a56eed4faa29478858ebc2d1d3d07db0d9d41ec29a7b5eaa54a22577266c8915

Analysis

max time kernel
146s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
19/05/2024, 18:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5ae8f0fe3e24602f18a5e99aae08908b_JaffaCakes118.html
Size

19KB
MD5

5ae8f0fe3e24602f18a5e99aae08908b
SHA1

20623f93e436b755ab9b78948223fa44f6685a23
SHA256

a56eed4faa29478858ebc2d1d3d07db0d9d41ec29a7b5eaa54a22577266c8915
SHA512

046d7bc7f56693bd7142db515b7a9d44fe2c6bc7406492e35027814f8b68f45c462bdc74e8947ad49057a70b6d7a179257b504865148580cfc69b0f99da11fa2
SSDEEP

384:zY6OlVoVW5zvdIlk7nFfQDAWMZA2FvWWW2:zYj/iWxxfSn2F+a

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2956	msedge.exe
2956	msedge.exe
4380	msedge.exe
4380	msedge.exe
1524	identity_helper.exe
1524	identity_helper.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe
4380	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4380 wrote to memory of 1828	4380	msedge.exe	82
PID 4380 wrote to memory of 1828	4380	msedge.exe	82
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2432	4380	msedge.exe	83
PID 4380 wrote to memory of 2956	4380	msedge.exe	84
PID 4380 wrote to memory of 2956	4380	msedge.exe	84
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85
PID 4380 wrote to memory of 3504	4380	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\5ae8f0fe3e24602f18a5e99aae08908b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcb97446f8,0x7ffcb9744708,0x7ffcb9744718
  2⤵
  PID:1828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:2432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2572 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:3504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:2732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5468 /prefetch:8
  2⤵
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5468 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
  2⤵
  PID:3084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
  2⤵
  PID:2164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:3632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,15097000404601756281,1868472261097141616,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5660 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1116

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1028

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:392

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ae54e9db2e89f2c54da8cc0bfcbd26bd

SHA1
a88af6c673609ecbc51a1a60dfbc8577830d2b5d

SHA256
5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

SHA512
e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f53207a5ca2ef5c7e976cbb3cb26d870

SHA1
49a8cc44f53da77bb3dfb36fc7676ed54675db43

SHA256
19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

SHA512
be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
f05fa2e44c754f662044926a6ee5209f

SHA1
ebe24131332dd31e342f01920399286b8520c378

SHA256
5c4ec9806281e0feeb41a1eb0781a722fbf76b63820265c18987e80cfc169fb6

SHA512
f75ad7496c748e384ba9c58249cb1d839d73f094572791ce4b23565f4247550f79ad5df9fb14fa83f6aa9250119b6d602cc4fea55d3e17b1930132c8f04ecfea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
1ba430af9ff7c626ac152e89b9eaf0c2

SHA1
15c1b56f303899bfe44fe37a3e90ab7b4276433b

SHA256
dd9b831bb643f370f88321dec4e24560faffa5213d9ba43331923008efcea693

SHA512
e167e2948b3eee29547a670e8f4f0e3b3f4ed441935ed339efc264d78cdd501571a00aa827e147b39b1a519b840732ec6be6fedae301319a7d6f17ae63e25e38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
13406973bcba564407a066d18b584874

SHA1
9be3ca52a94eb535448911e1813921cdc9559596

SHA256
f9e832df2f040729180f4c850121b19b8f196977187ef7ad94bf454643f75c97

SHA512
5de9aefa628f1fe8583a713bff62f3bb8aec9ce08bf38d7a1d381867ba9763e302326b9754239364d49edd0b658dfc0819135ef450373fbf5012e47e3779f7c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b2152211da7c6789f0829675cc6b17a0

SHA1
bfa337a5be24bfbb4a4970e22aaeab3af20970e2

SHA256
bf9cc181bde29e85cb17f7fa6f7860676479e56c0f2d0b1e72fd397653e8e114

SHA512
083848d33abb8cfb890ece65158b8b758ce42437ef478966376eca980bfaad8710aa9d6c11ce45336a49da58e28e5124505cc4c07e42eb6d6d1eb1f26b71fbbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
949a9aa608afd38b957e00dc17f8fff7

SHA1
fd8d7d719b2996efa2c79bb7fe020905396fc8f3

SHA256
0f2a1b7f6bf0577c6450c5fa93abb4761e218f9b841deac075c2284bcb436ba5

SHA512
da0cab525e034fad74e6dcc9442583a171c04b220523cf3b6085f6431a153a907d4a674ce1f1a9b48c8b81e2651b6ad3d059c94c017390499200da607913a540

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
657a31e544b132a6265d9fa473cc6c00

SHA1
c128d196c7184ad698960fa5bef3d2f08edc8e37

SHA256
52aaf6378d6b2d99ba3ca3da6096c0fa7719718c82c59e7c1a6528da8980f05d

SHA512
f0a841a25e862aa70912aff12ca9fda79a9e2cd8d86d742a6cbb6f31ae21cdb63141264b2abf338056b229934f55db1c39dfb8f2883b99764d966d315747a784

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ef61ab7281f306a4a5c940611751e50f

SHA1
70a3c5c2eba53d07b99d5b240c94983d99f17f41

SHA256
3446821ecf1f6c54b78195676201184bfadf97d5af16c546551c32c87a901841

SHA512
28795038fa1ba16212d9cc79b13cb1d37dc07e4ca69444a41b57277079ed506a803590d7a101c2ec8911ce1561b32d263727d52958a8b073fd720d629b5916a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a341681b92619467c407960a3608cae5

SHA1
283fe29aa5faf7389c1a67ef172f8b5a2599509c

SHA256
45ad90be3f016085241ef39e3397be2db6501829962357b592a8bd1ffd581b2d

SHA512
6bd10c49d94cbdfaca1dfdd6c133366326cb8b0a96a0be58776832e4d8a578462b78365fc3898d1106cc5409014a1e9973ac9229c67f9ec5c82fb3a9a15996a5

Download Submit