c3189b7ab551a5e98d5918e0d06e9b162453ac5069bd26abd1052879df0f98d9

Analysis

max time kernel
148s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
16/05/2024, 14:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4b7de6e308629946db266dde62906e96_JaffaCakes118.html
Size

175KB
MD5

4b7de6e308629946db266dde62906e96
SHA1

4da3b704cfacdb3c04e1cb690e5c52ac955f133c
SHA256

c3189b7ab551a5e98d5918e0d06e9b162453ac5069bd26abd1052879df0f98d9
SHA512

29f9f1701255cba9f93451c460d233f185b6c5f3e5d09236550c3f652f5120e15662c6c9fa51499888f5023eb505133f316c1dda80745d92f337ed2752c043fb
SSDEEP

1536:Sqt58gd8Wu8pI8Cd8hd8dQgbH//WoS3qGNkFgYfBCJiZ6+aeTH+WK/Lf1/hpnVSV:SHCT3q/FVBCJixB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4992	msedge.exe
4992	msedge.exe
2712	msedge.exe
2712	msedge.exe
4436	identity_helper.exe
4436	identity_helper.exe
5204	msedge.exe
5204	msedge.exe
5204	msedge.exe
5204	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe
2712	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2712 wrote to memory of 3328	2712	msedge.exe	82
PID 2712 wrote to memory of 3328	2712	msedge.exe	82
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 1264	2712	msedge.exe	83
PID 2712 wrote to memory of 4992	2712	msedge.exe	84
PID 2712 wrote to memory of 4992	2712	msedge.exe	84
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85
PID 2712 wrote to memory of 4056	2712	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4b7de6e308629946db266dde62906e96_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffceff246f8,0x7ffceff24708,0x7ffceff24718
  2⤵
  PID:3328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
  2⤵
  PID:1264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
  2⤵
  PID:4056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
  2⤵
  PID:4836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
  2⤵
  PID:2584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:3224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5664 /prefetch:8
  2⤵
  PID:3344
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5664 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:4632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:1604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4536 /prefetch:1
  2⤵
  PID:5348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,7714851531875635778,1940039847105780304,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5204

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2276

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4180

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4596

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1ac52e2503cc26baee4322f02f5b8d9c

SHA1
38e0cee911f5f2a24888a64780ffdf6fa72207c8

SHA256
f65058c6f1a745b37a64d4c97a8e8ee940210273130cec97a67f568088b5d4d4

SHA512
7670d606bc5197ecb7db3ddaecd6f74a80e6decae92b94e0e8145a7f463fa099058e89f9dfa1c45b9197c36e5e21994698186a2ec970bbdb0937fe28ca46a834

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b2a1398f937474c51a48b347387ee36a

SHA1
922a8567f09e68a04233e84e5919043034635949

SHA256
2dc0bf08246ddd5a32288c895d676017578d792349ca437b1b36e7b2f0ade6d6

SHA512
4a660c0549f7a850e07d8d36dab33121af02a7bd7e9b2f0137930b4c8cd89b6c5630e408f882684e6935dcb0d5cb5e01a854950eeda252a4881458cafcc7ef7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
3c788a2c479e5cc2c2f7e3f03d361261

SHA1
f65a030c5e54caada5453c59b7d076808a3c9878

SHA256
772110c9b36141ad98980dc6d428079ab8b30dfc62c102f395ce05145428bbf5

SHA512
99cf184940c92aa63a3e472645d077d5a9fc8fea99ff025652350c0c78e4ed237afd77d9f0defdca68ec21e31c8b32704d940386e65f3ac7eae65f94248772e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
67561da67f1c0da3f51038e56fee5d96

SHA1
759bdce39b6dc3909203637ea554d2997d737660

SHA256
fae7e951a7872fa3ff2b4aa29ec4e6cf65dbfb1a0f95772b75b7dab6c9027e95

SHA512
dbf712130205d3335e0c427a2954e622826f50c8c8670101aff83d4563dd6957ceaf33acfdf835f6a296cc549eabe8624b5e767f4ca682d78405610336e2615b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
e21c491398e29d1b46c306dda41efaf3

SHA1
39763fe518f847854a51a5ab5c21e8622a299106

SHA256
43da22b61e08dc90a93b81efce0fe682b7de1a62bdb5964a7fd8a4daaa95ac2a

SHA512
caf2da2487da747517ff81bde2556f2ad8376e76dcf32d13159ed46ce31d8ae01c904f7af80b32fd5932e8e57a577976312c82331d885b4506598748bcdaf78d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0a352cea57367fa615d5659ff33af311

SHA1
4bcb675c95f3f9157f081fc87fdb16f70afd7439

SHA256
f4a508c776de17b92355661bb015bc78fe853a3b0418baf915424452c5b059d4

SHA512
13f8ff9e7663d4a8c0071bda62d5c182021b662514e0e9c6aad50631f30b9516f9cb42266594adb420f7a158dc9166e602d5bb7ac94d9374129c6e47001e5d22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7333cd93dd454a5a86fd10f7a4f76d40

SHA1
dad737b2f5fc1c915033b4b2dce8a0b241ca3bc8

SHA256
34d2eec86649e8246e6b73cfb600487b45543c6407d6dd061c0f8b5f8122e7ba

SHA512
b189cca2ca82178c1492f2507663531ec305272a51fc4e45118c254fea8b37a4541ebd1eb3862721664842022cd2217dd0c868fdf0fac24041eaaafb8f615236

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1774be6fd47bbfa5ab4aa5373b89659b

SHA1
8906abeee0ecd93bb46ef3e269aaaa1eff4874c5

SHA256
71a694307f69377e5377dc7cadaaf1cb6e005ab6fa3dd12c97ad854c21d47cee

SHA512
50dd3b2864fe234053ca1cd38fb243d9179a98b9a1044440da7815b89128aacb4d5c9460826c0b750c7ce7593fa6278f6c9470321dad9feeb8634903cc6e621f

Download Submit