d354500b8a99f8fc8b91b90f06b90b79b43e747f8ae7be85dd94d7d61abafea0

Analysis

max time kernel
145s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
11/05/2024, 11:38

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

3467ec8467c3e2c94ee4f1f1b8642c13_JaffaCakes118.html
Size

81KB
MD5

3467ec8467c3e2c94ee4f1f1b8642c13
SHA1

8178fdef1a894bdfde02f26470e7204e270526c5
SHA256

d354500b8a99f8fc8b91b90f06b90b79b43e747f8ae7be85dd94d7d61abafea0
SHA512

5f615863f748784a38aaa7dec29315847581de60bb57ecb478e40a32c228003b02d6cc0441860b2d5090af1448baae7aa8d73d81c7d976effce48e214958d3da
SSDEEP

1536:3UTSXHzGrh4MO3aORBOgeeDEUeeg5OvOxueWT7EWt1:3UOXTKGr3hRApOGxY7EWt1

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3232	msedge.exe
3232	msedge.exe
2392	msedge.exe
2392	msedge.exe
2424	identity_helper.exe
2424	identity_helper.exe
4160	msedge.exe
4160	msedge.exe
4160	msedge.exe
4160	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe
2392	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2392 wrote to memory of 2628	2392	msedge.exe	84
PID 2392 wrote to memory of 2628	2392	msedge.exe	84
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 396	2392	msedge.exe	85
PID 2392 wrote to memory of 3232	2392	msedge.exe	86
PID 2392 wrote to memory of 3232	2392	msedge.exe	86
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87
PID 2392 wrote to memory of 2792	2392	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3467ec8467c3e2c94ee4f1f1b8642c13_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff1b9846f8,0x7fff1b984708,0x7fff1b984718
  2⤵
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
  2⤵
  PID:2792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
  2⤵
  PID:1208
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6944 /prefetch:8
  2⤵
  PID:920
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6944 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
  2⤵
  PID:2588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
  2⤵
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4160 /prefetch:1
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,16572493106769340737,11153676228689852950,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7092 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4160

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4108

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5032

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ae54e9db2e89f2c54da8cc0bfcbd26bd

SHA1
a88af6c673609ecbc51a1a60dfbc8577830d2b5d

SHA256
5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

SHA512
e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f53207a5ca2ef5c7e976cbb3cb26d870

SHA1
49a8cc44f53da77bb3dfb36fc7676ed54675db43

SHA256
19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

SHA512
be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\27c85167-c9dd-4672-a705-d928681fe994.tmp

Filesize
7KB

MD5
0ea11edd4b22170d10477f4e301e4588

SHA1
0012df2b6c18d5fee2630b5472a3f08779af6c2f

SHA256
6a485b185100a7bd0e084f13c6d42a9a814d8cbda0d6a39414c5e3867c754d7b

SHA512
d11abe7f30c536c789241d59c52a22d6f160d7d81ac8e9eb8c593bbad1782ada4000d37dd64c12f4626c1682fd504e671ead6c830806c3c6bbf58e034a8c840a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
20KB

MD5
b6c8122025aff891940d1d5e1ab95fce

SHA1
a0c7ca41d0922d085c358f5dde81ae3e85a8c9c4

SHA256
9954c64c68000f615e5066bc255eced1195d1f8b7dbc715f9062ddf9f147e87e

SHA512
e62a37b55b6b8d95c24fb624105ff6ff72f118e31760d0da1e8df8e8acf627ec6327c26dfa26df8535585877604c7948d2f621ccabc39beec49787e22c302c10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
04c9fcc5b34e27bd36125e99895a5761

SHA1
84871a72ebc06d2a82c2919731c158363bfa9da4

SHA256
2c360389af5fa3445817a5ba1fa983a96e0d6679ec173edabfdb6dee819b6919

SHA512
bdf55dc0a9890461838fb0d799514aff584b8130824eb890e0bc58ad776760ced813f392b03f4f195f58d9d6cbfb9c33ed0d9a5adb43bbd1dee3801bab1c5768

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
17dd533dc4bffcb54b024b6b2d0f37d9

SHA1
06371cf248e6282cfd79b9bd0370851a75e0f003

SHA256
1c8b92081fac8a6c5148c24a4de75f11ed746097a79626d0a3fa23af3133bee7

SHA512
4c9f98c781da84efdf5520e3ffe014abc6588173fda79fbda9203dd008a0209fd5b3b55583372cecc74b7cde18f2883eaa50e842d97317860a35e041d2f52301

