a3413b7e344fcfb42919447c3c6f61895397930cc87476208ecbfe79e0cc221c

Analysis

max time kernel
148s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
17/05/2024, 01:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4ddd0e50cd067f9714cd5e0053eaec30_JaffaCakes118.html
Size

86KB
MD5

4ddd0e50cd067f9714cd5e0053eaec30
SHA1

c0faaa07b478c2d4180d5d850717e17e182af435
SHA256

a3413b7e344fcfb42919447c3c6f61895397930cc87476208ecbfe79e0cc221c
SHA512

9234a80966b65ff1275fcd198f7abf5845665207131e41992a36050b287268b4aadc141e347f2f4e824cc1210631f82d88cdc8267777f16749f73cfd18dd3cb1
SSDEEP

1536:DWVOZO8bf43L11r9wdKhTU7WfGTKg+z/jIeILOrwAIm+Y+uuMyjNz6Ndk:rO8D43R1Y6TU7Wfq+z/jIeILOrwA7Z+r

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
34	sites.google.com
43	sites.google.com

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3508	msedge.exe
3508	msedge.exe
3576	msedge.exe
3576	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3576 wrote to memory of 3036	3576	msedge.exe	83
PID 3576 wrote to memory of 3036	3576	msedge.exe	83
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 4032	3576	msedge.exe	84
PID 3576 wrote to memory of 3508	3576	msedge.exe	85
PID 3576 wrote to memory of 3508	3576	msedge.exe	85
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86
PID 3576 wrote to memory of 1972	3576	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4ddd0e50cd067f9714cd5e0053eaec30_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffa80746f8,0x7fffa8074708,0x7fffa8074718
  2⤵
  PID:3036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,3841987310486232913,18299448302829848072,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
  2⤵
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,3841987310486232913,18299448302829848072,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,3841987310486232913,18299448302829848072,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
  2⤵
  PID:1972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3841987310486232913,18299448302829848072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:3340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3841987310486232913,18299448302829848072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3841987310486232913,18299448302829848072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3841987310486232913,18299448302829848072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:4984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3841987310486232913,18299448302829848072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3841987310486232913,18299448302829848072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,3841987310486232913,18299448302829848072,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5164 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1552

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:412

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:316

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6ede75ab-83e5-4694-8206-25172b58d9cd.tmp

Filesize
9KB

MD5
3dba0101dd5b10813560577b548608c1

SHA1
3ba9aea02eb8d2c5ca330a3d901004967499f436

SHA256
0ea760eff4a0194a5a229d3cf36083b9f2a2e042fba1dabbc120ef00c88d57e1

SHA512
99aa9af1d4d70b8bbfdf61ebbb0de7342701ff8677794873bdce25eaea94a4870988e6543d5cc291dd5de99d232ad60645d412a34f8a6fc1d52be2ca7be949a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
20KB

MD5
b6c8122025aff891940d1d5e1ab95fce

SHA1
a0c7ca41d0922d085c358f5dde81ae3e85a8c9c4

SHA256
9954c64c68000f615e5066bc255eced1195d1f8b7dbc715f9062ddf9f147e87e

SHA512
e62a37b55b6b8d95c24fb624105ff6ff72f118e31760d0da1e8df8e8acf627ec6327c26dfa26df8535585877604c7948d2f621ccabc39beec49787e22c302c10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
44KB

MD5
88477d32f888c2b8a3f3d98deb460b3d

SHA1
1fae9ac6c1082fc0426aebe4e683eea9b4ba898c

SHA256
1b1f0b5ef5f21d5742d84f331def7116323365c3dd4aec096a55763e310879d8

SHA512
e0c0588ff27a989cac47797e5a8044983d0b3c75c44416c5f977e0e93e9d3a9321b9283ea077e6dcad0619ac960ee45fe8570f1d5cc7d5d4117fee4f2f0c96b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
0b4112e52b44e6834d92fe570077a1c5

