218b8eb47b551cf4590f6f1659046

SHA512
510cd6f3a9e89d19cdddbcaa57868dfe86dae1e1e8df15ea4a0b9b76fceebd6c6dbb11abee14a1c8fc1d8cf0f0d21c8c010afe7f0c4a1268b5527dad598053d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c749b764e12ade8b0c66e78ccc032f09

SHA1
168c42cc539f5e8aabf4ed12f08ce075373671a6

SHA256
216cac80617d6dd06c148846e56a32ad3b044d56b09e777290803014e97999af

SHA512
f592107c651fc2d84f2b7e8660dd1c66a1590759a9f295885f24539676797906ba13c694ed74012e61d2d5f3443359c9d45aabba2e0ca34f9cc1a6268e1c1323

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
f3cca05cdf8df936f17e18b4a2dc4736

SHA1
881b37f9d9dba2eb2d209bbb6af45c15935d2e7f

SHA256
6cbab9a4cfd27cdc92ee30fb5f88ae939311c5c901bd7b5d14be7ecff19316f3

SHA512
f4c22fae3d385d74090177182e146b3adfab4e9db346091fa885a110776120467fecca0c43499edbb5ddac6bb7fc966db536b7c7eef74c5e652178c7393a6756

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
1d52c178796bf18141cc9d5a9f74945f

SHA1
b5a9a428de2dc187af08e46990a213afa40cdc3c

SHA256
746878d2fd584209167abddcc942f1c0dec0df99a6a6407a5ad96f0001d143e0

SHA512
d89d0c52167d0da94cbe2a203b190e002ff5568d9afbf4d99839ffb7fe5b60163c8e0c119ef0e3d27818fb7ead7da44200491b056ca735d60d39ac08373353d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
7d1dd8c568a06ea41458ff67c17c0e3a

SHA1
a5afa89834685e0329082d234fe59ee8ab2505e2

SHA256
25707761c13fb3f13952c37cf4e6a8e50d438ce70acd5130eab55ac6e97e5a17

SHA512
ad14451b587df6a087254bba1a8faa3113c191a9a53fa544b6b6714ffb57299ad6244fc40815725aef1e0c3b20298c1c8c4b9da6d97f223f3ec45fc890d96927

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5809cf.TMP

Filesize
371B

MD5
537cc73d2f5f9663b74e07cdaf0065f1

SHA1
93c12d4e2df71b341f17aa22ddc61a81c463012e

SHA256
6fed085927f855a1a5ded637e5217976a97be2b49cdb6e74fd0272a5616fbc69

SHA512
8ac1c813912d0f2d9525a627b0fa92e3e2e63f931cdf5975168853fd56b3c6c0a34b20493b93b3a63ba01da208561581cc8493e6a5bfb2351ee721034f73817a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7ff2f89292fc151c10247c292ce859be

SHA1
9e5e1208817b94aef309cf3ad7768f006fc3b75b

SHA256
3715e71ddb8c048256e2446149a6ff7f3f497d123226ee35ff4e3e998411b6b8

SHA512
afafd38562a28db0d6956f266f72bcacfaf80da74b5f0ef8a38c6ceec5d237c34f284822d4264f0fc9cf82802ef7f91759349d4e21fb70e9af914364ad966ad4

Download Submit