Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
11/05/2024, 02:49
Static task
static1
Behavioral task
behavioral1
Sample
3256730e3e4f4631e1a2297c031cc837_JaffaCakes118.html
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3256730e3e4f4631e1a2297c031cc837_JaffaCakes118.html
Resource
win10v2004-20240508-en
General
-
Target
3256730e3e4f4631e1a2297c031cc837_JaffaCakes118.html
-
Size
29KB
-
MD5
3256730e3e4f4631e1a2297c031cc837
-
SHA1
1ffdf929b10de360f50e980845cc996384bc5921
-
SHA256
fb0e5d9665836dc77cb329eb815e157411253d9d91e1e95280cf17c364f6bb20
-
SHA512
13ee7c2b93357f0ebf13a8c8b68a0aaecc0cdcdf5762a0a037354728535ba6e683c13186fa5c226240c16726e3d557f1beed51aa779ff427a1d6c2890dc871a9
-
SSDEEP
768:lapTBacTPyTV/BWi2N+NtjROtqI02Sjb6iXprytY:lapTBacTPyTV/BWiJjROtqI02Sjb6iXj
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1337824034-2731376981-3755436523-1000\{F054AB4B-824F-4573-A677-E2C4CB0A2B88} msedge.exe -
Suspicious behavior: EnumeratesProcesses 12 IoCs
pid Process 3320 msedge.exe 3320 msedge.exe 1464 msedge.exe 1464 msedge.exe 4528 msedge.exe 4528 msedge.exe 4420 identity_helper.exe 4420 identity_helper.exe 3188 msedge.exe 3188 msedge.exe 3188 msedge.exe 3188 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs
pid Process 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe 1464 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1464 wrote to memory of 1192 1464 msedge.exe 82 PID 1464 wrote to memory of 1192 1464 msedge.exe 82 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3884 1464 msedge.exe 84 PID 1464 wrote to memory of 3320 1464 msedge.exe 85 PID 1464 wrote to memory of 3320 1464 msedge.exe 85 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86 PID 1464 wrote to memory of 716 1464 msedge.exe 86
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3256730e3e4f4631e1a2297c031cc837_JaffaCakes118.html1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1464 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe6b1346f8,0x7ffe6b134708,0x7ffe6b1347182⤵PID:1192
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:22⤵PID:3884
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:3320
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2924 /prefetch:82⤵PID:716
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:12⤵PID:2164
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:12⤵PID:956
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:12⤵PID:4820
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:12⤵PID:2812
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:12⤵PID:1660
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3820 /prefetch:12⤵PID:4260
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:12⤵PID:1440
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:12⤵PID:2532
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:12⤵PID:2164
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:12⤵PID:1560
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:12⤵PID:2580
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6016 /prefetch:82⤵PID:4560
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6024 /prefetch:82⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
PID:4528
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8176 /prefetch:12⤵PID:3316
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 /prefetch:82⤵PID:3340
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:4420
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7284 /prefetch:12⤵PID:5072
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7340 /prefetch:12⤵PID:4580
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7344 /prefetch:12⤵PID:5040
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4324 /prefetch:12⤵PID:2008
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,13481923720240420227,10940889579071075469,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6124 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:3188
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4112
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3984
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5ce4c898f8fc7601e2fbc252fdadb5115
SHA101bf06badc5da353e539c7c07527d30dccc55a91