SHA1
bda463f321365cc6264f2a750fc2aa3049915f8f

SHA256
6591910a48fbfa814f0db966281c815fa58f3515d23451691df71de63049bb7b

SHA512
fcdc4b69e28cd8e83a6cdc03b02c9ca17254897667ebe4aeef35cd866a5510f65b2e25c13588992515273cae6aa149e7fde88282a75d086c6b3d539be19c4ab4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
74f6f8188c995efe143d8dfef2d310c5

SHA1
75b84f5ec05df4e3a263ce812885b4534e0ca3bf

SHA256
9e8f80bba88ff171c18fa15b2163021efed49150d807fb2b3989ef6de33f10c1

SHA512
edb5836e129628a080390b8050d6c15b8fffe510d37fc821266e851bc6aac18763b562515af8f6497ecf95e2488a6b1c2eff66e53e8b275ea38b5384ba6c63c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
04df8415ae4534837e93c3823b92a0b2

SHA1
d4935d5c4db4bfe446c07db2c5d2a8da1520bdda

SHA256
fa7fc274a7372d0f418f85a18ad39f7fdf92bbd6592436d35f851a6015238cd8

SHA512
1f48568676290179f83e28252328b57e6fe89d597d52ca4585dd3eaadd0f2d4deed482130f8908abc91e4fe47ee975df28bc0424ae1af814e4e49c3775abfb5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
f43c0ef3d06140b69ac87f07705a9486

SHA1
6fada3c6783957359d1df4cd98ab6d22333ddae5

SHA256
c395d67973ff669e6e804241878b11d63bb77f9c006819d1b86b43dc8064679b

SHA512
bdc4f786a0b64d66b7f9da229807c5b158f3ccf043fb8e590f9379d4d9430efff21b56bc6d80319d38eac1416c3868c559da8e98589cb2d1c541f482b59e9719

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
243e3d0d88035439f54dc04fe010e7db

SHA1
822d58a89e53edf64c9ad2d3fcb59505011dc574

SHA256
81b8201c3e3b486075cc426cbb0602c3d4e7e96487e9b7eb751ce0b701ba3241

SHA512
03bf6c2a44efdd3b605b824b7f2981095ccef20bc01db95bc2b1682891260ac49a71bcc44f3d3d7a494cf25f518565d1daec4ef1f23d8e894b1ac8d89beea39e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
f9989495112c76f1aeb6ba0f23cd858e

SHA1
cfb07ab41998e8081d83771e3fe6e44d888deeea

SHA256
4a67fe7824dbd5b34001d9c336830861f3b0e6d149baf12b861b166c3ba9e301

SHA512
07bbd9e69c50febc0b8e9b6856b99f9b5561bdfd42a212168b121176a13ee90c7024fde9d492feb71c8e60f7771993056c8de66104341cc02268032b45e0ea18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
873B

MD5
75cfec509e68da12a72dcdb706b520aa

SHA1
a0267b5bdc682e58ab6c06f68782cea992199955

SHA256
31ef2493e0d77be3bbc084d13455e216e2c77ebb4453e0c1bdc8d5304c5b3bb0

SHA512
751b450373a24509279566fd3a42ff271151b705457006514ad411054de50f2dd3f4bd7966f7c0e68c3ce1d78b32bf74f70fa894d1fcf506bb5d60dbbeac2052

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e30d.TMP

Filesize
370B

MD5
268df82f9d77eed218f2402aebdc93f8

SHA1
b52da0d2527f07b2e19ea83b1fb884a0455c2f9a

SHA256
3970c3b17751e283337105b584c2c776e5cf358b31f18fd211ef734d7abf1f4e

SHA512
77a8c3b346f85eb18d16b55805db10e304eb02e1352896173d5f4645c629a4794b1513f0e5bb011a5d45aafbcb398d0fbf055aa633c8efc0bb6b6959fe92672d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
8a412275d085af5d8a4c3fe9a73d9987

SHA1
b61f11cb5f1b8600136c829706e24a01920134cc

SHA256
56fac0b0e9ff1136914d35860585b3c9db51666d26bfbc1b587d7ef54ce00122

SHA512
670c30b5a6e179e68510e72a5da48c05663354cde31d6a4517c045a038edee1f75677969705a699de684277b98fa5d51c2bab8d685f9237813779d6e4a9b735f

Download Submit