Overview

overview

6

Static

static

1

27c1e142ec...8.html

windows7-x64

6

27c1e142ec...8.html

windows10-2004-x64

6

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-05-2024 02:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27c1e142ecc128caa26062fdbf18bb70_JaffaCakes118.html

  • Size

    24KB

  • MD5

    27c1e142ecc128caa26062fdbf18bb70

  • SHA1

    f86cf8512db79e3b88855e03a8c67ea74b8ff3f8

  • SHA256

    e0a7bc0415b7c34a6d9710c8b7d0e0ea095eac08b29f5bede96faaf9097101c5

  • SHA512

    dc2a14b465b76c052015fbfb08f3c4df3c48d3b68c31c74137d62bc6abb2a2d8acd0db0d8a7a3c37d8e763b2ba0bbfe0e44e7403f26062178da6162aa995b5d2

  • SSDEEP

    768:3bUDC7wFUeBq7f7K8fpM9LqqhikPPU5IT2Oag4w:rWURf7xYbhXPP6tOag4w

Score
6/10
motwphishing

Malware Config

Signatures

  • Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
    phishingmotw
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\27c1e142ecc128caa26062fdbf18bb70_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2400
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe410b46f8,0x7ffe410b4708,0x7ffe410b4718
      2⤵
        PID:2332
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
        2⤵
          PID:2664
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4004
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2768 /prefetch:8
          2⤵
            PID:4420
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
            2⤵
              PID:3472
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
              2⤵
                PID:2204
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
                2⤵
                  PID:4700
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
                  2⤵
                    PID:2548
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
                    2⤵
                      PID:3084
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
                      2⤵
                        PID:4344
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1
                        2⤵
                          PID:780
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6432 /prefetch:1
                          2⤵
                            PID:2140
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
                            2⤵
                              PID:1888
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1
                              2⤵
                                PID:3520
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7036 /prefetch:1
                                2⤵
                                  PID:1568
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8512 /prefetch:1
                                  2⤵
                                    PID:1048
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8708 /prefetch:1
                                    2⤵
                                      PID:3864
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8840 /prefetch:1
                                      2⤵
                                        PID:4384
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9116 /prefetch:1
                                        2⤵
                                          PID:1144
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
                                          2⤵
                                            PID:5012
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7324 /prefetch:1
                                            2⤵
                                              PID:5260
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
                                              2⤵
                                                PID:5752
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9028 /prefetch:8
                                                2⤵
                                                  PID:5252
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9028 /prefetch:8
                                                  2⤵
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  PID:3876
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1
                                                  2⤵
                                                    PID:2476
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7780 /prefetch:1
                                                    2⤵
                                                      PID:3380
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
                                                      2⤵
                                                        PID:2024
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1
                                                        2⤵
                                                          PID:3912
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,3857011224057746646,10658965003744376320,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7628 /prefetch:2
                                                          2⤵
                                                          • Suspicious behavior: EnumeratesProcesses
                                                          PID:5592
                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                        1⤵
                                                          PID:4972
                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                          1⤵
                                                            PID:1048

                                                          Network

                                                          MITRE ATT&CK Matrix ATT&CK v13

                                                          Initial Access

                                                          Execution

                                                          Persistence

                                                          Privilege Escalation

                                                          Defense Evasion

                                                          Credential Access

                                                          Discovery

                                                          Query Registry

                                                          1
                                                          T1012

                                                          System Information Discovery

                                                          1
                                                          T1082

                                                          Lateral Movement

                                                          Collection

                                                          Exfiltration

                                                          Command and Control

                                                          Impact

                                                          Resource Development

                                                          Reconnaissance

                                                          Replay Monitor

                                                          Loading Replay Monitor...

                                                          Downloads

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                            Filesize

                                                            152B

                                                            MD5

                                                            a8e767fd33edd97d306efb6905f93252

                                                            SHA1

                                                            a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

                                                            SHA256

                                                            c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

                                                            SHA512

                                                            07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                            Filesize

                                                            152B

                                                            MD5

                                                            439b5e04ca18c7fb02cf406e6eb24167

                                                            SHA1

                                                            e0c5bb6216903934726e3570b7d63295b9d28987

                                                            SHA256

                                                            247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

                                                            SHA512

                                                            d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
                                                            Filesize

                                                            20KB

                                                            MD5

                                                            87e8230a9ca3f0c5ccfa56f70276e2f2

                                                            SHA1

                                                            eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

                                                            SHA256

                                                            e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

                                                            SHA512

                                                            37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
                                                            Filesize

                                                            199KB

                                                            MD5

                                                            585ac11a4e8628c13c32de68f89f98d6

                                                            SHA1

                                                            bcea01f9deb8d6711088cb5c344ebd57997839db

                                                            SHA256

                                                            d692f27c385520c3b4078c35d78cdf154c424d09421dece6de73708659c7e2a6

                                                            SHA512

                                                            76d2ed3f41df567fe4d04060d9871684244764fc59b81cd574a521bb013a6d61955a6aedf390a1701e3bfc24f82d92fd062ca9e461086f762a3087c142211c19

