Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

29526e711b...8.html

windows7-x64

1

29526e711b...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/05/2024, 09:27 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    29526e711b9a763872f22693df49fa37_JaffaCakes118.html

  • Size

    23KB

  • MD5

    29526e711b9a763872f22693df49fa37

  • SHA1

    56c63ed2d75a748e2d7a5aa05a9a7b4e56474eff

  • SHA256

    52f34c5ae30825b6f70f12f513859be47b5718a30136f4c7e9e3b4dccc429ba2

  • SHA512

    579b5e29aa5f0653f18bf5aba6cde6d4ffa3b93b89e5e095bc11df361bab60dbb59fbbb6733074802b457a8e2e201962c9e707b20fba4d38c7f37970126c03b6

  • SSDEEP

    192:uWbEb5nIM1nQjxn5Q/TnQieyNnvnQOkEntZ9nQTbnBnQ4CnQtwwMBSqnYnQ7tn63:KeQ//E3

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\29526e711b9a763872f22693df49fa37_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1392
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffffe346f8,0x7fffffe34708,0x7fffffe34718
      2⤵
        PID:1368
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
        2⤵
          PID:3572
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2536
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
          2⤵
            PID:4540
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
            2⤵
              PID:1016
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
              2⤵
                PID:4708
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 /prefetch:8
                2⤵
                  PID:2648
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:1596
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
                  2⤵
                    PID:2832
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
                    2⤵
                      PID:3224
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
                      2⤵
                        PID:1452
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
                        2⤵
                          PID:4304
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,4566748836478044365,6522277939119803910,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5464 /prefetch:2
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:1996
                      • C:\Windows\System32\CompPkgSrv.exe
                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                        1⤵
                          PID:1804
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:2172

                          Network

                          • flag-us
                            DNS
                            cdd.net.ua
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            cdd.net.ua
                            IN A
                            Response
                            cdd.net.ua
                            IN A
                            89.184.88.6
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/stylesheet.css
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/stylesheet.css HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/store_logo.png
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/store_logo.png HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/header_checkout.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/header_checkout.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/header_cart.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/header_cart.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/infobox/corner_left.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/infobox/corner_left.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/pixel_trans.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/pixel_trans.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/back.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/back.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/header_account.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/header_account.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_continue.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/includes/languages/russian/images/buttons/button_continue.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/infobox/arrow_right.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/infobox/corner_right_left.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/infobox/corner_right.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/infobox/corner_right.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/includes/languages/russian/images/buttons/button_quick_find.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/rev.jpg
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/rev.jpg HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/includes/languages/russian/images/icon.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/includes/languages/english/images/icon.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Thu, 09 May 2024 09:27:27 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-us
                            DNS
                            0.159.190.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            0.159.190.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            6.88.184.89.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            6.88.184.89.in-addr.arpa
                            IN PTR
                            Response
                            6.88.184.89.in-addr.arpa
                            IN PTR
                            svh16mirohostnet
                          • flag-us
                            DNS
                            g.bing.com
                            Remote address:
                            8.8.8.8:53
                            Request
                            g.bing.com
                            IN A
                            Response
                            g.bing.com
                            IN CNAME
                            g-bing-com.dual-a-0034.a-msedge.net
                            g-bing-com.dual-a-0034.a-msedge.net
                            IN CNAME
                            dual-a-0034.a-msedge.net
                            dual-a-0034.a-msedge.net
                            IN A
                            204.79.197.237
                            dual-a-0034.a-msedge.net
                            IN A
                            13.107.21.237
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=63dfd28c7ca049ce8ab1594af1fb80d1&localId=w:F7A0D56A-F9D0-CE0C-24BD-E32EA7746E44&deviceId=6825829383594079&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=63dfd28c7ca049ce8ab1594af1fb80d1&localId=w:F7A0D56A-F9D0-CE0C-24BD-E32EA7746E44&deviceId=6825829383594079&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MUID=30F39B3FE9EE6930366E8F45E8C968F7; domain=.bing.com; expires=Tue, 03-Jun-2025 09:27:28 GMT; path=/; SameSite=None; Secure; Priority=High;
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 086A0BAA53644B25B34E75FFEA724555 Ref B: LON04EDGE0718 Ref C: 2024-05-09T09:27:28Z
                            date: Thu, 09 May 2024 09:27:27 GMT
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=63dfd28c7ca049ce8ab1594af1fb80d1&localId=w:F7A0D56A-F9D0-CE0C-24BD-E32EA7746E44&deviceId=6825829383594079&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=63dfd28c7ca049ce8ab1594af1fb80d1&localId=w:F7A0D56A-F9D0-CE0C-24BD-E32EA7746E44&deviceId=6825829383594079&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=30F39B3FE9EE6930366E8F45E8C968F7
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MSPTC=TdIvb9r9gVqkCnJA3I_0aum4rnr11c15sZR5Buz99hg; domain=.bing.com; expires=Tue, 03-Jun-2025 09:27:28 GMT; path=/; Partitioned; secure; SameSite=None
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 1587CE8166044EF1A353CF24DC0678DD Ref B: LON04EDGE0718 Ref C: 2024-05-09T09:27:28Z
                            date: Thu, 09 May 2024 09:27:28 GMT
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=63dfd28c7ca049ce8ab1594af1fb80d1&localId=w:F7A0D56A-F9D0-CE0C-24BD-E32EA7746E44&deviceId=6825829383594079&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=63dfd28c7ca049ce8ab1594af1fb80d1&localId=w:F7A0D56A-F9D0-CE0C-24BD-E32EA7746E44&deviceId=6825829383594079&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=30F39B3FE9EE6930366E8F45E8C968F7; MSPTC=TdIvb9r9gVqkCnJA3I_0aum4rnr11c15sZR5Buz99hg
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 4C2F8531DACD4BBB9DBE7DF8E1602522 Ref B: LON04EDGE0718 Ref C: 2024-05-09T09:27:28Z
                            date: Thu, 09 May 2024 09:27:28 GMT
                          • flag-be
                            GET
                            https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                            Remote address:
                            88.221.83.209:443
                            Request
                            GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
                            host: www.bing.com
                            accept: */*
                            cookie: MUID=30F39B3FE9EE6930366E8F45E8C968F7; MSPTC=TdIvb9r9gVqkCnJA3I_0aum4rnr11c15sZR5Buz99hg
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-type: image/png
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            content-length: 1107
                            date: Thu, 09 May 2024 09:27:29 GMT
                            alt-svc: h3=":443"; ma=93600
                            x-cdn-traceid: 0.cd53dd58.1715246849.fab37fb
                          • flag-us
                            DNS
                            237.197.79.204.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            237.197.79.204.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            209.83.221.88.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            209.83.221.88.in-addr.arpa
                            IN PTR
                            Response
                            209.83.221.88.in-addr.arpa
                            IN PTR
                            a88-221-83-209deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            26.165.165.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            26.165.165.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            56.126.166.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            56.126.166.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            172.210.232.199.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            172.210.232.199.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            240.221.184.93.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            240.221.184.93.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            43.229.111.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            43.229.111.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            0.204.248.87.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            0.204.248.87.in-addr.arpa
                            IN PTR
                            Response
                            0.204.248.87.in-addr.arpa
                            IN PTR
                            https-87-248-204-0lhrllnwnet
                          • flag-us
                            DNS
                            9.173.189.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            9.173.189.20.in-addr.arpa
                            IN PTR
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/stylesheet.css
                            http
                            msedge.exe
                            561 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/stylesheet.css

