6da34385047f7f9745d719b8c2bb336e4ddce31214a92e7a98a05063311148d7

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
17/05/2024, 17:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

50a12ed61f61990b401098903dac4720_JaffaCakes118.html
Size

125KB
MD5

50a12ed61f61990b401098903dac4720
SHA1

1d813033b5ff4a9b586fd834a694393f678d5d3e
SHA256

6da34385047f7f9745d719b8c2bb336e4ddce31214a92e7a98a05063311148d7
SHA512

194b6f68442284d0bb0ce31db6b525cfe6af326ee17cd8146aeb36347910526a2ac717cb6e022260d5e210ad2ce6ecbee9bbea7f898d38ec1e814270b9223e80
SSDEEP

3072:eVrRQxLo8mf2fVMY4DfXyjBvMOerzfcJR:eVrRQxLopuyyjNJerzfcJR

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
888	msedge.exe
888	msedge.exe
1512	msedge.exe
1512	msedge.exe
5064	identity_helper.exe
5064	identity_helper.exe
2856	msedge.exe
2856	msedge.exe
2856	msedge.exe
2856	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1512 wrote to memory of 2864	1512	msedge.exe	83
PID 1512 wrote to memory of 2864	1512	msedge.exe	83
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 984	1512	msedge.exe	84
PID 1512 wrote to memory of 888	1512	msedge.exe	85
PID 1512 wrote to memory of 888	1512	msedge.exe	85
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86
PID 1512 wrote to memory of 2364	1512	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\50a12ed61f61990b401098903dac4720_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdc2ac46f8,0x7ffdc2ac4708,0x7ffdc2ac4718
  2⤵
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8
  2⤵
  PID:2364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
  2⤵
  PID:644
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
  2⤵
  PID:1832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:1292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4568 /prefetch:1
  2⤵
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:2908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,7836290740252601952,6048132177480660074,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5240 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2856

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2676

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1828

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
264c0d2ec95c3602c346007349881bb5

SHA1
0d4abd2e6392da9e115449802b49c8068021a018

SHA256
41b834bbb97738252040c449cc832a2134c118dbbff72e1b933ac1059591b5d4

SHA512
67d25a121aaa5afe9ba6e08eb2be02927f3243177804dad440dc5e2e9d114d0ef1c79a0f426dbac395e92a5dba2e7eb1d0dc196534b69cb0f276cd674826ef81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
4e3fc29e0dba6ca0bbcd2ef23bcd2cd5

SHA1
b949d81ea65f3848944b08f0b21a303820b33f88

SHA256
0704c70f307d96953e303fd97924be0b02a6a822fc6f87ddfcf09106bedcc41e

SHA512
9a2b0aed80103edd25bafbd133af7dcdd305cd5833f850cfc1b7e02e03b3db4c4fba3a45198287a7198b60a7826822c2004ff71c23a80fcb5a8a18a79f979075

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c4f9834dbe0a822c934675c7957c0149

SHA1
f2e18334aba33bb7571021aa9234ef199a7c89b6

SHA256
54d0a9c47fed12a9b840b3bbd6ba61aef73ca3f7aa4bd5ba8b592af9fe621b0e

SHA512
9d2257c625900ae1e5d69cdefa4dd9b47e3bdd6d4daa0f23ac6ad1c91cd1ee9e3dab948f2c578f8ee6b693c0ac48a2ea6f1099ea30a7408bbef404c8e35af4b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
66403db458a0c91091f6f0df5bbfe4af

SHA1
39b980d8f465ec21117f8af0d987f33fce43e1c1

SHA256
c70d3f6b687342ca94d4cd8a9dda409e6f1bd8ab86118834d70edf8e19cfb63e

SHA512
0ce7c55adddd16a8912a2b94b2479dd5ec55ae2f8da4ec54c3e681dd4d3efbd9a720f97af85caff0f37070e7b3b2e1ba45f9c38c4a06f0d4ba3f242e92ca8073

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
abe5a316597a8826d094950f4bcf0d0d

SHA1
6df89dc0ea55e53e78ead0e6ac15cd43057156ad

SHA256
195772c9d5c7bc9fd2f49dbc1877b359be75a433e3e9bb6e0a2e23df6ab64afd

SHA512
e41073f74734f91d3440c7f21ce12d6f328844ad024b0c57fdd8871c10cd931732c5bbe3c6d64518483115fdc76d5c43329a0d0187cd3c4205600330b9afc0c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
1d479a92e930132a5bb89960a305bfb0

SHA1
5d061888031b978e5056566fce0348fc35578d48

SHA256
2edbe3b00e711c34ce3a74773532d28cc5b73ad2b7dfcb310a1c5f43d3952fee

SHA512
b13de41c3f56fa11771501602ea01059497735cde7adf00a824579514375d1c9d7c8ff1561b25f17bc917666f8bd016672b6519c0d76f246806d5b4d8f4556d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d15a.TMP

Filesize
203B

MD5
73d9f2ae383ab371b0fa8ec5ce8f321b

SHA1
c3fae3a984a72457851fa35a2c8061baed0b7a4c

SHA256
628328d388a0439b79ff641bd6fa1777d1a3569db7b71662160fd77dd8a4b117

SHA512
d618ebc184ab436978c4776fcb8d2c2d9b96456fb72f98ae48ed4123e4101fa059cfee838b5f054359af6a381c3ef46b5c3a986599c93db11283432048670fc2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
3cc41009b02e3dc37d3721ec7f830526

SHA1
f4263f77e2546ecdcb715d20196806723c923308

SHA256
52b0ec7f0bb8e752f636bc24321ab5e5e46f799c917a151173de1fd5c4e91f60

SHA512
d5a649edcabf8066bc3d02734157451f76da5a7b9713e9221df3fe6ba312c3a25194d5a6316f02e989378b4a5bccfd1abeac8549ee52ef6a39267fc96e5d75bc

Download Submit