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                            Filesize

                                                            1KB

                                                            MD5

                                                            139c3350aa64bf829a02597215c8e2c6

                                                            SHA1

                                                            db4644b187c6fa16109f3cdc25f383a1d58efaa2

                                                            SHA256

                                                            7f6bb04094c76cfb00b13b5544f05d6cd9ea163c0e04c2663f5d9f3c71362ead

                                                            SHA512

                                                            2c3b196baeded266717a37b599c48e7938a03f9c147067a5477b14619e1eb0476c7869aa06e4f9a2c372b22f621c150ce495c7539d9ba3cba54fcbda5d8c2d48

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                            Filesize

                                                            3KB

                                                            MD5

                                                            ec2dacf5eadf2a11b6880424baf863a5

                                                            SHA1

                                                            bc5742e5ae2ba36fc2e2767db45f8e347954bbe7

                                                            SHA256

                                                            e7c8f43abf8833034b31133f6f5c3094829fb8d040ae5dfa81c01a0ecc6b98e2

                                                            SHA512

                                                            35c80de48802a50f36d7703962cce3a8f5a899394217fb7c72b60e2c25f5cde2679c0f2cf3f0d770e64976a5b6cf00323477c6c3c06918a2eb45649977e4b360

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                            Filesize

                                                            6KB

                                                            MD5

                                                            08831fbbc8af0120e592f3ff3b35f5e5

                                                            SHA1

                                                            d208771d7c45829d3defeacefcea6422476f644c

                                                            SHA256

                                                            ab7f76d5c5242644b6cb2cf5bdce3a8cd8dab34801650d52058846c445484cc8

                                                            SHA512

                                                            c4fbdd046f0911367636c9863689cd394c46f4e7513743c275576e7b80eb3640a544ea2b561d7d1646b5328085cb182db217583ff36f33eadf04fb6119b5dcbb

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                            Filesize

                                                            8KB

                                                            MD5

                                                            5ab2e4f1714271d42dc0ea568e20cb95

                                                            SHA1

                                                            93e6da49e767f22cee5a3c43908a51a1b0596476

                                                            SHA256

                                                            2f3323c0dd48f963577e1cc0d793de9b82fce484c135ed1cf73ab1038c351adf

                                                            SHA512

                                                            d13aebb55dee156c86b6c1899c2c5e52c0ca46ac8d01c70073f5844ec382c37493787f549dce79b7089235658b0bf799c29261dc0b298af2064ff6928d5fe569

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                            Filesize

                                                            6KB

                                                            MD5

                                                            74c56c8b045c816c19f54be6e81492a2

                                                            SHA1

                                                            2991eaece15310a513d34c5b52c6401eaa6e06a9

                                                            SHA256

                                                            462b92b241f081b2b80b712669e056cebe601ff04cfd5ff00394e7d0247e135d

                                                            SHA512

                                                            572027fc3032a07dee6db188f8e70195c9cde6b4a442e48de89189c928c1135633dd021ddc22cda217f81c6f609fca4da93bf30be9d4bee4c146571f7a083cf8

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                            Filesize

                                                            8KB

                                                            MD5

                                                            831bda567ba22b23866e2b546d4c2946

                                                            SHA1

                                                            ad94a5c59cffe86bdbd683e73b94032ce9d5ab0e

                                                            SHA256

                                                            aa32f697663a8a5ab7ea50ba785c66961c2712ead65440058dbc394ce7de32e2

                                                            SHA512

                                                            8ab0730713470ef26bb5945434add1c52ee21582a4a825747f9e7ab664e00dd25144d6e99e4617d49523cff66c6d8ec1fcce07248c9d44ea091d813fa836b37e

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                            Filesize

                                                            16B

                                                            MD5

                                                            6752a1d65b201c13b62ea44016eb221f

                                                            SHA1

                                                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                            SHA256

                                                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                            SHA512

                                                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                            Download Submit
                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                            Filesize

                                                            11KB

                                                            MD5

                                                            3d9cbb303fb56a8f0e3fbf6254047ec5

                                                            SHA1

                                                            88fae6826e39f60f31077bad99b628bfb0e89122

                                                            SHA256

                                                            df2cb2176932f4c7415f37994df3bd273799ab6b3db2b4acb99ab20da25708a7

                                                            SHA512

                                                            263b41f11fc1821bcfb63bb4a4eb275d76e577281a3fc1dc5e9683b090ed3234d4414db9eb35e741b6eaef49e81b396c8e0b8c73a48b430ec30c4269176fab51

                                                            Download Submit
                                                          • \??\pipe\LOCAL\crashpad_2400_HQWSTCBVFDXYJNDT
                                                            MD5

                                                            d41d8cd98f00b204e9800998ecf8427e

                                                            SHA1

                                                            da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                            SHA256

                                                            e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                            SHA512

                                                            cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                            Download Submit