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/store_logo.png
                            http
                            msedge.exe
                            603 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/store_logo.png

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/header_checkout.gif
                            http
                            msedge.exe
                            608 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/header_checkout.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/header_cart.gif
                            http
                            msedge.exe
                            604 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/header_cart.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/infobox/corner_left.gif
                            http
                            msedge.exe
                            612 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/infobox/corner_left.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/pixel_trans.gif
                            http
                            msedge.exe
                            604 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/pixel_trans.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/back.gif
                            http
                            msedge.exe
                            597 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/back.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/header_account.gif
                            http
                            msedge.exe
                            607 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/header_account.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_continue.gif
                            http
                            msedge.exe
                            643 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_continue.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif
                            http
                            msedge.exe
                            612 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif
                            http
                            msedge.exe
                            618 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/infobox/corner_right.gif
                            http
                            msedge.exe
                            613 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/infobox/corner_right.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif
                            http
                            msedge.exe
                            645 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/rev.jpg
                            http
                            msedge.exe
                            596 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/rev.jpg

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif
                            http
                            msedge.exe
                            624 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif
                            http
                            msedge.exe
                            624 B
                             536 B
                             5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif

                            HTTP Response

                            404
                          • 204.79.197.237:443
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=63dfd28c7ca049ce8ab1594af1fb80d1&localId=w:F7A0D56A-F9D0-CE0C-24BD-E32EA7746E44&deviceId=6825829383594079&anid=
                            tls, http2
                            2.0kB
                             9.2kB
                             22
                            19

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=63dfd28c7ca049ce8ab1594af1fb80d1&localId=w:F7A0D56A-F9D0-CE0C-24BD-E32EA7746E44&deviceId=6825829383594079&anid=

                            HTTP Response

                            204

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=63dfd28c7ca049ce8ab1594af1fb80d1&localId=w:F7A0D56A-F9D0-CE0C-24BD-E32EA7746E44&deviceId=6825829383594079&anid=

                            HTTP Response

                            204

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=63dfd28c7ca049ce8ab1594af1fb80d1&localId=w:F7A0D56A-F9D0-CE0C-24BD-E32EA7746E44&deviceId=6825829383594079&anid=

                            HTTP Response

                            204
                          • 88.221.83.209:443
                            https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                            tls, http2
                            1.5kB
                             6.4kB
                             17
                            12

                            HTTP Request

                            GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

                            HTTP Response

                            200
                          • 8.8.8.8:53
                            cdd.net.ua
                            dns
                            msedge.exe
                            56 B
                             72 B
                             1
                            1

