Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

2d9fc88c79...8.html

windows7-x64

1

2d9fc88c79...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/05/2024, 05:41 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2d9fc88c795bd4dbf7a3c116623b4db1_JaffaCakes118.html

  • Size

    90KB

  • MD5

    2d9fc88c795bd4dbf7a3c116623b4db1

  • SHA1

    a6ed26c0c204ae1599c6ba28307ba5e39f9c38a2

  • SHA256

    20c2ed89a36b41306bd4b27f0561573e91514aa1a67230688926afe8b755c510

  • SHA512

    002384eddba8d106021a11009b092d7240e07278712c69b111bd1fcef73815d72544e66ab6bc6c34ca63a21df3e17316f49e955e1171e5b481782f818f99a496

  • SSDEEP

    1536:5IHYMJQjrcmTTbbhh22IzaLeH1OVPF6rPrQM5rjr/rw/37bAQiLK:OHYMfVOVPFj37bATLK

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2d9fc88c795bd4dbf7a3c116623b4db1_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4788
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff80f8046f8,0x7ff80f804708,0x7ff80f804718
      2⤵
        PID:3120
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2008 /prefetch:2
        2⤵
          PID:4960
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2940
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2584 /prefetch:8
          2⤵
            PID:2332
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3172 /prefetch:1
            2⤵
              PID:4084
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
              2⤵
                PID:4048
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 /prefetch:8
                2⤵
                  PID:4560
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:2936
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
                  2⤵
                    PID:4404
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
                    2⤵
                      PID:3456
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
                      2⤵
                        PID:4416
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
                        2⤵
                          PID:1308
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1992,9405620257135779238,157112971864006444,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5396 /prefetch:2
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:3616
                      • C:\Windows\System32\CompPkgSrv.exe
                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                        1⤵
                          PID:652
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:4484

