d86cb9b27cb65630d504ce559871326f2169f56e800dd9c84fe7a00606a43815

Analysis

max time kernel
145s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
09-05-2024 15:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2abadd7758703a397dc81bc2c71fe1ed_JaffaCakes118.html
Size

175KB
MD5

2abadd7758703a397dc81bc2c71fe1ed
SHA1

bde64e6cd61d2d0cf486c5bb489096bd87eac959
SHA256

d86cb9b27cb65630d504ce559871326f2169f56e800dd9c84fe7a00606a43815
SHA512

6807c8f8871234286bbcdb9eb7e8097fa9569ec704184d6d5f439d38f3bf1a929e664e6790c99e92e5891144cfced1598a925dc705ec3c72469c5c347b2c3705
SSDEEP

1536:Sqtd8hd8Wu8pI8Cd8hd8dQg0H//3oS3wGNkFdYfBCJis5+aeTH+WK/Lf1/hmnVSV:S4oT3w/FYBCJi5m

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
916	msedge.exe
916	msedge.exe
4472	msedge.exe
4472	msedge.exe
948	identity_helper.exe
948	identity_helper.exe
4864	msedge.exe
4864	msedge.exe
4864	msedge.exe
4864	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe
4472	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4472 wrote to memory of 4160	4472	msedge.exe	83
PID 4472 wrote to memory of 4160	4472	msedge.exe	83
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 5092	4472	msedge.exe	84
PID 4472 wrote to memory of 916	4472	msedge.exe	85
PID 4472 wrote to memory of 916	4472	msedge.exe	85
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86
PID 4472 wrote to memory of 3752	4472	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2abadd7758703a397dc81bc2c71fe1ed_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8930846f8,0x7ff893084708,0x7ff893084718
  2⤵
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2316 /prefetch:2
  2⤵
  PID:5092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
  2⤵
  PID:3752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:2236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:1140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1
  2⤵
  PID:4988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:3972
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5788 /prefetch:8
  2⤵
  PID:988
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5788 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:4380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
  2⤵
  PID:3404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,9156467698996503925,12402187130169263450,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2444 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4864

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5048

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3120

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3896

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\3893536b-1904-4c33-a433-64ab96bb3888.tmp

Filesize
11KB

MD5
c21879d28f5e8f24ce94dc80f676cbda

SHA1
1846788bcc79a81a32871f2e604c867dd232c503

SHA256
86dc9ebc5353f8323b8f78a4ce3dc33e73c2c826ff1e0a1191c173784d7b36c7

SHA512
2aeb10a595fbe72c9fe85e7461b4f0d60f554497b24ed37d33bf43b71adb96239d2e309798be44d179329afa8fddb27f97c2c4636b6b86ff2727603fdb9d8862

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1ac52e2503cc26baee4322f02f5b8d9c

SHA1
38e0cee911f5f2a24888a64780ffdf6fa72207c8

SHA256
f65058c6f1a745b37a64d4c97a8e8ee940210273130cec97a67f568088b5d4d4

SHA512
7670d606bc5197ecb7db3ddaecd6f74a80e6decae92b94e0e8145a7f463fa099058e89f9dfa1c45b9197c36e5e21994698186a2ec970bbdb0937fe28ca46a834

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b2a1398f937474c51a48b347387ee36a

SHA1
922a8567f09e68a04233e84e5919043034635949

SHA256
2dc0bf08246ddd5a32288c895d676017578d792349ca437b1b36e7b2f0ade6d6

SHA512
4a660c0549f7a850e07d8d36dab33121af02a7bd7e9b2f0137930b4c8cd89b6c5630e408f882684e6935dcb0d5cb5e01a854950eeda252a4881458cafcc7ef7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
163f18ae021d5a7cb89aa003e89cd60d

SHA1
5a3f595a1a866a319c4c8a63f6233c8606dd3565

SHA256
08b89f7c154c5c55c5c35732cfbf2dfdab11e8dead6c03c189b61fe4f6bc3867

SHA512
df545d80915c18254bf3d1c6be378b61c60dab5fbef0c4dfc26378be1606140b9af6c18cfb384de851f6aab0e6276f37a0c164d3db58135a851ad961ee24b1e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
1c4119246757e6b7cc7b1a65070f035d

SHA1
a71d43bb7d3be33fda95b28055e73b383ca308a1

SHA256
5973d5a00f041311cc09cd26e33bbcd91f029fa71a14155e4a9301b536b4999e

SHA512
627493cf449f330383e6b29cbb726af74b082d98660d8f86608ad3341459757ff3533537e37b9e9beb2d9001b3ebad0c0c038ebcf67d061734bf4bd8a5c3b28c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
cd3b66a819b1f9639723cc0ba752ae2b

SHA1
4c91dbf6428de0087c76aa85cdadc81dadd42772

SHA256
69413ce28fea956a6f4c984b5bb5e0c14372c202c1c7f4f2820f35a985fa2d19

SHA512
53f73177521592b68d71ee9375731b56a0a70a761cd50266c07181523265e12abed8ed110eed467426229de9b26183443fc15c63b7a385b9828246500912e311

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
67f189d45ac3a9b2b3754bd96505afa8

SHA1
11e891d33feea0a87cbe4d9fd84691926a3ca8e4

SHA256
fc29afcb7226af13efb95703977414486fb727a63884482de7f1ecdb2258835a

SHA512
7004e28f1dda11278b81905241fd16f14d9567ad3456bbbd29821940d00826ed851665509c434fe6e566261fab43558446562fe1e9451e2b8a32f767426bf408

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ebe3143f-dda5-4326-bf7a-5ca29c71d065.tmp

Filesize
2KB

MD5
a27a071e937cd6e3fb298c63137f9a9b

SHA1
7b3a3e87920ffba3aec400158a664a6c884d4281

SHA256
55b6b95549c882bddd637cbe073a8bdd05b27641f73f6f829601b13c3fe1f589

SHA512
e0c14945f322aed882d5b5a60f96005da0f437eecfd8b8e05528f9b6268fb8375b69ecf7cc478b4a19be350d92040316ebb75fc363c42033224797e7d61a62ef

Download Submit