358120c25fe0284d43e010ccb7ea43b70d09227e94f4a785a43f8c16f95d893f

Analysis

max time kernel
146s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
08/05/2024, 09:38

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2440c680061a1b531085a317b13b77a5_JaffaCakes118.html
Size

153KB
MD5

2440c680061a1b531085a317b13b77a5
SHA1

30bb8cfb773d49df43be992dc18e265f79c3a477
SHA256

358120c25fe0284d43e010ccb7ea43b70d09227e94f4a785a43f8c16f95d893f
SHA512

14664fec938badef1f559296b022d43cc6468bc8910eec112981363387c6dd5c34a5bd92d93d951dec607dbba41f25a592c2fa1cb9fbf28b6edc7bb0d43a25a0
SSDEEP

3072:wZY2MYJ6rHfgaToXdYKlBOq1L1pHsp7/t59p:wmoaTod1Zad

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2956	msedge.exe
2956	msedge.exe
212	msedge.exe
212	msedge.exe
2028	identity_helper.exe
2028	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe
212	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 212 wrote to memory of 5024	212	msedge.exe	86
PID 212 wrote to memory of 5024	212	msedge.exe	86
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 1648	212	msedge.exe	87
PID 212 wrote to memory of 2956	212	msedge.exe	88
PID 212 wrote to memory of 2956	212	msedge.exe	88
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89
PID 212 wrote to memory of 4016	212	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2440c680061a1b531085a317b13b77a5_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffca55546f8,0x7ffca5554708,0x7ffca5554718
  2⤵
  PID:5024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2348 /prefetch:2
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
  2⤵
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:2692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:4000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4636 /prefetch:1
  2⤵
  PID:2332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 /prefetch:8
  2⤵
  PID:456
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:5204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:1
  2⤵
  PID:5212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1
  2⤵
  PID:6068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2008 /prefetch:1
  2⤵
  PID:748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:6096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:5308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4668 /prefetch:2
  2⤵
  PID:2528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2340,1922188462120329496,4427927080502307309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1988 /prefetch:1
  2⤵
  PID:216

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1768

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2a70f1bd4da893a67660d6432970788d

SHA1
ddf4047e0d468f56ea0c0d8ff078a86a0bb62873

SHA256
c550af5ba51f68ac4d18747edc5dea1a655dd212d84bad1e6168ba7a97745561

SHA512
26b9a365e77df032fc5c461d85d1ba313eafead38827190608c6537ec12b2dfdbed4e1705bfd1e61899034791ad6fa88ea7490c3a48cdaec4d04cd0577b11343

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fbe1ce4d182aaffb80de94263be1dd35

SHA1
bc6c9827aa35a136a7d79be9e606ff359e2ac3ea

SHA256
0021f72dbca789f179762b0e17c28fe0b93a12539b08294800e47469905aeb51

SHA512
3fb0a3b38e7d4a30f5560594b1d14e6e58419e274255fb68dfe0ca897aa181f9ce8cb2048403f851fd36a17b0e34d272d03927769d41a500b2fe64806354902f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\92714268-c7ab-4200-bfd5-ec757ae2c5e4.tmp

Filesize
6KB

MD5
b963533cf74af04d635e8be35a851592

SHA1
c333447e6848272a09de6a97840b4448ee9f098d

SHA256
48e0efd95134ac7443e43240ce5ddd22407b7d63f8066a4479890c343a60387d

SHA512
294c2f4a8c2c44e7d93fc6be4eefbec6380b64f6214f9f3b294271a23e2cff84aaca2eb8547f582029aed3f09f2a1c1f0ae51da6148c65970820c0ee0d1015bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
74KB

MD5
1c7e1982bd31c4ac1f58bcd3bdde7267

SHA1
d672d5a215d6f3cd05138e121dc3a2aad8a584b0

SHA256
f7c3dc7f8feec3cc31ed8f65dcd3ebde31629c69e62c26ee44cb0dfc55c3de83

SHA512
33caa8d1f077129fc36e4da0f50aa8fb29b204dbc7e8439781f8e28a953da49a63a1057a83aeb1b33012aaeaf205ae62c34d1391b8885d375c486aa15ec4000e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
31KB

MD5
548260b20981c0be2d9dcf8d01c08c24

SHA1
84230120f8f1bd559eca3fb2fec6acf6cffbf4e7

SHA256
2f8a612a714e5c928525fdb193f8ec12f7965a6c0d63dd8e58ccae239358c8bb

SHA512
9308e58083e5a6989b7646de95d251c5431952dcd55e613e9c7100d817e847da0f4835bfbd0df325d9ceeb4fb9680d3e89311997b801b16bf8426893a2a34c69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
48KB