                          Network

                          • flag-us
                            DNS
                            s.w.org
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            s.w.org
                            IN A
                            Response
                            s.w.org
                            IN A
                            192.0.77.48
                          • flag-us
                            DNS
                            www.agamirbangladesh.com
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            www.agamirbangladesh.com
                            IN A
                            Response
                          • flag-gb
                            GET
                            http://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C500italic%2C400&ver=4.6.3
                            msedge.exe
                            Remote address:
                            216.58.204.74:80
                            Request
                            GET /css?family=Roboto%3A500%2C400italic%2C700%2C500italic%2C400&ver=4.6.3 HTTP/1.1
                            Host: fonts.googleapis.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Content-Type: text/css; charset=utf-8
                            Access-Control-Allow-Origin: *
                            Timing-Allow-Origin: *
                            Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
                            Expires: Fri, 10 May 2024 05:41:42 GMT
                            Date: Fri, 10 May 2024 05:41:42 GMT
                            Cache-Control: private, max-age=86400, stale-while-revalidate=604800
                            Last-Modified: Fri, 10 May 2024 05:41:42 GMT
                            Cross-Origin-Opener-Policy: same-origin-allow-popups
                            Cross-Origin-Resource-Policy: cross-origin
                            Content-Encoding: gzip
                            Transfer-Encoding: chunked
                            Server: ESF
                            X-XSS-Protection: 0
                            X-Frame-Options: SAMEORIGIN
                            X-Content-Type-Options: nosniff
                          • flag-gb
                            GET
                            http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=4.6.3
                            msedge.exe
                            Remote address:
                            216.58.204.74:80
                            Request
                            GET /css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=4.6.3 HTTP/1.1
                            Host: fonts.googleapis.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Content-Type: text/css; charset=utf-8
                            Access-Control-Allow-Origin: *
                            Timing-Allow-Origin: *
                            Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
                            Expires: Fri, 10 May 2024 05:41:42 GMT
                            Date: Fri, 10 May 2024 05:41:42 GMT
                            Cache-Control: private, max-age=86400, stale-while-revalidate=604800
                            Last-Modified: Fri, 10 May 2024 05:41:42 GMT
                            Cross-Origin-Resource-Policy: cross-origin
                            Cross-Origin-Opener-Policy: same-origin-allow-popups
                            Content-Encoding: gzip
                            Transfer-Encoding: chunked
                            Server: ESF
                            X-XSS-Protection: 0
                            X-Frame-Options: SAMEORIGIN
                            X-Content-Type-Options: nosniff
                          • flag-us
                            DNS
                            8.8.8.8.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            8.8.8.8.in-addr.arpa
                            IN PTR
                            Response
                            8.8.8.8.in-addr.arpa
                            IN PTR
                            dnsgoogle
                          • flag-us
                            DNS
                            20.160.190.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            20.160.190.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            79.190.18.2.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            79.190.18.2.in-addr.arpa
                            IN PTR
                            Response
                            79.190.18.2.in-addr.arpa
                            IN PTR
                            a2-18-190-79deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            74.204.58.216.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            74.204.58.216.in-addr.arpa
                            IN PTR
                            Response
                            74.204.58.216.in-addr.arpa
                            IN PTR
                            lhr25s13-in-f741e100net
                            74.204.58.216.in-addr.arpa
                            IN PTR
                            lhr48s49-in-f10�H
                            74.204.58.216.in-addr.arpa
                            IN PTR
                            lhr25s13-in-f10�H
                          • flag-us
                            DNS
                            195.212.58.216.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            195.212.58.216.in-addr.arpa
                            IN PTR
                            Response
                            195.212.58.216.in-addr.arpa
                            IN PTR
                            ams16s21-in-f1951e100net
                            195.212.58.216.in-addr.arpa
                            IN PTR
                            lhr25s27-in-f3�J
                            195.212.58.216.in-addr.arpa
                            IN PTR
                            ams16s21-in-f3�J
                          • flag-us
                            DNS
                            connect.facebook.net
                            Remote address:
                            8.8.8.8:53
                            Request
                            connect.facebook.net
                            IN A
                            Response
                            connect.facebook.net
                            IN CNAME
                            scontent.xx.fbcdn.net
                            scontent.xx.fbcdn.net
                            IN A
                            163.70.151.21
                          • flag-us
                            DNS
                            connect.facebook.net
                            Remote address:
                            8.8.8.8:53
                            Request
                            connect.facebook.net
                            IN A
                            Response
                            connect.facebook.net
                            IN CNAME
                            scontent.xx.fbcdn.net
                            scontent.xx.fbcdn.net
                            IN A
                            163.70.151.21
                          • flag-us
                            DNS
                            www.agamirbangladesh.com
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            www.agamirbangladesh.com
                            IN A
                            Response
                          • flag-us
                            DNS
                            86.23.85.13.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            86.23.85.13.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            15.164.165.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            15.164.165.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            172.210.232.199.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            172.210.232.199.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            101.58.20.217.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            101.58.20.217.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            240.221.184.93.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            240.221.184.93.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            43.229.111.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            43.229.111.52.in-addr.arpa
                            IN PTR
                            Response
                          • 216.58.204.74:80
                            http://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C500italic%2C400&ver=4.6.3
                            http
                            msedge.exe
                            753 B
                             1.8kB
                             8
                            8

                            HTTP Request

                            GET http://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C500italic%2C400&ver=4.6.3

                            HTTP Response

                            200
                          • 216.58.204.74:80
                            http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=4.6.3
                            http
                            msedge.exe
                            768 B
                             3.0kB
                             8
                            9

                            HTTP Request

                            GET http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=4.6.3

                            HTTP Response

                            200
                          • 216.58.212.195:80
                            fonts.gstatic.com
                            msedge.exe
                            236 B
                             208 B
                             5
                            4
                          • 163.70.151.21:445
                            connect.facebook.net
                            260 B
                             5
                          • 163.70.151.21:139
                            connect.facebook.net
                            260 B
                             5
                          • 8.8.8.8:53
                            s.w.org
                            dns
                            msedge.exe
                            53 B
                             69 B
                             1
                            1

                            DNS Request

                            s.w.org

                            DNS Response

                            192.0.77.48

                          • 8.8.8.8:53
                            www.agamirbangladesh.com
                            dns
                            msedge.exe
                            70 B
                             70 B
                             1
                            1

                            DNS Request

                            www.agamirbangladesh.com

                          • 8.8.8.8:53
                            8.8.8.8.in-addr.arpa
                            dns
                            66 B
                             90 B
                             1
                            1

                            DNS Request

                            8.8.8.8.in-addr.arpa

                          • 8.8.8.8:53
                            20.160.190.20.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            20.160.190.20.in-addr.arpa

                          • 8.8.8.8:53
                            79.190.18.2.in-addr.arpa
                            dns
                            70 B
                             133 B
                             1
                            1

                            DNS Request

                            79.190.18.2.in-addr.arpa

                          • 8.8.8.8:53
                            74.204.58.216.in-addr.arpa
                            dns
                            72 B
                             171 B
                             1
                            1

