a25349f5ccb575c841f0c91ca37afeea86dfa70ad9bd3319926ab5a82561261a

Analysis

max time kernel
0s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
09/05/2024, 23:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2c2c9a2b3cc783a1bd1138e7fa2db3ac_JaffaCakes118.html
Size

68KB
MD5

2c2c9a2b3cc783a1bd1138e7fa2db3ac
SHA1

14a2c5abe41f7cfb8218d9027af574dd35d4b0d1
SHA256

a25349f5ccb575c841f0c91ca37afeea86dfa70ad9bd3319926ab5a82561261a
SHA512

09a0e1cbd174f94be46c34502c1cd6524ac09ab5cc7d525a32eae10ad2688d8cb04cafb5e6fe44f5752e4f3f84d64914cbeff4ec670d082b7f203b609e5129f3
SSDEEP

1536:gNTzAqRayezo4r/zdWbRO7NiLuceWePeKjQ++yZQ1ZLduQ9trUxmUqNbrZSW7B:0w67G4RO7feKjQ++yZQXL79tAxmUqNbB

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4748	msedge.exe
4748	msedge.exe

Suspicious use of FindShellTrayWindow 17 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3672 wrote to memory of 4136	3672	msedge.exe	83
PID 3672 wrote to memory of 4136	3672	msedge.exe	83
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 5040	3672	msedge.exe	84
PID 3672 wrote to memory of 4748	3672	msedge.exe	85
PID 3672 wrote to memory of 4748	3672	msedge.exe	85
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86
PID 3672 wrote to memory of 3064	3672	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2c2c9a2b3cc783a1bd1138e7fa2db3ac_JaffaCakes118.html
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb633a46f8,0x7ffb633a4708,0x7ffb633a4718
  2⤵
  PID:4136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
  2⤵
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2964 /prefetch:8
  2⤵
  PID:3064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:1440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5996 /prefetch:8
  2⤵
  PID:2768
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5996 /prefetch:8
  2⤵
  PID:2556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:1616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4244 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,4284805353805128122,15342667747694464866,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5404 /prefetch:2
  2⤵
  PID:4608

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3740

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2daa93382bba07cbc40af372d30ec576

SHA1
c5e709dc3e2e4df2ff841fbde3e30170e7428a94

SHA256
1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

SHA512
65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecdc2754d7d2ae862272153aa9b9ca6e

SHA1
c19bed1c6e1c998b9fa93298639ad7961339147d

SHA256
a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

SHA512
cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
688a61b604282a42b4e097b320fc5644

SHA1
acbbd0ef39b63b273437ba85db08c7d93c303880

SHA256
b13be7ecd85ff666a3731537b3522b85413453bda78d056e4bae72610485952d

SHA512
e345e9c4a4dda01d448c43d0645fa29b49dbc052dae48579af9839b4b2802d69dcff6619e2e6a7b9b9a07437039aad112bf5c5ab3e327ca6c64cd4c32d024aab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
26f48791a2ae8e01090b8db1c049aedb

SHA1
665f83a02ce470e789f4eb0bd06aa1152f865c4e

SHA256
ffc76dc06b462e775db41e1a16cd064160effc4457d486351913aef9aaa3c049

SHA512
c0f275ced3f2a4ebacb020aa731a96460e44ba4385b4221aea49a770755d96636cf23db1dff8cfbd6d584b4d7bcc7d6946b8d70f0f3215d81fb05c40ba992f1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
60665bd4f21c22de83e1ece33f2a85f5

SHA1
6d2d5b0b5441b9e6c7cfcff1db2524ddb11d3b33

SHA256
48dc11069a81f622b70a5377708280a5be92275ab106a986501a61770049a403

SHA512
decaa2e6269ca2c408455430c35b50ffea446a99ac177d7d075cc674b8f407105fead067a354228f1d8c8eb5aed802bc8698a6e37f82c2d528f9d2ced6e217c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
80ada71af90c4f3eca22bc98f4355bda

SHA1
fcafb104c6970a6a5d1546940491f378890b5142

SHA256
7eb0ed3855eff914aebe77a54fb9d6b3db186e3a1fb5439f4133b3ef52744af8

SHA512
6a92553d715e3896f17ead9c588504f8a8ada56f524eb0c6a7628c2d265e5a994511d4cad036d0ac7cf0dfac2fb80b244d365b32ddc2bc6f30b43145f0fd0d1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
28049e2605bb97d740ffc23d3f9faab8

SHA1
acfe8eaa1392e571482ac615420f5d173f7f944a

SHA256
8569be739d5e41065723c30ab39c2f4a53b47eaceb3842fa00c55ec2c547e421

SHA512
c26f5f9809e3bf6086f8a068ff3134875afbbf350ec365d928d70c21b9c97a6ba7a23a7e1e372582aed50fbd1c80cd2b70c0aa82454273d928e7e43c710a6515

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
10b7fe442708cc101f5ec3ac0afdbf52

SHA1
c3ed5b33dc1520abf3b5acec414a330256cfa19a

SHA256
7e2022e14b98782b9744c57604503605af79d305548b102024cd2376433e82ca

SHA512
f8671bd32ee17a48d4559d65c26c67bbdbf035794bd6c0f324eded31b84c20e6106caa3f6723e401bcb7aae43ed8e73acb17c6112f4762e009b7d60ebb3231a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8a8ae84f3b5f5bf6919b4f6da2df230c

SHA1
a14f7a9bf758510737b35f43542585a207a5910b

SHA256
aa408a55744ebdf020aa118b1f4a83d2d6c52269a84a10cc7a7f4ec63f772bbf

SHA512
ff599f4a912b7a2f187b53843b515c69dcbfc369e6d500c973ea8380835d4da536202e685f6276c55b45a68ca5f301b11c7e6b8b6cf113b0b1dcaf4d5f338221

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
705B

MD5
27c173e8cf3cebe459ffbf16ed4fd583

SHA1
744496b4d99916287bc47ecf32066d53dcc8d8c1

SHA256
391ecfea98c00ae3319637eed0f23fe8bf6b58cd66ea23dca0b5239990d44e35

SHA512
e42a7e0b134c394633b0b6d7ce648975fe6862d37ca0abce77a3059f18a4cc1ca503249d35cbdaaaaa9e97500632ad497c1e910b16fcae691b90b7bd68a07f8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57af99.TMP

Filesize
203B

MD5
15324a32bca3c2887e2c8f58cd557c07

SHA1
1c7d9df34dc088e253d4b2df855cc09e847a3035

SHA256
31c419bb81164f959b9f769753040fa0f85d3cefd139640dc1c4df9c4e1255de

SHA512
6bfafb2dfdce9b31bba79f8f09d7b8b51050f0f609acba0ccc0504ba9b82e3c23dd3c769ba43831e8cb1cbca58b468fb5a2f9b4b1ee381b0008408f333886078

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ae19b576ef0e807d4123bb499dbe050e

SHA1
4606acdca565b56bf829091625ac3e30de79a72e

SHA256
36721d3822788e3cbf825d91444886c281833e3429e8c856791ddb9d2331ef75

SHA512
34278be13191b690135065283b99e3f9b35bda478306784683cc4a6d67e14095d775ed706d831eedfdd1e6d10a6c50381f7b03aa465624fcdc21faa46bf0bb2c

Download Submit