MD5
8a40bc4c45c8f6b0e74565542b152eb2

SHA1
0646b5be2d6a2f83d15f39e9994eda3c7b103fe2

SHA256
a76e719faf7c62017fe11bd4208a1bc3808b49b7aafb71c66b7a9a6e97e71904

SHA512
657fa7ee16eeb98424b0a92cc6b9bac371931fcb268684af25a2f7f1b4e85fa507208f078465f72cbe8f9ab024eeb1a11b067134927c3d56c636417472ae4140

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
22KB

MD5
6f52f16e0c8869759029f92150fac68f

SHA1
d7171b0111ecbc51953fb6a6a0fcb639c9aacdb2

SHA256
0ba65009d2629977348e7cc30414a518b21b8fe7f50351fcead70764219b9bb2

SHA512
ebcfdfbd773d2e7a0930684c7699f4e557995473c50ed7875cddaf1ff03fd889684400c6f17558b6f801ab5c66da0dccc312cdccb1b2fe8e8784e8c0987cfe11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
23KB

MD5
472b431fd788f4ef04cb3fb5fa1f2465

SHA1
5163903f745638c7ffdfbe8e82db34df638073cb

SHA256
8b99cd8be8cdc06b6ec59775f240ab2a1b106e3852b91b57cfa31fecc5787bee

SHA512
b2e0139fa3b98e3b891ac64a8090430f46b9b4747bd9ec73f6403cb4af23b3c37a4f3318b0f953ca3d08f0ebff318df0d3f85780169702427d8da90494518b18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
28KB

MD5
a654629a090883d1b9187410e811435a

SHA1
29cc44dd450bcadcbd3f8996543992849c7c2a84

SHA256
11e5725033ae30d416e9671265edc324af628481f8ae1d67930b329c375fc094

SHA512
2c132d744af8972c82fbeabac11f650ab9d906e753070f480d3ecc7526e57099ded4a0b766a3a8f9c9113f84687cdc60bb79893288925926c3626494426ec437

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
71KB

MD5
0b6030c9cd411aee95b233775d142499

SHA1
561421242ecab31bf3d66e6b9ff441cf82ad41d3

SHA256
8e2500f66d73ad5b9af47ebfb1716002911965471c1f3f4ddf4142d348bd95a0

SHA512
8c18c18402a72a323441218aee973f7ed1e94fcfd43fbfb0842904dce236a7b16210add1d5d1c75899df092d85f8ef29db4b34473d5ecf2abf4010c08cd47317

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
85KB

MD5
c226b0ab9ff9a8c8cf359752f13ec205

SHA1
f44941bac87434e7b601385b07502e8141f96d22

SHA256
2159166adc47dc998429632d1d5ef8f49acb7e19a9215988a0b14f789ebe12b8

SHA512
9ad5631c5ea259b7f05a15ce673d92da1b2d122dd60d01166dc4de26bf9ac1cb4eb3fc1f3b158a54d57b748a53516590c138193962726b5b2a6f6a80cac42bf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
54KB

MD5
be6adcff433846fe91db258bd1a15cfb

SHA1
b070df2719d045932cf7e2b0428f2570e368eb73

SHA256
14d90e0e8406c0d9955a00907f55f5c68036aeb1bd72715fcb9bbc6a08193846

SHA512
d098716c66df2c6422611d2df0ac137964081f7e20858744190f3c464976baaab316c334ac225dd42ca58e8917580480a1f42cacfd08ca426e4124b6f13fa504

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
48KB

MD5
a8786743b6b0de1ba7a26d7974abf6dc

SHA1
791c3ca71354989f2df092e7ea0c02a86a298091

SHA256
a232d64696be99a7eec72859b383ff877ecf160323dd6f02fa4eb38fb55db719

SHA512
ffdf18a25c7d943e4d970776866966628988fa8ed0b905b29144fd328ab7d12410e134509444f6860ccf693fb9f19d2bff51b393fa335d5ad846bb473b355558

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
54KB

MD5
ece9fa4266b6fb1903b14101286258e4

SHA1
53c4138e469049554a408693a8ec1773502d65ef

SHA256
33068828376a558c0e748cfd679b05abea12516ed5c1917fcccec87727268c51

SHA512
a03771e5b819dccff6e9b2f871e61120cea989308ae1a11d2bd589ec9520fc03a89be9fbb89f52c44cef4f99dd69497719ac5675f8c62548ca60fc99666773bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
64KB

