f40df067d1d617fe1580d9a6d0948b62d8a35df56eff1a2be893f4407e3a917b

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
15/05/2024, 16:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4718e1fe0edd6cde34e3e58aa5e36956_JaffaCakes118.html
Size

105KB
MD5

4718e1fe0edd6cde34e3e58aa5e36956
SHA1

dc303253c34efa3a09b52ade3be9c0a8fd39ea63
SHA256

f40df067d1d617fe1580d9a6d0948b62d8a35df56eff1a2be893f4407e3a917b
SHA512

ae6787cecdb9e6a36dad9730d3cd2626a895f28ca5c1297f1ce0d46fb9f1b822caadc4b6d3bc2671ae0309027999c3f1cb7250efbb6fd93bfb14fdc3faafb035
SSDEEP

1536:uh8Ag0mX+PzQMAuUfMYmJAzJSgm1WpYkCBloHcifl9CBloalk0SUrlEloy/vi42i:gwZfZmJAzd2wxCfF9tvi

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
400	msedge.exe
400	msedge.exe
4624	msedge.exe
4624	msedge.exe
2980	identity_helper.exe
2980	identity_helper.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe
4624	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4624 wrote to memory of 2324	4624	msedge.exe	81
PID 4624 wrote to memory of 2324	4624	msedge.exe	81
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 3052	4624	msedge.exe	82
PID 4624 wrote to memory of 400	4624	msedge.exe	83
PID 4624 wrote to memory of 400	4624	msedge.exe	83
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84
PID 4624 wrote to memory of 3148	4624	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4718e1fe0edd6cde34e3e58aa5e36956_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffff99546f8,0x7ffff9954708,0x7ffff9954718
  2⤵
  PID:2324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  PID:3052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:4988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:1936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:1172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
  2⤵
  PID:2104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1308 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6212 /prefetch:8
  2⤵
  PID:3984
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6212 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
  2⤵
  PID:3248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
  2⤵
  PID:800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4620 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,3677294779721336685,18080110513684724856,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6656 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3276

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4232

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5072

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2456

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
a5fd0720a6fd1d5a2778e37f06028555

SHA1
26255814925028689baeafffe3c2feffe65d2932

SHA256
7f1afc2dc97db1bdbdcd022a38c5fa7ae55fc4fe19265c64d72c3e7882321be2

SHA512
6a35039e84baddc61346224fbeb816d5b190e43fc65adcdd5e075a2cea958023b12a6b514bc4d938f4da16eba776d49a732cb1067649adb3670cc04fbefe6ce1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
256075592c20ce0710d16dafc15d73bb

SHA1
9b8236039645e6cf3f1af19862a05917095b0f53

SHA256
2e958c326951d92656a0c5b86c6e6c053a5028937f93f2026fafcd7f10d870a2

SHA512
17999eeebd013f3274305fddbc9bf366ca4e3cd3e52665a2da75440b67ce538f68446129998c1534e57720dc316d401066ebbbf97a9c8b8a4cf63fb4dcfe2f17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
97a1cc2d36ba97ac1d509f5b234858f2

SHA1
1f319c4b9a835b8a4eebd9133c30f95858f0d355

SHA256
5efd2ca060704bea2039c2c567d9a48bda1211aaab7acbfd68134a6553a7fc35

SHA512
2669aa4f86ad15cbe4f22cb409adf33b898437ce7b5ba91f0013dbcff3a55d870c0e06040c25b00476548b0a0065ecf494340ccd9d4d747f7346bcf38b1fbf4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
31e695dc1945e89bb68eae267ef9e87d

SHA1
e046dac6be04da35c4a332950ca30724b6fa6524

SHA256
268cbaf120688eb12520824cf41ad429e02a306edf6ed13e45e71f25d71137b9

SHA512
9199270f59bc521f75a8c6459b5e187b433d11c9e33b8078077c1acbf95fabd9fb6b62d8cd9966986e57e77fe40b8360e44547c8f03d0d03a82428a1923f29e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
e38404761f33b8750951a06be6a40ffd

