6622c8a0f1c9a2b87ef1d3041f1f04748b2260f86c3d857246828e297a899940

Analysis

max time kernel
145s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
09/05/2024, 10:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2984ff98278d7a5e27c5b8dffaa9877a_JaffaCakes118.html
Size

162KB
MD5

2984ff98278d7a5e27c5b8dffaa9877a
SHA1

ba1ac2f54cdd20b3b1e7ff6191b2d3b7c78c02f5
SHA256

6622c8a0f1c9a2b87ef1d3041f1f04748b2260f86c3d857246828e297a899940
SHA512

9b25753acda0d6bf5d3401cb2587b8467bd0cd4dc5728d239fa8d9ecbd1334c8aa85910afffbe5f8ad907122214cd376f9ef4fc3269dfbfeedde1cbcda1fc629
SSDEEP

3072:12IQp5+HI0viE4CHXLz+dfMu2lAcrBPgKMtvHE:cTCNBP3

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3204	msedge.exe
3204	msedge.exe
5116	msedge.exe
5116	msedge.exe
380	identity_helper.exe
380	identity_helper.exe
4988	msedge.exe
4988	msedge.exe
4988	msedge.exe
4988	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5116 wrote to memory of 1284	5116	msedge.exe	81
PID 5116 wrote to memory of 1284	5116	msedge.exe	81
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 4716	5116	msedge.exe	82
PID 5116 wrote to memory of 3204	5116	msedge.exe	83
PID 5116 wrote to memory of 3204	5116	msedge.exe	83
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84
PID 5116 wrote to memory of 3760	5116	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2984ff98278d7a5e27c5b8dffaa9877a_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc4d6946f8,0x7ffc4d694708,0x7ffc4d694718
  2⤵
  PID:1284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:4716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
  2⤵
  PID:3760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2208 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:2692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
  2⤵
  PID:2688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
  2⤵
  PID:1396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7128 /prefetch:8
  2⤵
  PID:724
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7128 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6708 /prefetch:1
  2⤵
  PID:3136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1
  2⤵
  PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6268 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:2412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,7935759976202119771,17473627887975532226,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6200 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4988

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3236

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1984

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
aa2d309350b2a1dc1718bdf3911f0663

SHA1
5891348cf289c8df73bae3fd1756ddb8dc01bba4

SHA256
260271d044cfcca3e0892837df66e41e5fda44823ce3c41490d3f7e93a3277a7

SHA512
407dd7f975336afa3b901d15241503187ed8b6b3e585c0f88bb745281d4e7ea7ce0ea22eeca8ab86be4c40ed16a150de9195271f7be91bd9427a9b322ae86d7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
a35216f64f869bb05762547e195a5450

SHA1
7d2f148f147d333b98b473a25fab1feef9a44850

SHA256
5069e2d6dec26f71879d2ebca840cee233d6022397e908275a91020c1375f01e

SHA512
cc98073b3823150141402c9db303b34916dc5848c53418530a1cca48fbed81601a657d32de98656de71bddcfcd257fa37e5466161a7ed39f88223b042cfbbac3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
51f1885df2d6ac39643ff19d9bae16cb

SHA1
b9a2fed47736cf44675bfda8908fba24c3c859c7

SHA256
70b62ab7e8da6a00109b8e0d40aab71b99a838f258a8a6026c422f2aee7e8697

SHA512
af204363320c0fca90ebbe72d4479db4d90841e26a43b011ec23bd040dba9ec80b6fff428fbb85c1c194bf1df8eae6429bd8fe045991bbdd1c365efffe8b7ebb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
f25b13f6da7a648640ee225508680420

SHA1
22932c98a25d4214c35f2aa40678032a0e56081d

SHA256
fe1addcc127ea083d8cbf8a40c04e8c4ee29865efcadb6763177190c6e6ee164

SHA512
bc315538db8e6b6f4b9fa5cd68baaec306fb633d92a1797f6c00cfab46c0b4861c51135c915c72910f1a2ed56b8db86ca28aa45f3ab60062b7742f9eca8f3813