MD5
e20d97076044ba47c93da8d8e92c5883

SHA1
ad496438eb7c58a421d09353475ae23452f44944

SHA256
7b22a3f6a9da14300de895da42fb9d870608158a01b5848b6ec5417524730940

SHA512
7c8eadfb291c249f28b8c0d2a4e8f163d5d51e20e0ed15bc87be405020bd0b129bb000dbafaccb63c7578027164ddf7f55fc142d621fbc610bcb5c367c07e36f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
35KB

MD5
29b661fc1e9cf7368c9cf3e167cec1ac

SHA1
d655284f99581cc6a238f20425c33f83c18d5d49

SHA256
4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6

SHA512
876d15b2c677a243b072b8e027d46fb66694dde10d8ef56d4ddfeeb56e352fb12aedbcdb57a5ddd13cd4795f1769a8775f083a73ced2b151acd9bba4ee3bbe30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
57KB

MD5
fa907c59acc41fb9dd4eb9174a227543

SHA1
b2dfd2d1c29351175077b2c7e57e319b64498b3c

SHA256
6eb7baefd384a99df01c033078fde21abca8677219ad42cd2f08124010e0637f

SHA512
6200a63fbd474b8ac442c74d7fe07f6efc975869f572449683b3dbd64375c96777e125d03602a1493f611db611b28388c3d07fc5aa604340b49cadc74b7a5a20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
20KB

MD5
2d1ff6a957e5509662bc985d074e4fb0

SHA1
ec024dd4a4cb1d751c7d4f290474a7d17f60e848

SHA256
c1d810f31f86677bb6eb23a9603d96809e13634c83d9513350b936ad860441cc

SHA512
d5ef9d49b1a4fce4f8395bfaa99d4fc3fe8798b97424f982cdf3e6b490d2dbc4e2cb091633971cd477ff2c51c9bcd03ed3b735447207cf8c930c927533c3c0e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
cb35f3e40b5390dc7da4889c8f47d804

SHA1
f61d26f762be953ff4a339b42e6af672128ddada

SHA256
56f32efb07ff9d7aace09de6b72c76bb58ea16326e502394796ef06ae69186e5

SHA512
22bf28e898e34f03a18e5c7228f3bc678c1318d17c3ad9aede53594f3ff0264191cb6c949aa4b6bddf09ae333030bb7c379d94d5f51676cf7830790e176c512e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
4cf96bae5217eadee58157f09243efdf

SHA1
5e595aab738a8562152c0cd10be917dd23d3be45

SHA256
37964a9ba3bd9aa877088fa75dbc223a28651e21826ce8c7fcf9025e93d84bd7

SHA512
b94e439dc6c25fa3177aacfcb69c13c9031649e454e54c4e2adbc528558f2ed5a417d0d1f794949fee5b824bc82748cf2b41b5e5c31007e39b978705452fac9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
8e9550f07e9ca761b7199cedebe7c157

SHA1
580bdcb1173e31f95687ab11367abf1151852da9

SHA256
700fd4d39db01c32eb10a052c055798f43154bb514b235a52b893c5cc54afe56

SHA512
542554237bcf999dac0eee6842e734acb282bd558f2bd5c01616b51451db1ec4096c643f88bd286249663b873a9cb448d991ec10fa326c832fba5fb336544be1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
0093addd0d5ba328201f999e3ae77b75

SHA1
aa09ccd0f275f9968519568e5f8b79c6b02c7497

SHA256
9fd3773473d05b1155121c3f60673c862ff71a3e5bb1f2bd4efaad38a562d6af

SHA512
f9b0800118740963ce8b517eb013cf0b050c56ac43a17981e43ae7fd6ff35241ce5177c2df352a7b348905eafa8ff88cdf90a7ee77b43021a343006135c291d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
d491ebc8e01b32ae00682da4a6f8f1be

SHA1
854c2b5c82ae203d6f87e05a33c06f24c25c415d

SHA256
9e3c8ba0146b5afa9beeab1839d017469505816111e4de67398540df94f55e84

SHA512
7265bb28b040faacf782c5c62c9bed447e5886f3c4bc098d6020a6dd7c4f5712733e4fc99958dad5928872f3afc79b5d1f9f50dd0b6e5c00590fa3cc0a673d0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9318fd6dd0e75983af89e1d345f5b4f7

SHA1
fc73b00b83cc05dad1114de146145042cb2c6b8b

SHA256
47ea8aa5f42c579e27859599b876262839543af1b834a69114d44e9aa994ee4f

SHA512
9944e8d4a04c1b93ca594f2e8147057292001035cbe1119aa3b2fb3c02624d3f6228951092044e499139735ad98408474e83b6e01778ec873053460e809b96bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9054f597db48d375c2e616af54b91efa