                            DNS Request

                            74.204.58.216.in-addr.arpa

                          • 8.8.8.8:53
                            195.212.58.216.in-addr.arpa
                            dns
                            73 B
                             171 B
                             1
                            1

                            DNS Request

                            195.212.58.216.in-addr.arpa

                          • 8.8.8.8:53
                            connect.facebook.net
                            dns
                            66 B
                             114 B
                             1
                            1

                            DNS Request

                            connect.facebook.net

                            DNS Response

                            163.70.151.21

                          • 8.8.8.8:53
                            connect.facebook.net
                            dns
                            66 B
                             114 B
                             1
                            1

                            DNS Request

                            connect.facebook.net

                            DNS Response

                            163.70.151.21

                          • 224.0.0.251:5353
                            msedge.exe
                            458 B
                             7
                          • 8.8.8.8:53
                            www.agamirbangladesh.com
                            dns
                            msedge.exe
                            70 B
                             70 B
                             1
                            1

                            DNS Request

                            www.agamirbangladesh.com

                          • 8.8.8.8:53
                            86.23.85.13.in-addr.arpa
                            dns
                            70 B
                             144 B
                             1
                            1

                            DNS Request

                            86.23.85.13.in-addr.arpa

                          • 8.8.8.8:53
                            15.164.165.52.in-addr.arpa
                            dns
                            72 B
                             146 B
                             1
                            1

                            DNS Request

                            15.164.165.52.in-addr.arpa

                          • 8.8.8.8:53
                            172.210.232.199.in-addr.arpa
                            dns
                            74 B
                             128 B
                             1
                            1

                            DNS Request

                            172.210.232.199.in-addr.arpa

                          • 8.8.8.8:53
                            101.58.20.217.in-addr.arpa
                            dns
                            72 B
                             132 B
                             1
                            1

                            DNS Request

                            101.58.20.217.in-addr.arpa

                          • 8.8.8.8:53
                            240.221.184.93.in-addr.arpa
                            dns
                            73 B
                             144 B
                             1
                            1

                            DNS Request

                            240.221.184.93.in-addr.arpa

                          • 8.8.8.8:53
                            43.229.111.52.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            43.229.111.52.in-addr.arpa

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                            Filesize

                            152B

                            MD5

                            56641592f6e69f5f5fb06f2319384490

                            SHA1

                            6a86be42e2c6d26b7830ad9f4e2627995fd91069

                            SHA256

                            02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

                            SHA512

                            c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                            Filesize

                            152B

                            MD5

                            612a6c4247ef652299b376221c984213

                            SHA1

                            d306f3b16bde39708aa862aee372345feb559750

                            SHA256

                            9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

                            SHA512

                            34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            6KB

                            MD5

                            0ab1518b75d988c395eb114e60ec9e51

                            SHA1

                            29268b864f12125cba999b6cb81a62f1c5edff33

                            SHA256

                            720c14c7bdb164051a60d97495e98b3b9ca47c21fb62e1bbe4411f974789e9f0

                            SHA512

                            b20f031722f8f3d73cea8de067b240e6e1b9a7f5dad9e1f30e8ab93b61a2775d3b8299ed82b3cb8a44762415fd87898c64c7fd97e98e82fb907f1d548d259ecc

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            6KB

                            MD5

                            027388d9391849542c7f5e8476597d66

                            SHA1

                            da4a074714b16c646bcd727219592a7279267c03

                            SHA256

                            d0332b6f36f5508cce5d10b24aa37a710e334cedd0ccbef671f2abd547b50506

                            SHA512

                            2119c87ad31cc4d515cea39914f9601b37e348efce6f1ab09d6bd565376cceb049648140fd89a2e399b80fd51f863fd024bf6261cb389c39e67eea7fda3fbedd

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                            Filesize

                            16B

                            MD5

                            6752a1d65b201c13b62ea44016eb221f

                            SHA1

                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                            SHA256

                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                            SHA512

                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                            Filesize

                            11KB

                            MD5

                            8203fb12de7d92912566815591ac2d85

                            SHA1

                            ee64818cd899a5d1c27399451585a56451e0b34e

                            SHA256

                            13d7b6811b9359510b3271ad5471b5ab6527d741150770be62ec7511397a1d52

                            SHA512

                            cef96641e68a1a93d8384ee26bd7a51958e26fba0a73e8228185f178a0db2e26c757d1d83ebdf44771589d2345f4c58fa30c50c2884dca9de66be6c5b0ed0e7c

                            Download Submit

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.