42b3c1b8cd5813cf58e01a7575dd9e4656e5bd4714f0148847232d17765a0106

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
16/05/2024, 23:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4d7af560ea23ea4b2003d95d478e661e_JaffaCakes118.html
Size

175KB
MD5

4d7af560ea23ea4b2003d95d478e661e
SHA1

37b6317093865cbc8a7451f100eb196d2305de6b
SHA256

42b3c1b8cd5813cf58e01a7575dd9e4656e5bd4714f0148847232d17765a0106
SHA512

dd1363d53f7f416071a880b2c3a9771b37d1abcb38a36e1fac9207c8f05c0075f617b9826b3dac5e6df88044c2d25c4cc5dec8a5dba28665d605bf2224668ef7
SSDEEP

1536:Sqtd8hd8Wu8pI8Cd8hd8dQg0H//3oS3/GNkFDYfBCJis2+aeTH+WK/Lf1/hmnVSV:S4oT3//FaBCJikm

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3472	msedge.exe
3472	msedge.exe
1476	msedge.exe
1476	msedge.exe
404	identity_helper.exe
404	identity_helper.exe
5256	msedge.exe
5256	msedge.exe
5256	msedge.exe
5256	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1476 wrote to memory of 4256	1476	msedge.exe	83
PID 1476 wrote to memory of 4256	1476	msedge.exe	83
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 2988	1476	msedge.exe	84
PID 1476 wrote to memory of 3472	1476	msedge.exe	85
PID 1476 wrote to memory of 3472	1476	msedge.exe	85
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86
PID 1476 wrote to memory of 3800	1476	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4d7af560ea23ea4b2003d95d478e661e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe40aa46f8,0x7ffe40aa4708,0x7ffe40aa4718
  2⤵
  PID:4256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
  2⤵
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:3800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:3268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:3560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:1980
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4580 /prefetch:8
  2⤵
  PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4580 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
  2⤵
  PID:4672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:1236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:32
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,2921944550107583432,4870828360943361532,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5256

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:620

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4216

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4844

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
e24471d09858238fa8dcf9764b932496

SHA1
3e261727ae55a71ba5b80dd612382d2b6aa1864a

SHA256
d75299a876dd60254f6c4fd257eff6cf4f157a9097e8a78c00afddf9bb9390de

SHA512
f4879ab927bf519daf86b6b91386855583b740822d388ccc5fc7e926abb7b344d26033525f839bbe8dc70c0de4f1899a883d3c0256f270bc138aac3b196f48cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
f410cd67cf94a409b4fff62d3e4f585a

SHA1
6a420db33eb36e6993d7286c06eefbcd61099808

SHA256
6ead35da7296ca17da93664416e8b55c0bf13e023c0f1fd965624d4b4aa39359

SHA512
cd65f90f761ce58e9ce88069ff8a5bfa6d9269f4e993b9c16276170fbfe478c43ecdf2df6cd66fa511d917ad0ed090efc1e4af13767422e429626bce0c4781a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
90d98d14a7de28650923033e67aca8e7

SHA1
c0da4e8c0e809fc0476fa41b31a61c4bf88b40d3

SHA256
fe325391045a525d1be115e1e68c7ab95bf08fbeef67986bc71de72ba8e2020f

SHA512
e9acc41ae430f66827395f39f162cc2ebd3da1f42e3f007e6c12311a6d3f0794c73d8750d7079ff14c4a0389d22aad99c01999d840aad7645fe3bb0543d15654

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6b89d5e8b4ff0cf9f0a2a526bf716953

SHA1
4c894dc20582df3394ddc05fb008885317132fb8

SHA256
80c0c16279bff1dd00cc2f42b0e7783a1203f03a53a771730a963976bc942c74

SHA512
96c74c4ceb1037bb1e4ac3f973a086a68357b6bc44d32eac17a834f38ea996d200cfed742e0b82533e3b1bcb7891d260f63f39ac8f16c7df40c27c7f4ee810c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f5373b4a55e878092a0f1292027d22ff

SHA1
88d0798b6c9a5eb1b32abcdd8f2365cc626b9e93

SHA256
a0da98598741a11603715cfb737e4f7404013c8f620b1f5d6dfc4a6069392ea4

SHA512
bc6c8ad257337c7beb70fd9653c150640e77dd6272715837f0596598d03489a927a114a5a282ebee9f3ed89212c8357e4e5dc8bc43b014952baa133f05c19f67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
9f509e20da0d7aa512fa52e1961f34da

SHA1
6b9fe8042b3c0ef0ee593e9b646f0fdc3c17b422

SHA256
ec1903fdce5eb314e4925775c9cf83ec88b3bedf453b63c3c934a400a63ddacb

SHA512
0ca3584e0ae6b0897c36c4499a99b697f94856971c0b0a2649979c91d934fc27cd08733041717d046fd51b8cabcf29efc32da278aa387c24da250a8aba55ffd4

Download Submit