fcbaf12d435340c15e561aff4f7eda6841bf454949a453fa907a30957ba6ccc3

Analysis

max time kernel
145s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
09/05/2024, 08:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

290780741f5ba878bf86a3295c154503_JaffaCakes118.html
Size

115KB
MD5

290780741f5ba878bf86a3295c154503
SHA1

659fee5c950bebef083788cd23452e600362789f
SHA256

fcbaf12d435340c15e561aff4f7eda6841bf454949a453fa907a30957ba6ccc3
SHA512

4e0dc325b0378224346f4c2eaf6c1fb5a6b8ee40783b2edee8a5aad1cd86645f5273019ddfc9741bb89f25d91c761194f1b8bb945f06ba9104ce819e4ea1793d
SSDEEP

3072:8ZY2MYJ6rHfgaToXdYKl+e2DA0PFCxE7BKMtMhU:8moaToa

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3252	msedge.exe
3252	msedge.exe
372	msedge.exe
372	msedge.exe
2068	identity_helper.exe
2068	identity_helper.exe
4620	msedge.exe
4620	msedge.exe
4620	msedge.exe
4620	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe
372	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 372 wrote to memory of 4020	372	msedge.exe	81
PID 372 wrote to memory of 4020	372	msedge.exe	81
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3544	372	msedge.exe	82
PID 372 wrote to memory of 3252	372	msedge.exe	83
PID 372 wrote to memory of 3252	372	msedge.exe	83
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84
PID 372 wrote to memory of 3344	372	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\290780741f5ba878bf86a3295c154503_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcdb8546f8,0x7ffcdb854708,0x7ffcdb854718
  2⤵
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8
  2⤵
  PID:3344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:1352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
  2⤵
  PID:3332
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
  2⤵
  PID:3436
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:1096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
  2⤵
  PID:1204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2232 /prefetch:1
  2⤵
  PID:3816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1
  2⤵
  PID:808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4068 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,964433006003656363,8872513362351669059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
  2⤵
  PID:4496

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3020

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4b4f91fa1b362ba5341ecb2836438dea

SHA1
9561f5aabed742404d455da735259a2c6781fa07

SHA256
d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c

SHA512
fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eaa3db555ab5bc0cb364826204aad3f0

SHA1
a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca

SHA256
ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b

SHA512
e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
74KB

MD5
1c7e1982bd31c4ac1f58bcd3bdde7267

SHA1
d672d5a215d6f3cd05138e121dc3a2aad8a584b0

SHA256
f7c3dc7f8feec3cc31ed8f65dcd3ebde31629c69e62c26ee44cb0dfc55c3de83

SHA512
33caa8d1f077129fc36e4da0f50aa8fb29b204dbc7e8439781f8e28a953da49a63a1057a83aeb1b33012aaeaf205ae62c34d1391b8885d375c486aa15ec4000e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
35KB

MD5
6199d66820d319b4c775ede9fc7b6ee1

SHA1
4fee1e4da9484d70b249e1baba854ef299545d31

SHA256
e2cad833dc8c2683c919b79df8b99ef320a786bc2c99331f9f717f4b68d444ce

SHA512
2b76d355d5db8f2cad15faf40ee05276ddafbe3954a3f2c3fda0416b340920f059df3334e92f95c9e733a17cb402ea50d746bc95ccb7e39f3504b376740c927b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
31KB

MD5
548260b20981c0be2d9dcf8d01c08c24

SHA1
84230120f8f1bd559eca3fb2fec6acf6cffbf4e7

SHA256
2f8a612a714e5c928525fdb193f8ec12f7965a6c0d63dd8e58ccae239358c8bb

SHA512
9308e58083e5a6989b7646de95d251c5431952dcd55e613e9c7100d817e847da0f4835bfbd0df325d9ceeb4fb9680d3e89311997b801b16bf8426893a2a34c69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
22KB

MD5
6f52f16e0c8869759029f92150fac68f

SHA1
d7171b0111ecbc51953fb6a6a0fcb639c9aacdb2

SHA256
0ba65009d2629977348e7cc30414a518b21b8fe7f50351fcead70764219b9bb2

SHA512
ebcfdfbd773d2e7a0930684c7699f4e557995473c50ed7875cddaf1ff03fd889684400c6f17558b6f801ab5c66da0dccc312cdccb1b2fe8e8784e8c0987cfe11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
20KB

MD5
9be780bc06907ecbdf0320d88e6da1d7

SHA1
5af34c97da84ba9319b4b8d6e63352eb9299bead

SHA256
bf111ba484d1fe1d7ebd0f2c1e3e61a844008abb17383c81610efa5f6ceccc3a

SHA512
ffa99bc96551ce59af822011cea136142aba10ea600760012ecc3bc5391dbdd3269e365770f4650e9de12fae39cad2a6f11d2e70a8c3c73ef17cdd93b2fb1822

