6859b7090954a5cbb9efa38aceac52956d41af9d75967b26081db96a05e9d239

Analysis

max time kernel
145s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
16-05-2024 04:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

495f20066ecc4eeead503ab49d7f426b_JaffaCakes118.html
Size

47KB
MD5

495f20066ecc4eeead503ab49d7f426b
SHA1

c3d56f85797efaecdbeda33f46dbc11fecc6472e
SHA256

6859b7090954a5cbb9efa38aceac52956d41af9d75967b26081db96a05e9d239
SHA512

8abe222ade0c153f0ef55a03e406c2ad70a502625b9d9a1e1ef606c11b91b3e518c4a8de703cc3dc2f6510b71678037c36f472fcc05d9dce4abd511a66c81209
SSDEEP

768:vVSkVzuyAzSvo39yly811mmk4uzSxnGo61fZDuj2Ss2cxr:vVScvo3E7kM61fZDuar

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
8	msedge.exe
8	msedge.exe
976	msedge.exe
976	msedge.exe
4800	identity_helper.exe
4800	identity_helper.exe
4956	msedge.exe
4956	msedge.exe
4956	msedge.exe
4956	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe
976	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 976 wrote to memory of 3208	976	msedge.exe	82
PID 976 wrote to memory of 3208	976	msedge.exe	82
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 3512	976	msedge.exe	83
PID 976 wrote to memory of 8	976	msedge.exe	84
PID 976 wrote to memory of 8	976	msedge.exe	84
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85
PID 976 wrote to memory of 1636	976	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\495f20066ecc4eeead503ab49d7f426b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ffa7c1346f8,0x7ffa7c134708,0x7ffa7c134718
  2⤵
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:3512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2940 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:2176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:1124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
  2⤵
  PID:3708
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6624 /prefetch:8
  2⤵
  PID:3356
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6624 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:3788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4060 /prefetch:1
  2⤵
  PID:2324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,7148340657697903843,13892115365387201673,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4956

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4124

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4624

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
537815e7cc5c694912ac0308147852e4

SHA1
2ccdd9d9dc637db5462fe8119c0df261146c363c

SHA256
b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

SHA512
63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b167567021ccb1a9fdf073fa9112ef0

SHA1
3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

SHA256
26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

SHA512
726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\225fc0e0-66cd-4590-820e-1c6b7d1e52fd.tmp

Filesize
6KB

MD5
fb78f752300a83dceeeff515f461e137

SHA1
2a969fd661350943e8ad37f37a10109db52fdbc2

SHA256
6a9badc67ae86cdd81236a88dcd1b4b4efe696d0828fe76b9e64c0724f60fbf9

SHA512
6492364b5022828fba3fde5a12f497241f239cd91600fdb38ace05688217f32ff28569e8ea30c52b287b8f7146b6bb1624ea7933d061ceb19fd47dd2073cddd0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
f354a47649f15a527650aa26ad50e631

SHA1
0616db657d622b2a8d79e4ea87c50be31bbdec4c

SHA256
47a01919ef4d9ccfe8b302516ed954150e32b5e6ae6cccf10fa8393a80386a29

SHA512
b00e92ef57ba166a85cf68eb8f1949cfd56cefa0bc1a052eb1d914992c47b076ec35de26f522b942cb4e1ee6138c51629af30d8558cd7e9d96617c3891c90868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b3b8785dd02289f970122f528cce80c3

SHA1
75686295e05996826225d81bbe7df7e2877bf79b

SHA256
a79d458d564374ce595f00be2bf856d8e88a909455397a02d2f777d095173c72

SHA512
f89d92800351fa6c94d21177f91ca70a235cd20f44b31e274ac175bea561fef4c0ceb6e0971e3483338c5988d4a910ac218526d148cea7305cba75705b8ba306

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7ddfeebc03c0f0f112275dfd7cbac2d3

SHA1
223674cf564c93152854934a7396b22b97159e57

SHA256
50729adb94d1e291f4fbd4f29cdda93718dd9fb5ca7486d6b25c2e79baf7f750

SHA512
793ff60c835e8324b4bdbc6a24a8560c7765c31875c194df0d0a29803dca16b086e6dbfc5349846398062dca71fa7ce43e6755ee4ff793c1e303b01ca76bb876

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
cc5fbb64b513796059c8481b525339a8

SHA1
625a072ab1c1f04cc7b827c9f6c9f3b362bcd171

SHA256
eecaf882975c1576f2b77da74bab4e55d7bc485bc1f0c05cb949734b509df3bb

SHA512
dd838222671c2f5fbb4570cbedb08b810fed65a946a1d7f8a9d9150a01512ff0a51b2ee1bc3d4f55f1fa3bac98d653d0bd8691865cf6dcbe0ee7e422daebc548

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
5f56ae06b9a74d7825da22c8753d0382

SHA1
fbf6508fd954634800d4c5254ef973dd8f824c0a

SHA256
bc98524aee11587f19a21bbec9c9c37f0b5f4a37c1683d89423f8af2ac97fd51

SHA512
f006ab88ea935559624401ca34892d54655a866f1c5340e987b39a47507ef4d4d7547dbfe855a2877ab0a0e60d94a87abc8308d27043381916aaa933639eb8d9

Download Submit