SHA1
9957ff0f50811caf285bceb725dea4741ef52928

SHA256
7a604f618dec2e380fb2a410cab18bce9ad8315bc1c9bc7e44b935e50a6f1d29

SHA512
7a5f59863001858976f5ae361cf539b24b742e7b49ca97c7cf549af6d825722c2475d18491dc158a32eccfbfc5407d060d0f84f83363204021d07132023ed082

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3c3b56c0f23dd4561344231e287ac98f

SHA1
a7b7243793df16a0a48691ad5589f96720675107

SHA256
a3747be63de50f2880bce51690cf4a689d8cef9692cbce5eaa1882ed74669836

SHA512
891261c20498648517837ad6bb985f06936b0652d94a7a28e2e7246cca8e02548b70fa41a9a7d188f9b6a9f76f4311c1794e64e1ffa5900a847bce82efef6ce4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
6c90fdc9f71bdfa4d4955602a4ebcf6d

SHA1
b6b9b3d98d8285185bea71cbecae137fb7eccea9

SHA256
a406471215db1b657b0ff0f0b2ce60b1196c3fc4fd7117a32d25b15d0bc3fb0d

SHA512
84ab1b03c2c215cf61898036f73b4fde19a215c47a50239b39028aa1194d4563cc5695400e7f5a3530dafc36ca2889f9c0f16471d42477a858ab30c57147764f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
54811688272cab12fc4a21cc686d0637

SHA1
da0fe289042f843aecbcc206ed52dcf12d76dde3

SHA256
b3856fc533f16f4f9b6c92d3c22d99db00888ec9ee5cdb81ab15463e16256c3e

SHA512
34d5a94b6527278d9b4247b84397bb1fc3439570a33ce9b681d8bf9c35fcf2c1bc4adcb0eaf0ff9ee5878b175b2845d1d72c841f87833b319085f379adccc01e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
96037e97069d27a111af18a4e6b88e59

SHA1
50ec107868ca36ee574d031e2a4ffa7c48146f97

SHA256
d9062e8acc95a5b2bbedd63fbc0139648829cb48829815acc72ad4a81db18e50

SHA512
6b013cfea50d37fc48d88db61488295d3ba952bb838d920a8ba07fb4f8d51788cdd071a346e5f9da58e847934dc8574b3228bcb556a9407d76c8d036446351c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
64847c8d3b9bb1f54cbaada16d790f9d

SHA1
cd2062e95a21fd108a4557c48e1107590d8527a1

SHA256
800e4ec69759d88209b79be63bb0e32609f85c7889571ba12f2d038ef47effc3

SHA512
a406030dda6f61e216160d478e947c2e63daf20f2e5853663b58931accf4225e7d20f52574e76c0e34a533698bdcd245791e48d0bffaa6e8411e749971aff199

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
4fe3a5294691ea5977d0236d288e64a5

SHA1
4f0ddc8fbdf976b480db5d162a7e1d6dac343fc9

SHA256
fba28997444ae66b95277bfb63b1ac3ec6bdf9672c7000c92ee77898adfc8269

SHA512
526d31470f9ad120317ed3bc2beb882b73d99c38c046f315e7bc936a3de6d041fe06ca4715fc162ce1618f224e1ca93b432e78f7bf949474180cd39fd0bda65d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5824d9.TMP

Filesize
539B

MD5
b01841739bf79703b5966b49fe9dcc2e

SHA1
7f4e38c8d44d4891174cdf43726845712fa74468

SHA256
2dcd347de5ceb6759ca6800abfe816d638f5dd2022fc37906482718975540f1c

SHA512
a5cb3b0dbf02478ede12f6f872a9eee47daa8acc3f3a4eecadea1d7b72d61c8b38853b53c57639708ff175072e38c233261d021590be0589bb59fe9a7e039b16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
2b9ab65dfd31eaa5a7f384889f7fb68f

SHA1
1ade2890122524ce91038360b22bbc25b68ed284

SHA256
cfe3cdec5c965b205c96c238a58ab2e58f93ff946f9e7e8a53cbd42c5d1e4ef6

SHA512
ae0e6c984e9c775445a49e1ba87a2a0027fce62536e768ef8499a7c85a3e65da840d55c7fcdd6c4aaa65c895c33ba7d722e91d73795bb1ddcda1113b0500af52

Download Submit