                            DNS Request

                            cdd.net.ua

                            DNS Response

                            89.184.88.6

                          • 8.8.8.8:53
                            0.159.190.20.in-addr.arpa
                            dns
                            71 B
                             157 B
                             1
                            1

                            DNS Request

                            0.159.190.20.in-addr.arpa

                          • 8.8.8.8:53
                            6.88.184.89.in-addr.arpa
                            dns
                            70 B
                             102 B
                             1
                            1

                            DNS Request

                            6.88.184.89.in-addr.arpa

                          • 8.8.8.8:53
                            g.bing.com
                            dns
                            56 B
                             151 B
                             1
                            1

                            DNS Request

                            g.bing.com

                            DNS Response

                            204.79.197.237
                            13.107.21.237

                          • 8.8.8.8:53
                            237.197.79.204.in-addr.arpa
                            dns
                            73 B
                             143 B
                             1
                            1

                            DNS Request

                            237.197.79.204.in-addr.arpa

                          • 8.8.8.8:53
                            209.83.221.88.in-addr.arpa
                            dns
                            72 B
                             137 B
                             1
                            1

                            DNS Request

                            209.83.221.88.in-addr.arpa

                          • 224.0.0.251:5353
                            517 B
                             8
                          • 8.8.8.8:53
                            26.165.165.52.in-addr.arpa
                            dns
                            72 B
                             146 B
                             1
                            1

                            DNS Request

                            26.165.165.52.in-addr.arpa

                          • 8.8.8.8:53
                            56.126.166.20.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            56.126.166.20.in-addr.arpa

                          • 8.8.8.8:53
                            172.210.232.199.in-addr.arpa
                            dns
                            74 B
                             128 B
                             1
                            1

                            DNS Request

                            172.210.232.199.in-addr.arpa

                          • 8.8.8.8:53
                            240.221.184.93.in-addr.arpa
                            dns
                            73 B
                             144 B
                             1
                            1

                            DNS Request

                            240.221.184.93.in-addr.arpa

                          • 8.8.8.8:53
                            43.229.111.52.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            43.229.111.52.in-addr.arpa

                          • 8.8.8.8:53
                            0.204.248.87.in-addr.arpa
                            dns
                            71 B
                             116 B
                             1
                            1

                            DNS Request

                            0.204.248.87.in-addr.arpa

                          • 8.8.8.8:53
                            9.173.189.20.in-addr.arpa
                            dns
                            71 B
                             1

                            DNS Request

                            9.173.189.20.in-addr.arpa

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                            Filesize

                            152B

                            MD5

                            ce4c898f8fc7601e2fbc252fdadb5115

                            SHA1

                            01bf06badc5da353e539c7c07527d30dccc55a91

                            SHA256

                            bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

                            SHA512

                            80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                            Filesize

                            152B

                            MD5

                            4158365912175436289496136e7912c2

                            SHA1

                            813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

                            SHA256

                            354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

                            SHA512

                            74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\62035fc6-7d69-4c42-a470-34115f3a4d46.tmp
                            Filesize

                            6KB

                            MD5

                            bd3d593d1b07d0deeaa0d76e2856593f

                            SHA1

                            98404e706543d40c6920bd161e2ca61a64cb1d7e

                            SHA256

                            b8d9c5ff24613739ce56a16eff74c6f19d42146499fb82d388cc8ab200466184

                            SHA512

                            0e238abf77e087061dd6737d7bd15929d5a925b1ff41fb8368a6d87059541a0f5408f5c22256c350c1ae0763e230a6f49bf9682cccb937bb2a595d32c540016e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            6KB

                            MD5

                            f0de2facd2de21eea32096ae5685042c

                            SHA1

                            204659fdb8bf13cacfb6148a01ab3dcf23cb2b6b

                            SHA256

                            580bf5e0751cce6e33ee8dba08261bc6a504729d5626e3c761a674ada1ed6515

                            SHA512

                            b9512fc38774395a8f3d8a0296cea74f72926602afb449029dd65b89b1f73c43d3206d81f7f9843b50f9614266859ab7ee0d1feb7f9cdf1f129d0c02ed232631

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                            Filesize

                            16B

                            MD5

                            206702161f94c5cd39fadd03f4014d98

                            SHA1

                            bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                            SHA256

                            1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                            SHA512

                            0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                            Filesize

                            16B

                            MD5

                            46295cac801e5d4857d09837238a6394

                            SHA1

                            44e0fa1b517dbf802b18faf0785eeea6ac51594b

                            SHA256

                            0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                            SHA512

                            8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                            Filesize

                            11KB

                            MD5

                            83ca637365a77b672378229124e1532a

                            SHA1

                            a6b6b507f220eef6fbc7ec40700b7b81c4e319f1

                            SHA256

                            3743373e2bcfdfe8779584b36b07ac58b4927c8161e76b0a13582f409fb67ec8

                            SHA512

                            d73f369f1fbdce2ab5df7f2ad7b671c1c5cafd91bf35ea94af07515c0555be7337155384f9b2386cac9dcd758108d01a25f8afb5f01cb5e5a5d103abda607221

                            Download Submit

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.