SHA1
5c037f502dbca7fa439c7ec6953e08aec025c43a

SHA256
8bcdd3011970527e5fe5c8e65d20823c9767b151ef688d37afb2012cc396ca0b

SHA512
88490232587d034bea6106584c32b7e7dc4c530bd5d78fce554c860b0a70a0142e0508836ce2a8b18fe4906cee576f29274cd65b0fe05a98bea82f10ad791cb2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
63fad8966825ff4157aeaee88e4bc7dd

SHA1
620c6dd1c9147a67f1c5c949d6e85ebc68b59a13

SHA256
64eb11d6a2a7c8751acdb9d0039e54c469d0167a9e62cc83f041c693ae805db2

SHA512
70d9f64c9ac9b2404c64e6fad2fb46f150e28283d45c748a6e02c594817a873004f165b653a1096b77ab792b73f97c079d60f21faf2b2b6a7bc5b6f02ddbcf31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ab52784a4c26b9ca5fdc63d55f0c60af

SHA1
96bc4adc8924b6db0bcce25bb1fa9529dd92dbf7

SHA256
f36c911e6804fa895f746fea7ef29e757ef3bbb2c05dd3aa27146477299fb267

SHA512
824f90a1ffdfb1e271dae3bcebee05c9af7e555955337c542c592d335c9465ba53aa09bb4f6a9b1e83b8d577ab74d0b5507d5ce094dfddd6d3389221c534a53a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d5475c8e0716e5c68e8f0b9781ac5383

SHA1
822b05f9b8b25cbb83a86c7faf0bb732ad23e15e

SHA256
59fe93871d89a5db5188ee96ed13a792149a724f7d1a4ee8ebc1638e183a58d2

SHA512
94f46d1f065712ff64d58aef2e0b84aac5cd094739a23c85b278269e6dfd59a74ff37b1fd22ddc7c3f1b94d52e1c6de585270f38a2579ad0f975935f4a458f33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
0469caf446f43ab3315b7c86f44cd9d9

SHA1
c70e782859acddafcedebf5c15d819e3d147bffe

SHA256
e2c6b2f56e97cc724fb15e5fd95936f28605d05cc1557d5ef32d39567f1ff520

SHA512
424c79880755158864e88ec0f7c8cd6c8025a0b4d7618f0d53d615364157d96e49646ba74c92fc6cde76b1c790efd784d0a9981d3843a448204018d8243f2e31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
68b2a7181b0bea6161a0ec596566ccb4

SHA1
41cbb0969e4be0273e147eb9ce15107248a6ca8e

SHA256
b6410c67429e22399c65175661b01ea9be9a2795677d152a87aa9f12d736bcf7

SHA512
a2f793a9997c7d381e1fbc69cee119338a106b0b6b479cb965602437dec5552fd94782da920a5da541bede998f1a97f919c91b4dd0c592831c3ff89e33bf56b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
35d773e5d57f1e2fa5182ddc570345e0

SHA1
9a997ef5917374edfde0650b9a43cbce9fc097be

SHA256
20b27c3c2b80c3e741e4e2bd429c2d694273ffe2a23160b3c7bcee7fe18360b4

SHA512
b7988e55ab320e34ba29102cf00e983f43da69a1e54ca856e4abb080df06719811e36d39f7e200d045f8fe79f767d764a0207c2a862e931b378598ee2cbba040

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57fa9c.TMP

Filesize
370B

MD5
896a002fb21b18b286dc8e624a3ee4d4

SHA1
a933991bc2cea0c343251a994b7a0cb3b093a89f

SHA256
143c4d772f62fd9f1eb93cc4233d918a5e80a104f1d717a9d7ef5631cd6a7b65

SHA512
ebba1f9aa335570edafe032039178a7e932fba07284e9a097e7f5e8ecdf78c9a0bd5e5c7fdf406efb5a09ffbe125b17880bf2a2874c801c197ec78ea35bdf89c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
eff9b365bb884c05b07bc15c1a28f51f

SHA1
b3e036218dddb9286d042ffc6b86a1831707b74e

SHA256
56ca2674e83bdbb2e44ccf5534c7b975f57c1b7c2243d39225821c3737af2e1e

SHA512
4f63f1a519341cbd1147a844243fdc722e027e2e6b2d2849370eac05bf37313cc4910fcfa987dfe5b3f8277d7a973cb513fbfefa1205e96c45ef9dd7eb6c56e4

Download Submit