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
6d95a92a1fcb38709961663f54aed0b2

SHA1
1c7fb10ff5b19f35980f65b97ab7fc16d0eaacfd

SHA256
0a9120be94f55660bbe4b867aa9b80291d93e8a91d91a6e6ea11028c72897140

SHA512
3f62e589a849806e17273dc726c18e19b12045f30a9bef398f92d727babb135ef85c67cd85648e4dbf2ba3e15dcfd057cb55ac3d17e283ced8f1951ce33390bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
7bbfec34c7dc33eef1456ed5724a6f94

SHA1
9a82309e95298d756a3f3784f99c38f2ceb0ae1f

SHA256
09e178887eeb90a193a06c90114c3fd270f315efaf404b67d81d7b74a4d45874

SHA512
9d21ccb94aca1d8cda223a0d78f46fc6915bbf868f5b1a6667f671cebe78315a9e0411d6fd51652e33a1d5e78e8d84579b8aeed76947618db3c197c9c08474fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
0744cc92959bf81886d599bb6b61aa78

SHA1
496cb8d201320812e3ff7ae575f9030045e5b409

SHA256
c08ffec6d162e2ac4eea410f732798313bf05835c3660b39fe898888cc094fa9

SHA512
98107fdd7a88fbf5cc1b06d10a07fac196e932cd74e20384d6d153110be9cac198a40119687aad14e33370bc87d67fa0952e7b167ea721d4169727e11663da2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
5b57853b841f950d4e5dc2e2720aa843

SHA1
269096c15eefef4834ff14474fb80e5c6a47c1ee

SHA256
810793ac9c240156f6f04efd4cce754b6023d3151d13a6a679ea5c4ecbd989cc

SHA512
59a0e096b801cbc2399f9a5fabdec06633e5a07a02a50bbb487436e404e237594b7e6994d403b68315cbed157a8cefae3fdafcc4b1f147a706a9c18fb35d687d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e0ac8333102f5aeb1d3091dc1fd47030

SHA1
d46f4e751c4a4831fde8ea78cb4caa33175d4f08

SHA256
8fcada5e436a33213046bb60bf6ce00a3e46523d3ef9d398cf9a291b3139c162

SHA512
e0438249157355614499c94a034c443de16bab2e3bc97444ff54aff1aa6e0dac166b958f02df21f58141104f9cedee1a706e3a2d77f52e355d20c8232c7d00f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2eba2482af1d2d1a8f1533bd5e44a684

SHA1
ee7c16bd78775ebc39ccf9641ec63e9b358fb47d

SHA256
e09ed032a1e8669ada0b3ca1469b49cb218a86c92230dc60f56043d89debb8e6

SHA512
6ce4fea17d13ddf5684d58cf7d174d2a643651f047af2623e101eab0ad5c54050ca10fba9770d2fd5dba5b0f0ee55128dbafcb22c03c2b55e4e6dbeaa4f19d84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
b74d14ae85e82fe886decd6d28505181

SHA1
6a5e46ae9bc5c700c8c35030e8a1a1f5c4e6cd18

SHA256
8f91aff759f6478fba216bf04c1fa34764f4594ea3c888aaa784afc607baaebf

SHA512
a1137daf1a9c51d6d95bb3d7903128317be22a982f0d417c4dbfcbeea7ec1fa60d4344b5c4ebc27be22da8d3925ddeb25296d77f6a2d1b7f8d8093c740132712

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581cab.TMP

Filesize
370B

MD5
f463f1963f7181527940a58e6c275d51

SHA1
2d0ccc60aec98aed21ca2c22e737a79606206a2d

SHA256
3815e64c0b20eec2e77b27393033018bb0b9ce91c1ed5b71530978341a4cf855

SHA512
e8adb7d2b2f2e6a53d444823503cd26a49f078808a16cdf963770ab1e9b9aa76f76d6f93fa54dbd9184818c7601964a15953fa397cc071a5f24aa03d402847b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0660422f731aee5c055a172f388748dd

SHA1
1a088ba83e044b760704d50b42b8a5cd1c5e5924

SHA256
30d554741fc6e9eb5b2c91da405d6811a85c7fb45f2926d5fbb2144ca23b965b

SHA512
3b459b2a10453ed52dd0eacfbe49d7b12a941b06c9c1d9307f67a7477e563773e80e9df6d396dcd079c3517d869e3d549a03da3886ae985792df96cc6b43c321

Download Submit