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
54KB

MD5
3d43ad52a5e97214b6780973a555d0c1

SHA1
ac5dcc5dbafe9781453c87ee892c8769cff3df25

SHA256
2760b7d22f5936561faebf3afcec848f31faab71bf5c95243e36908178d33342

SHA512
e117dfd48a35fd897b052e4623449bceaef0b9d9742ebd078b36d6029743598e1a91c81c0f984f0b3e2b81ba02bd6613c78db6f477ee202374ef94bacf48b2f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1017B

MD5
11e250ff6ac513126bbfaa2422ce4f48

SHA1
dae9144dab362ec6f5a861826daf43761c3e1092

SHA256
bbb1ff254500d4eb46ef8bdf261c39d3b13f91200e72ae412bc4451fd94f3bf5

SHA512
e737836f402211e69efbb58989cc573511ad36465a0ef13201bd5076b7c663cc27878ccd6cf53271e6622437da6cc176b95b7df41fda4f036e6c3fad4dd46909

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1017B

MD5
27938a76a9c397e3bc3d4c83bc35d498

SHA1
c7c590beca7e6083fe9f7d56504a07bea87d81f2

SHA256
ec64ded7123d52e8b62b4ba818002dc335feeb4d73ea2597396bd1d5f610c7c1

SHA512
ab1673ddec9b62ab6631462fef2e1692087d8b30121e9c96dcced279e7d3c77817e3d66031cf3c29cde8a2d4757cac66bab980dcba584b4fe52a5d669b40995b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cb6919eb80ae9023a3e4bb6994492319

SHA1
7792b1c45e162043ebddc22d68c7f572c7494515

SHA256
4f2ddf4a993028c1d1770735e9d65da48bcf7ea7687e1f4406c91f0a1cf75f61

SHA512
1379a6223571cee2e3b1493d386a466275a3dc20daf0d9b00a2b3b71437f7b93ce795f928387554062a645bc0b8f9e727d582fcc5ade9ffdac2d28597d77f966

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e2807b741a331b56adf61ffa0324d4a5

SHA1
1d88c9834178dfd7610f5f8b3d23d0efb171cad9

SHA256
e0f904012f8bb35dd6df253bc17fef3b97c088fc8befe02adacaa70982d7297a

SHA512
371facb5d3c2486d18474ec78937c75a54bbcd4b96766a9e62acc5df64e66bfc2912e6017f5d464eb6a5986ab528549a9d1c140a9a68bf9bb1efa2c4d8686d3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5844a071e0e5a23c9334ef1d4b9e9436

SHA1
4ee3e42938a93d8348e335eb1782b68442638fc9

SHA256
f9d0284521b7ffcf616a744f2febee40fbd7dc83b3c4fb10427b405243cb50a7

SHA512
64ee94230506cda5141dce67201becb9b7b3bb0687ae1596b99500abd007426ddf3856ac5306342f8d6132f55611c88224eb6aabfac55dde2f5223df2f8a9a2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4156813567ddf07993269e8537c07ee6

SHA1
9590c11477d59d0b2610954045222437e1fe7611

SHA256
eaa051557f2ed25018ec93c32319e0bb24739d28cc9057bdcb10e81addf2b551

SHA512
ef5d634cc68896ea0c978de323003e66a6662800e3c36184fa0e2ed59d9f82f5c66442303a07ead3a1cdd49e59d3ea964d699d05a92d9f26d4f7aa2b8414e79b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
63612266424f252ac7bc93b494ca5684

SHA1
a900fd537a438b3b17b58955e45830625c23c2f2

SHA256
e58bb0c883cd9790cbbdc411f240a06a1657da3cd82a708eef859203cc3255f6

SHA512
56506368e30ae4c8cb553c35280a6ad00062fb038d19d8c0c95e7880a15f32f42bb8441ab7a67ebb438f563df6ecffff162b4e926d0ea7a3e5b36d21abb96d55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f6bfb998d101457f01fbfe878878f8d0

SHA1
3fce1603c70257d97d6e6b37fcea4e4c6bd0b074

SHA256
710897dbc384b53fb70d2e851ef5d6b1c2a51692323e76ec645a81797136284a

SHA512
1727b40897fd6ddc4cac20d88605515eee83aa72b2d5ad975701bceaa7ac93e99e9b82c83af71e618845aa4e9c3504544397e8ef1859d7d96995afb5504f2523

Download Submit