2a17eb59d0a793fc388cc4af1c9665703a69bfa5a57c4a710d78c4d386d27246

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
15-05-2024 16:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

46f6500ccfc7ed0cc2d96417a4098237_JaffaCakes118.html
Size

60KB
MD5

46f6500ccfc7ed0cc2d96417a4098237
SHA1

e9a59f56125668596c511cb4644e233c21ef6540
SHA256

2a17eb59d0a793fc388cc4af1c9665703a69bfa5a57c4a710d78c4d386d27246
SHA512

e5b91e17ec30c384e2730c0c950e08ae02afd66a3300166166c7832f0055e7969a25f5f42038ff8475b83b61bf2696ff48fa8eca50e5d44d2e5420aab2ab6fdd
SSDEEP

1536:/kADkAmckABKQ+ZkAXhTcr0IPGNMxZPdJXxPTQakAQPvFSFKRu8QL4cxNL4cPtuT:/kADkAZkAIDZkARTcr0uGNMxZPdJXxPg

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1836	msedge.exe
1836	msedge.exe
4908	msedge.exe
4908	msedge.exe
3144	identity_helper.exe
3144	identity_helper.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe
4908	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4908 wrote to memory of 3924	4908	msedge.exe	81
PID 4908 wrote to memory of 3924	4908	msedge.exe	81
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1020	4908	msedge.exe	82
PID 4908 wrote to memory of 1836	4908	msedge.exe	83
PID 4908 wrote to memory of 1836	4908	msedge.exe	83
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84
PID 4908 wrote to memory of 4588	4908	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\46f6500ccfc7ed0cc2d96417a4098237_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9904646f8,0x7ff990464708,0x7ff990464718
  2⤵
  PID:3924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:1020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
  2⤵
  PID:668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:2328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:1000
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 /prefetch:8
  2⤵
  PID:1172
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:2476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:1424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,9141925014960564045,3614168155448032101,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5200 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1000

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2648

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4348

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
fbd649c78507be84648547481ec4d483

SHA1
ad55d313e0cb2a2c04a56275f9371fecf711d306

SHA256
35028d3a472e42bafdd2101c07f311181c52e9091fc207c4fd8d2920490d59d0

SHA512
6d08e617507dfc71b11cee719901680b7197d355e7a036c8932903ad04fa022042e14a9847c0a464a2b57d91a38068f400b2c568b4d8f542fa8357819f8a07b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
34a98c47a2bbd66a61f51f28ffc0001a

SHA1
d3750c83283de7316042997bb0d20603d9956da0

SHA256
790f8c524e1846c651e784238bb22d1b46042b0f5735fe62935814b3901e4bd5

SHA512
7b10ac59013424382f9eccf2d049a8bcf9d9f8e519818a5970ea8b903ac0b14cc3f730cf079b1f00fec55f684052895f5950c812e2f6b82e6f80e02653f10c49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3b7b3f522ea836b7001ebec139c1fae3

SHA1
87f411f8d8555141b6cf0db8d2eac9264151c533

SHA256
6ba12fb25cd951ef88be25ff4bbc961cb63222addd3bb25168ad7dce45124a53

SHA512
6adb9cffa09798a5d8de324cea4f3187581198b3ed2e6785a132e03a07bc421eb5b9160cc12bbac203c1a24d4b102d24c9918df33bad2e857c64234d62f5b6db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9852afe7b3b7512f14491f06d02bda41

SHA1
253d418c219ce2e6d96d80bfcbc270eb2a7d4234

SHA256
d681e72518447dcc5938487612c2864b319cffc90fa994a1c13c3129f0a72a06

SHA512
361a8860a6585724a9d298816b2d4c74f90b248fa38c6965b2fc76099f046a6ea67b2c7fabcef8b10f3ac76c003f3c037e423f980604abb47161cfb1624dbd12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
16c5dde2e6558fc432a8a5f2c1c1cf7c

SHA1
262386f41986ed0fec02893350da50c3b84c258d

SHA256
372d6f9b6d97d49221605f01cd0f052ad95a1cad9f09f65b7d686912b0489d39

SHA512
e4ba5a7bb072020b72401d1564fefc7c47e877f826cc80d1452b695243d1f1176710462f19ee1f1762a83b1383a6a9dcc6980f6548890aa1f22f9cfd733631e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
01ef05353e23393f61449a83d3bfccd9

SHA1
ac6e55a7252a364933f5be2cf4a108f37a034d68

SHA256
a68a3c71e901bac3c5cf1be16765c671c6ddede6eead118b436ede165fa55372

SHA512
ed53a69052eb7b21c4111a1a5b5c9338dc2a7b10a006e60d6b70a110a9c6181623eb6e1af3b6866c843e79edc7e21ae6fc813a2e1ec4d2bb40f19261a12f3b74

Download Submit