c5950bb26447f84d3c3811ab98031cc6098e4c999ba2b16d30fd4049785d46c8

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
15/05/2024, 20:59

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

480401908367d2726dbc3252d9ba6674_JaffaCakes118.html
Size

106KB
MD5

480401908367d2726dbc3252d9ba6674
SHA1

990a1b5c4f4cdf5ae62386b98bfa94c5eb3657b7
SHA256

c5950bb26447f84d3c3811ab98031cc6098e4c999ba2b16d30fd4049785d46c8
SHA512

2473403e5a2f350902f7d97210aafe3495d72610ff8eef6827992239f67ab223edcf0d4a5c9a758b6383c3bf7cfdab60492317b5296bdbdb9e13dad50508ce4e
SSDEEP

1536:/50TOaPwdnYiBUVB8+defXoo98yEEpzsQJxF/6rSEBTn+DtyZd:/5zY/VrdmX8yfxFy5Ityr

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2292	msedge.exe
2292	msedge.exe
2544	msedge.exe
2544	msedge.exe
1580	identity_helper.exe
1580	identity_helper.exe
4248	msedge.exe
4248	msedge.exe
4248	msedge.exe
4248	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe
2544	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2544 wrote to memory of 1500	2544	msedge.exe	81
PID 2544 wrote to memory of 1500	2544	msedge.exe	81
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 1412	2544	msedge.exe	82
PID 2544 wrote to memory of 2292	2544	msedge.exe	83
PID 2544 wrote to memory of 2292	2544	msedge.exe	83
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84
PID 2544 wrote to memory of 3900	2544	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\480401908367d2726dbc3252d9ba6674_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc6f0146f8,0x7ffc6f014708,0x7ffc6f014718
  2⤵
  PID:1500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2272 /prefetch:2
  2⤵
  PID:1412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
  2⤵
  PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:1432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:2288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5892 /prefetch:8
  2⤵
  PID:1676
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5892 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
  2⤵
  PID:4196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
  2⤵
  PID:4140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
  2⤵
  PID:3376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,831760078864796412,6339986365392482945,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=212 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4248

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3392

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4812

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
19585a37456f4744863366cfeabf7623

SHA1
f54eb8b9ecce7a48464c93b65247597187c77bc7

SHA256
62f5488aeb2c9de682bce13583964193abd26d65837e0843aebb22c5070c7ebf

SHA512
bb6470a584e3d3b3efa0a3dd5599c2a3220303660cb5ba9f4745616db8d1c799ca18538b4b45209e8a665df90a69ff17bfb13bc7754d8f3f8b0d298d63aacbb2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
8a4fe145826353066835d75e8c9c3f68

SHA1
f137b463d9739611be55d66cfaf3d5458de70f2a

SHA256
159cc324f9a2d241316e73c2b3ff760b184aceb43dab278618e76c0adeb25604

SHA512
5382f28d271c546b765acc5fb3c2ea7de929c15eb2da2ec493704c800f3e7e282c645fb2440b2f8c1a3c4f8df8970b28320e39f792146020990cf29d707cbe81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8831ba22554b76bf1a0f95bdc65e8150

SHA1
0e6e36fac23e5e268144f4fa3ae3e90b94161435

SHA256
708e51315dcee2edce15c40222147cc49f8b06a830dab244c77e4bd14985f8f9

SHA512
6875fdcac67c55608fad70ff9475127db876376039e34da9c134270d8d7244cab54addf537404469e7cdd13f41734dd531084c0b20744ceb2bc18c3fdde0a873

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
51d406b202fcf9dfcc8013dd00da1b99

SHA1
5192e477f8883282800666584244e8498f0a4843

SHA256
bb5e9182675913e7d1977c1ff965017eb0061d8876d23fbf7dfd26c9d211e19b

SHA512
f0459c77d305ccd226119d2ce30ffdac39fb6cc4be08b3a338b12abdf763d6e6fd22609cbbcb9d0299d5cb5463c62ba794799f571ef69d20d4ea2a3db948e5f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
49b929b62abfb3be9726d3e93d9fd207

SHA1
32088c98edeb1d373a71337f3aec3fbb7cc89eab

SHA256
759ad9c2f345bb81be2a6b2ea31cdc35c2a60538e8016acc01b425f6f5c5ed6c

SHA512
3bfab5f122f0337bf510f21187aba168c7d93e2a334f6e5451cd45f73f8919959fe6dd6d8aa241f857cb9eda7337757e6b414b07181da40c9e256743dcfb2aa7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
765f7a4c8422be9fb0486c081e42ecc4

