4d35043c47454983acc12bb0264191582e442f448cb319c0baa7e229b8615413

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
12-05-2024 09:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3953e152debbd6fd2cd3a4fba4cf6665_JaffaCakes118.html
Size

89KB
MD5

3953e152debbd6fd2cd3a4fba4cf6665
SHA1

0139a524cbf03e8e1ec8b2ac5b183b6da5b612d6
SHA256

4d35043c47454983acc12bb0264191582e442f448cb319c0baa7e229b8615413
SHA512

5a41078857e57ec519415fb46a6754c448309ed4d7b72fac1bd72d336a0349fa01eb62a9f714346f99db117184e2aa8807fffc42bf04470123a5ee6bf4e10753
SSDEEP

1536:xKnutXeOtUK+PwXwMOBNQ6VeeezeeeyeeeMeeeveZeSeleDeKe7eoeVXNn2gDSIp:zXeOtUK+PwXwLNTyXl2gDSIMihg/4wk7

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
224	msedge.exe
224	msedge.exe
2880	msedge.exe
2880	msedge.exe
1372	identity_helper.exe
1372	identity_helper.exe
4776	msedge.exe
4776	msedge.exe
4776	msedge.exe
4776	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe
2880	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2880 wrote to memory of 4780	2880	msedge.exe	82
PID 2880 wrote to memory of 4780	2880	msedge.exe	82
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 4524	2880	msedge.exe	84
PID 2880 wrote to memory of 224	2880	msedge.exe	85
PID 2880 wrote to memory of 224	2880	msedge.exe	85
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86
PID 2880 wrote to memory of 3704	2880	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3953e152debbd6fd2cd3a4fba4cf6665_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xd8,0x10c,0x7ffae69246f8,0x7ffae6924708,0x7ffae6924718
  2⤵
  PID:4780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
  2⤵
  PID:3704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3044 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
  2⤵
  PID:1848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:1736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
  2⤵
  PID:2132
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7152 /prefetch:8
  2⤵
  PID:1540
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7152 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
  2⤵
  PID:1628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4132 /prefetch:1
  2⤵
  PID:3140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
  2⤵
  PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,1394655672759631141,15947624209837188716,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3076 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4776

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4916

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:924

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2896

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4b4f91fa1b362ba5341ecb2836438dea

SHA1
9561f5aabed742404d455da735259a2c6781fa07

SHA256
d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c

SHA512
fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eaa3db555ab5bc0cb364826204aad3f0

SHA1
a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca

SHA256
ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b

SHA512
e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
20KB

MD5
b6c8122025aff891940d1d5e1ab95fce

SHA1
a0c7ca41d0922d085c358f5dde81ae3e85a8c9c4

SHA256
9954c64c68000f615e5066bc255eced1195d1f8b7dbc715f9062ddf9f147e87e

SHA512
e62a37b55b6b8d95c24fb624105ff6ff72f118e31760d0da1e8df8e8acf627ec6327c26dfa26df8535585877604c7948d2f621ccabc39beec49787e22c302c10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
44KB

MD5
88477d32f888c2b8a3f3d98deb460b3d

SHA1
1fae9ac6c1082fc0426aebe4e683eea9b4ba898c

SHA256
1b1f0b5ef5f21d5742d84f331def7116323365c3dd4aec096a55763e310879d8

SHA512
e0c0588ff27a989cac47797e5a8044983d0b3c75c44416c5f977e0e93e9d3a9321b9283ea077e6dcad0619ac960ee45fe8570f1d5cc7d5d4117fee4f2f0c96b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
f8b4278091e1156bf327e4cf86488228

SHA1
1dd08669068f5d3fc13371901de5208ff9034e0d

SHA256
dc19c3759a2c4d487548fa39c85c287b06c0834bee0cab53512aa43a6044f6a9

SHA512
8e054465a94688fadfa4d4078fa2374b3e829bb6de319ed18e147702833decd8245e000d6fa3eff71a6c02a4888b770672c8b327ba6897cb2f74e5bb3a690fd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
33f749467761defb145494669d9011d3

SHA1
11edf421286bbcabd3022c2da917ddcd0b30c490

SHA256
9b19d325b2d0da6b7d22a21f0fdce0fdb72274be2daf1d937996fa8b345bcfcc

SHA512
c727d3a312fc6d290788112439ae4c2353c10be73f8ab662ee91bda1b674c4c8a9c28882747dd3755e5b01db6fcb258b60a8b01539811927ca6826294b77a4ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
d6140170e1c8e8e63b7754e60b767440

SHA1
07fe7ed1e52dbc5e7d4530c115e6390c4955dc7f

SHA256
1aba105f0a7dc7301f3aaf80d59240a1e5794ba98d00a81c897714bf648be2e7

SHA512
3672a47c12c9367cbf9a72d6dbdea036e34dadc4b347b6d06ade57e7cd9d9aa3d5a945689ed7120bcd1094b7dcbcb6fdc9e1f8709d96d8aaa63c6c4512dd3d00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
6bfe8ebc21cb3f0730631924a678cdd9

SHA1
2da099e1dba81b5860571ea6a14336d75caad2c3

SHA256
d3336814e58ffa31b11180d12248eb2ba8414e84977d311cf918cd890715c6b8

SHA512
b2579498aef47adbbf85cd2dd5f57b219a5396d979311d534dbfffacf1033f5dfd562aa210c331033ca43ccd11b1721d8479bd3b780b890a64dfdf8535c0dcc7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c8da73433b94fb801dafd7ab61a05d2d

SHA1
e02a4a274ce266ed51d3548ef516ec08ac6977ff

SHA256
17aa0941a9749723be33b337109f6f421ed47cb17e1b9d628eb750048cd21aa9

SHA512
6f3f83f16a6bdd2db0030385f14f676a3b1dfbccb6a61568a7a6937a00e3487a421318e8b1e098e3517bf4e900e646e16b1b3809caa18a5c91ceb7f923a7e8fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
5a4a2ef3623cd11b3d3f8442f65ea127

SHA1
a6108e6c956a7bf4c74f588c3cdf66c3971ebc4c

SHA256
e18e02960c17edf528ec9f33c2e681940024304d7a90e44a882cb9219fbfcd91

SHA512
f2057ae5161898944ad1decb34351c737ace1ce6186d87ed3020a9fc048d98f6495d2b86ff23204afd562dbdaa72c42205974b16dd37603d3c7f0b3417ef7401

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
89c4b2a3d98dd4ab479e146ca7de1278

SHA1
32095814a321cf41f6d5d7c5754e57ef2213173b

SHA256
b4da0cbb3b064af083156b5ca5a680919403a3164a1e053b096a0378b5f16e9b

SHA512
18da0028363d8008c1e7ed4c040c2bf5bb3badc1eb73d09d3cc85aecc085f68b517e7b5b380f730b7e55c992bb500b07df1faea0c35383b4bcbde526621be4ad

Download Submit