SHA256bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa
SHA51280fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c
-
Filesize
152B
MD54158365912175436289496136e7912c2
SHA1813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59
SHA256354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1
SHA51274b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3312d7ab-0363-46c1-a595-344a2e4c51ec.tmp
Filesize8KB
MD5cbcfc6bfc5c30ea1b006fb56af12859e
SHA12efe97db84a3b71b8079d17a951ac3f8bfe57583
SHA2560324ae289ed0f686299989d037fd5c40950e0f30e40fa59b9f205d13d58ade22
SHA512bd43a3843615452faa4f76f3e9157f6b98452a35318f32fad78ec17af439fac68f1c2d687046fa790e00c531e218db6b6661fe1d92e58800acab9c52d235fa57
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize1KB
MD5402bab2329df09c05766491298c53328
SHA1167b5a901410ec1635e2344b5c162d067496e74f
SHA256c2b954d6e7591a0755640a69191e445c5174a6b7699b245b8a0ea67f67304338
SHA5120fd0ecd3af0b2331c554d0075b22e7fa9a65738d86253cecd8836da1af72cdb4d3fd5f5f9ceca960ddae159429fec547fef5e25e0d82547ae6ecb8e45d1bd0ab
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize1KB
MD5a108f6fa98e03cb1d5db2f2ef248987e
SHA1a8605f4a2afa892ad76862de4a29ad9ea543e212
SHA2568cd08d260c6c2d0a91a83e18640607d54f9dc75bef18aae865a299d12578f449
SHA512a74f379c5ab15c6809164492ebfafaa807fe738953f44328c657ac7bb16b42d5d4c56ba4c9e5a6c324f0468945be5160a5b41bc6354d95748b2f45c7e7331660
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_best.aliexpress.com_0.indexeddb.leveldb\CURRENT
Filesize16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
6KB
MD5314309151229399ef17a91a078d4d321
SHA11f5ab76c79a75cd483bde6630c7c3b6ba6b7a0cd
SHA2563c853da3b7e9e75473984cadf69f6fd169983a20525207c8f8c827f9e1de5dfa
SHA5122ac46abf4aa12659e1e4839a7f823fbb1e9760a8aed6d2eaaa4265f97b28894733c01c1c9794d7632356107ff70d8ff433ef859e2b7065804974149fc7a08e59
-
Filesize
6KB
MD525cd4207e9428a0c683813bc104ee156
SHA180b7474185355b4832277a1e32e3c85ab0803995
SHA256e49825ed4d4b866949409350d54702008fc7896578e5f4c32d775f30d1d0c212
SHA5127e968515b65429279a7037fadfc4b7bc03fdc7875597b2f9e37f6c0cd4e984fe88eee4f745a6541666ea1a897cd49cd8c52787087ca3f6ebb181c7cc31be8e54
-
Filesize
7KB
MD52ea94b5c14dfa19df630c87e6f5988e2
SHA1c7303d1fd4b010e4785c0555954461ccf089f270
SHA2568d7e751d0995228eac2f94a77d291ee42a1a5b9ad5a3b59bc55f01787b63a71d
SHA5127c2945c9d722b7e154ea700a661d5d85500a73b12649cea5a582bdd87d0b3d0b7ed57f569c3e842282b85f9602ea094134a7c4757863223c1789a1782bae7ed5
-
Filesize
8KB
MD513042758b2d93b46ff88b0aec812cfb7
SHA182d24fdcd38c7924c4c4063bc9bd71845e83ecde
SHA2563d25a95c80020eceec802d286f633f79d4d5602093eafda662557c906019636e
SHA5122acf9b55b5fdac8909c61b64e6c77f427d44782b85ccd5efac51b04c437c0a5e558e7a3ba311c0b229f1136916517bb4f34887b46ac502d61f0633ce702f9c57
-
Filesize
8KB
MD53aa264111173dbbae98a2c1cefae1c82
SHA16555114dcd700ce4ae5c97cf3080a5308cb3ba4e
SHA25647171784f7b1e642024c47150c66ef85b9ff4f6d474d16a843276ceb3b91478f
SHA5129bb27222a569b4b1b35eee6eef90da6fe9008295187630514fddbdc973c78576a573f16eb26fc0076cc9bbcd6e65a56bbb5504ff2f3b0b518cbb9d171347e326
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize240B
MD5b23b0aaec3d4965bc8588327dce138b1
SHA18b7aed2f821d7002cf97d241f4a172335a2c24ac
SHA256556ac0c5026c9ac3c4573f8b39e80c1ab7e17d298db7ec274f9d9657f0517b27
SHA512b3196f43cc592b8845f16ae06818945d2c94490b26a649da2485423c9a1f4cfd957354a8b7242020882e6d11d57c1987805143de418813918f470d3e4516f434
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b650.TMP
Filesize48B
MD5e53942e750e32e97b4ebbf228bf6429b
SHA18f0cc8023dd2e0d10651beb5ad4a314f4a518eb2
SHA256c99db91363d92df02fe139ac91f6ebc1e5bbb76b00343dc4f5acda7c36fa1f07
SHA512538f9276eda0c825dd7b107531e2de7c2f257282105dce972c50433fcc2b86c166ff7c2f46e329725411d81b0cfe116a74a869772227c11c279a739f11823754
-
Filesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
Filesize
11KB
MD5afa111d1561677bfa72d8215bf84da9e
SHA1c19644eca866bec7cd8b20a3757b60988a766ee6
SHA256999ebc75024c0f37150e484dded2198f41f8a1b2be37857621401454e1958ca4
SHA512a119be721fcd804051adf5224ed5f2102f51d3456ad471bec27db9d0045f26197f40c56cc75ea2db32d8758899414673c6c3b72003d4964bdf4e94090805d6a9