SHA1
7f17114789e52caf2b21b063bfe3b6b85ad1a73a

SHA256
bff02b6285142c6ed54fe5ab5ebf74193dabd2c5dbd11c3493438545467ac389

SHA512
5315e2f88fa9d9519c2708997214d0b6735fedd5e924ee07013494fc606a4752390a7f3b14b9c661cf72b0cf750dbdcd62ecd33484d6793b91b6646b6a3d88c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
8c81f5584ca7c0079eb31745d71bdc51

SHA1
3abac07e2bd637447c7ac9a8a681bf69cd7eace2

SHA256
ec09463ff96c5de6bcde4d690a4d027a7f706d2168179a79bf351a81c75608b7

SHA512
e3b8f6f780f800a6fd35d9fbe2f657755a1549032f8174c41c4ce90912f31d14d868073972da9a2b4fa8e4dcbd8d13fcf853bd920d17d3a99dac084ad9280624

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
8222723a7832d87051f9162cd121402c

SHA1
1051071fe44c3c5e1e900bd316fe69085543f70f

SHA256
bf0104edbd179ef080873e2add0005a102c8bc8bda45f680bf3aec7941ee0a3f

SHA512
9e4437da79f35bbf368f1d63ce90506e6ad80e6d564f454bfc616a13a50e97c97bf155b6e75d1c8917fbd784fa21c0e5aba18e2fde3c02a05fc26fb1b07fdf4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
2426af0c9d915c3ccd9994ca0f5d6474

SHA1
04b53fb1dd23242f27a683a1c8a8bb7f0c5fb57b

SHA256
e123ae0103e2c5dd9f40ae1d02f8b03c9a68004c2d043b54e86c30237a91d1c0

SHA512
8f66ae7500c52ea8b5ad4d980c310eef12057390223e60439a13075d1e463ce6ec726a43c7b68e11cd3c3905ea20701b0fcaaf147d0e63522a91708764732e57

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
4481c2c2369f669d4e947fc3cee6e30c

SHA1
a892ca56845c778eb6880842db3ca74f1f358a54

SHA256
57c4485dd226f3c778ad1fa039d53b3a6567024a06712fc36761110017b6c44d

SHA512
51845332f67f0aa6f8f622299da8d0720026906855c14ea311e570e8780c9632fbb8af20ce7c47c2577f6b5a554df2ca2526f9cb6a4424a02cbf3c492b668ea8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
d0220c83e9021bb1b1f2ec67c6041f09

SHA1
03b7301f28e63767d3e2771ab9dffb5dbeaecf4a

SHA256
682aacf9cff660b2997b5c7f4d02ffc679eaeaa784c952fc50178ee804b496d2

SHA512
d810a8c691f3fb1733eb8124bb93ad4c5f29064f0add16c327070ed9e205f84ba84b3cf3e2565d26454cf340b84b7dd4a3306efe89d1ea7bcfbeb9382073b0ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
f8108bacbe8652e861721d243bdb9636

SHA1
d0ae308cd93b3fe4bf48c2fdf272a31357c7ceb4

SHA256
058a5eb0ee2f9ba72f762bac145da6b8060e21725e84ae47195a8b6772b5a76f

SHA512
c2ea03fd290244d33666a2d6562a97d1022682e8dea3e1d30e172956581961812b8600f55b2b0f7213d8d2eea6653e70651c27fbac59ad18fdfcceaa0adeccc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c0fe.TMP

Filesize
539B

MD5
24576cdcf7d49336ea901a422d273d65

SHA1
e3370429aeafdb265b7ac18ff0da841a9ce80c21

SHA256
c056e6086138af492087b1c2c3319a6befe017d99f08e6954cb1ca2370ad6d5b

SHA512
2243ebca0f776faa69851402b46ee29db2f3702d9c3f775d1dea5ec3e8b64f4754baefdc3c122b8672c25df3b01cfde6677fca786b5a57918997e5dccec7bf49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
fc1d2c60702df0cc621f37e03e51358b

SHA1
e8c201c8f6cec6ac20f714fdbbb4b5f4603d5e31

SHA256
ae0959f24bb0d88a218c36d7b3a03c6eb7f50f03e99573618243b0084eac218e

SHA512
faf480fabd9737ebc8066f133691cd7553df5856c2b08c1dbdc33b20418a67524c68a5eb109e3ca0c6d7447706aaa5bbc3050653d7f61c33217dd4959e6197cf

Download Submit