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
47f99b26c630f68889e4463bc505fc9c

SHA1
ce02b665babc074d56ca59e19abcd50ca60dd478

SHA256
556a4e59fbc5e2b71936ac721a639332708af48d126517a6e31bb085c992a9e3

SHA512
6cc3cb1384346275daeceb5601bad7c776434fb8e2906e90be55cfa5f1cfbe21066b31c925c5e3321e72472c8da2f4ca663309a73b17e7d656b9e7300cd9f8e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4d2997ecdd15a2eaa80666c9a9a04ea3

SHA1
300e1aa2a78afbda2a0c86627a2eed088469fbc2

SHA256
2d283edb1dbac75148a3eab471484670c060a12883a9a8d2770d3c5eda9918f3

SHA512
9e361b9307dcb22ec374830543989073662c9db8da206d13505cda56870a45625f4720a16c9c9e06833c23f110e58ac16d50364da2bd0937f9bfcd839afd6b42

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0a08638e803472bcda82efa8036721cf

SHA1
86f7793959ec5d37ffadd838a0135b511d04f25a

SHA256
10eb558a0725db4c43ad46b450e97c98fcf54d907f4dc12df08f401ff3e804d9

SHA512
ffc3350937ad561a848f441ab28e50b3bdfd73ae65aea357b8ee69daffc9749b5812a11dd4d88e1f21aca6c97b73c2d77f525d3fc3aaf152c756727665206178

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ad2fbf61c072424b2bfef1ed5b4c0dfb

SHA1
b87b935c4d419786f3041fbb3b71fa63805b404f

SHA256
4b1f0c9d6aead0a30e1c6b620fa613b248791d7f2ffa21b5115c5978a05114b0

SHA512
c62afb9ce5221fb971e55f326cccbb0408a33065edc113eb502ac09632d120c427a1ebd489d79711a20c575b4076a9b8c2a04109355379877d2ac20bf887d100

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d43c8dd6526760f7e31b72c34f8dff66

SHA1
d7c5185c636f087a37ade6b991c42408dcf485e1

SHA256
99e94137da8c2af8ba70fcaad4e2b22cde2cb595d5bb882cc2f6e2bfb87a89b3

SHA512
91cac0bb4a705cf029e7469a2bafe8a9217fa2307f2d4e425e42e9240041b3611a1a579bc8cfc9c614514c42f6ac3836e0572e4079d54e95aa78ed18271e3304

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
6b55422ca250239b1a6cdb04058b2c88

SHA1
09faafd70f4f748bf1b333582c8f718f09805c38

SHA256
a95432c2d13f3ab6084de68e5c09bcc9065cb6979cce08ab86b72c2c63fc331d

SHA512
e827690879fc75a63373ac1df8fd6ba303a4327bbdfc47a68f27d3dcd84f562d171d61b6194071a1e106b3bad96107daec73b2350a244f0b9c4a5e89ce803418

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57dc56.TMP

Filesize
372B

MD5
1939dd94b024e6400f053bd506df9cd6

SHA1
c5ebbcda2695bbebd7a5378736e2bd103a548bd6

SHA256
859f1ae235a80fcbefbd67550d5a9698f206c377f2b5f89b1813a75f136d82e9

SHA512
e793bf1e34a8c69d2b54838ff77e7e34de08c1ecef834abb1c50b7f44106a0e0c947766713fabf6ce26a44bb1f0203a32bf58748e7efc04085a76209d3e8ce53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
83979bf92820789977b969a260e2fb44

SHA1
7fed55ef9ef0ba5c67e999bb2798fce14f90d74c

SHA256
686a0e547c9db17da91d3dd51663b3e9b8b2057fd70d78535fa9e09595dc2e8c

SHA512
35c90edf0ab7d769814eed3ca1d40cb7adf72e60c6357b76e4101c1b98dd38943e4aa67e784badd85eadeae77a3bf50fe12c1d558cc4b7fdd0b0101f42e2a8be

Download Submit