78735f99f36100e003dc35910c58d2298ded56ed67f769c9628d2f46e1fa8b41

Analysis

max time kernel
150s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
12/05/2024, 00:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3750df6782c8efec7e7cee693e4e2de6_JaffaCakes118.html
Size

51KB
MD5

3750df6782c8efec7e7cee693e4e2de6
SHA1

8bf7298f9567c16a9b552f33fa495ca756a0b073
SHA256

78735f99f36100e003dc35910c58d2298ded56ed67f769c9628d2f46e1fa8b41
SHA512

1ed8470d86d637a2346bb579d4cdcc351ea829585a6e1bcb29e43f22946797ac248bcc54f6f123154b91cd1d55bbb167a0a1a3c4f37e2cb4fc45e68e9111dd93
SSDEEP

1536:7USjGCPFp0NAom27vUEtWBuLiJ5t3AMt1ZAXcEV7vQ6fh7tvsU3BGNkKE4p:ASjGGFp0NfoOLiJ5t3AMt1ZIVjQ6fh7M

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2476	msedge.exe
2476	msedge.exe
4884	msedge.exe
4884	msedge.exe
4444	identity_helper.exe
4444	identity_helper.exe
5340	msedge.exe
5340	msedge.exe
5340	msedge.exe
5340	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4884 wrote to memory of 528	4884	msedge.exe	83
PID 4884 wrote to memory of 528	4884	msedge.exe	83
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 5064	4884	msedge.exe	84
PID 4884 wrote to memory of 2476	4884	msedge.exe	85
PID 4884 wrote to memory of 2476	4884	msedge.exe	85
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86
PID 4884 wrote to memory of 1860	4884	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3750df6782c8efec7e7cee693e4e2de6_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffb84cd46f8,0x7ffb84cd4708,0x7ffb84cd4718
  2⤵
  PID:528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2472 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2924 /prefetch:8
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
  2⤵
  PID:3088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1744 /prefetch:1
  2⤵
  PID:2704
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6136 /prefetch:8
  2⤵
  PID:1372
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6136 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1
  2⤵
  PID:2600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7120 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:5184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
  2⤵
  PID:5192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,13659371199542158650,2580292635783928004,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7140 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5340

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4232

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ae54e9db2e89f2c54da8cc0bfcbd26bd

SHA1
a88af6c673609ecbc51a1a60dfbc8577830d2b5d

SHA256
5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

SHA512
e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f53207a5ca2ef5c7e976cbb3cb26d870

SHA1
49a8cc44f53da77bb3dfb36fc7676ed54675db43

SHA256
19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

SHA512
be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
118a97045335f4f2039e5325e4496e44

SHA1
ce7d44dc3f103df53ff9903d38590e002881b222

SHA256
19885f3bfb849bbc004ddfcbbec26949927659380f3d6202b5b002b87de2c765

SHA512
db37b3657df4493e3ffb6e7c6d3a03774c48f05253c75fd7426f989c9439c29e6cacf61a7917d07fb1d0ce542e6d56e5410d4dbb180d5e18c8f6510d7db908b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
2c6061f107e0b44b29471245db273d37

SHA1
302352d7828fe29833f5190547a6c9d019ebfd4c

SHA256
738d0f67319f756aedd213be67313442701d991ade04dbe8c82f5d70b80728f5

SHA512
01ef16033d598c6c69dcab20f84b59ea152426896698ba7085c37224684444c4f7ce782df5bd669bb43dd9b2830b7f90725ce8ec7e7d4c54ac2c072a82942662

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8bc2b0f4f03e51564c7e5f2e8a291429

SHA1
19cd325405d6fe6bcfa8716e39d32bb2c83269c4

SHA256
cacbc96cabcc5ff0a10f5eb423f30a52d1ecbb2efa10e1b0b570eec4e2186b97

SHA512
9e925c341ef31bf7b6d9f457aae7489863e3d28ccca3bfaa3b86ad768c1cf86fc343fd24e51f95f5d904dcc254f99bd0f0d3fe4b61f06178b928e681844c5334

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d89c201243ea5a610215725356d31cd7

SHA1
baaa988b749f9512ffc23442da334685ccfc478e

SHA256
538033631c56acbcbbacd6cd491476af0d607ac411be8fd301ce0d7be3fb344e

SHA512
a6aa7d1d9e96eb6957cc3a832193bc7ba14862e5f2ae2175b85afd96a971d1534a0c767d431e3e7404efd6479b7797a9af10dc1438a42bc7836e50d66f6ed4cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
46a53f620f010c1b8a440a05f0d501d6

SHA1
9dfa36dcfdb6010e5bf749fc60737c89769fb2ff

SHA256
49613cb26c4c04a9b5bbf0672455d65fba38b05926d7108470ce212e6daa173f

SHA512
94e9a58f34ecba9636d2821043726b10c3f92260106e0500f8a5635b1a1ba8d21ab4c989fba3a05f55c354eaf2f5a8c819872b9ac583c2c4cbb16bd863c8902e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
734511a29afb66223ac9c1cb04af8dc0

SHA1
865e06f5a24d0c014a279b8e784e691ac0cc39f0

SHA256
2e4cc602403a76c6c89e1d800da45afb258c4a2ac31b423ceab83d26d1a512f5

SHA512
22ba9fbbff9cf0c40937297244044b427d618e75384ab852538fc21fda114c7f5954b3010b1edf54a5bf6c3f438dc0138b3938eaa96f19254a21d873f85eda35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7e7464f3bdce78117d4a3d0d15f6639c

SHA1
d4756446b021c77abf068d1e688ff730f97afdcf

SHA256
02ac221d0a4e7cee330852e4929f0e3eff98a207e674a1f868735f482980df7e

SHA512
d7b333e12b259a43ac343c591a0de0b6e3e8ed1ae24a7275c1d05fac9e28949d557d03cc91b2ce2ed953f3e8473a5ca466697b0e95a58c0f9321d7b46535b9d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
61181d0a8e74c354493e988e6205805c

SHA1
975cfe2ad9a7e73026c47af1ba1a5020586c8068

SHA256
c4ffc6ad4ab6b7f849966a9982d939af35f6631f6630bb7691f671630279d79b

SHA512
2f2c773347537b58cf3100ea618774dd99a635284ba7d6819ac15eba5352fddaf2010b36cf1592ff7fa7bf4cb5ab6a48ca4b9326e253303eeb6992414d60d5e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580c4f.TMP

Filesize
704B

MD5
b2b281250e1b68be81babc9e8672b214

SHA1
f5b98ffaad253575de1ddf451f27db1e4af42d9d

SHA256
27d618cad995dc7d514bea542c9d69ff3c68c15bd964a2001c03bcba29314b35

SHA512
253478cb91ac64e289e7cd614b9668c8375a6eeec0aa0fe5ca0232ad8e2785a2bc296a6f7a9cff9d7b7b0efe1b2d6e58945b7ec63227ff9d05076c2b0ad584e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
25f55359c51588ad532b4ec3caa1d12e

SHA1
c05ce5165439671cb941e04b0de413ecd7a09755

SHA256
f2aad564dd7ff6c0a78383565ea30d7883f12e2114190974c401599f13c534f8

SHA512
f25a0afc4fd77c1c1d0219f7ea631c02ff9c1d4d8e5f5ede17dd5ca1348788721dc06021281f758c8ab0138009d218fcf7135e9fa84d54f1b9a32161e784919d

Download Submit