170ea0fb391b81085348540b58981b5ace765b350a73812a5157ae5eed990b7e

Analysis

max time kernel
144s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
20/05/2024, 03:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5d120aa0d4eef640dd2a4288396dbfa9_JaffaCakes118.html
Size

149KB
MD5

5d120aa0d4eef640dd2a4288396dbfa9
SHA1

18e3b63c415571a4bb871a518235ad4b14dcb14b
SHA256

170ea0fb391b81085348540b58981b5ace765b350a73812a5157ae5eed990b7e
SHA512

d3125e8bde747c1221dea21c5ce3ef9daf573cab4405c58a53957941acd2007d3324b7960a5f3329c9393169c463feab2c86de9a676cee79980e008cf033aaad
SSDEEP

3072:16Ip450mI0viE4CHXLz+dfMu2lAOLBPgKMtA94:8bd1BP6

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4380	msedge.exe
4380	msedge.exe
2664	msedge.exe
2664	msedge.exe
4496	identity_helper.exe
4496	identity_helper.exe
3480	msedge.exe
3480	msedge.exe
3480	msedge.exe
3480	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe
2664	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2664 wrote to memory of 4656	2664	msedge.exe	83
PID 2664 wrote to memory of 4656	2664	msedge.exe	83
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 3016	2664	msedge.exe	84
PID 2664 wrote to memory of 4380	2664	msedge.exe	85
PID 2664 wrote to memory of 4380	2664	msedge.exe	85
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86
PID 2664 wrote to memory of 2120	2664	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\5d120aa0d4eef640dd2a4288396dbfa9_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff850fe46f8,0x7ff850fe4708,0x7ff850fe4718
  2⤵
  PID:4656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
  2⤵
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2488 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2956 /prefetch:8
  2⤵
  PID:2120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:2360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:1596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:2364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1852 /prefetch:8
  2⤵
  PID:1136
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1852 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6712 /prefetch:1
  2⤵
  PID:916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
  2⤵
  PID:2108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:2816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
  2⤵
  PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,4849470885848522923,16743816979088066818,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7112 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3480

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1704

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1808

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
a76f9a17afa2f37fa960ef02619b474f

SHA1
b44eae1344eceb04b75dd68e6bfe6e686dac95fd

SHA256
c2952e533c1ec82f668461d5391e23f1c46c4ce5632498b724aa954d8edf7884

SHA512
8c7cd0556b7921e32b3ffa4f4df4177591268cfa77ca98fbb01b339f8fc4bb4b63f50f792c5681200315141684451e1f71aa9ca129158092ef3b5a577f79baa7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
4deb4ad1b4d8879f11a19615857ca29d

SHA1
1144861561aa0951338ddd6244c6927e82fb7ff1

SHA256
d1d16dabf413f2ec60e9ce3c1231aabd63e728b6ac6171f1f387769fa99bed4d

SHA512
038e861734c865c12fe4784de605094d356230fc783ef3ffef1676212179a80f33f52b681c33b290bf343b6a5691847f52e6fdfcc822ac7ad4976cd2e1f0f6ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
aa6df121a5e7beedcb6efb5d5ac616ff

SHA1
69fe14c8ec74db5e8581e777f064eafa0427ebac

SHA256
4bb2c5cb1077f961d29eee91619a8052fead9f1bfc1c3510e92c60635b0262a2

SHA512
f9003a444691b0d814e28e4c6e4498646b552ae039290f79bf5232b94d40ba84f642fbbfe282939d1a0f48f788fd6c48e8851993967933113c1e26880e5ee94e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
7db073a99195b81dd44c605744fe5d4e

SHA1
54b30e538ebf76102c920bda5e7f6b565af26999

SHA256
c2d02efb358d541d83444996026f749fd907933ee35917cbab8c5be94348f5d8

SHA512
c7cc740dd05b11406e387a07ea8e92e3b775baf695c41631b2a35ec247bb9042ca0814e7c73328e9654b65a74161a627fc37985839a8be2b1bf44f1199f7baa2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
d2c1097b79370f74c87ec21803a80a2b

SHA1
dd45ddcf4cec70757eed4384d2963c53c45c35e3

SHA256
e2796b150fe548dc43da88c9dbd5bd712d5a29006af81227cdeeb16d512c9a6d

SHA512
85cc126f77a0e29749b4cfe68ed48172b3550d2ac1e192130873b920c314dbce2238538f64daeef47f99c3aab3d486004aadd73abdb8d3ea0862916aa7d14227

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
788acc4e66fed30cea9c1ea7581c97f9

SHA1
62f8c748932b34f239c6cf8777bd776cd65deb16

SHA256
5d938e425cb55b7e8fc725c41c18ee02dbd7da14e651898082adfc05f4f6ba79

SHA512
fd28264b4f90d9b10d90f8d95d12166b6f94cfc9d747a197de040a9463cae58077b3125aa25f0d440d8f1c5e2c7a630b29a91e9d52518b6310219c4b8b8255c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
595e3a14a87b26de8d8e0dea34acb70c

SHA1
d5d4ba0c4ebcbb546195446f9321a5ad18ed7664

SHA256
08cc2b10ef10409adff31697d167fa53943e633ea8f3e4b6881bd83ea5be80cb

SHA512
109c2a1a1fc3742746d2dc8d70241b9ce7961425beafccdfe7926571c971b3c891ec6c21f424312617625d53292341fd03fa584c93ced7b049cc208bfbce3223

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
eb4d6128680feebf6ef39a4d75513601

SHA1
6870989ebb6a08869bd34277c440cb00cd1a57f4

SHA256
198ea0bf6b3779da563f8edefc0d42e1e0fbca1c58c553ef4c6c5e086d8eda26

SHA512
b39c43d56a599d88744f27cadfb0933fd3f58d6a1516f9cba20788c75f7b4b514e54ac1ada93395d207a21018b44bb6e8f05fda93662d4f57c7b8c82e1da0c8d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3aefe6671aa61fa70febfc8e531f4c80

SHA1
933a6bd38a83a1b7a3f94da8d0116fd9875d8698

SHA256
facd77eb2913763fd508146254db1fbecb9e87a1815b99225159de61ba8104a8

SHA512
582cb229ed13785d019e6b53c5d4bafb52e6062070775dbbcf9c71d6152a1276979fa4c68b8bf7ec48c0db981616cc46b6464b1f85f91aa15b56cbd8ff3e90e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
27459e3319cb3d40936670e7bc9fce2d

SHA1
4e5d0686d7e120e745d8e0c01baae2774734fc00

SHA256
8b239250903342c3058896b6ffc6b8d4579a644fb1955898e48e55fa45d1867a

SHA512
934bdfed5f13e93959aec3a5483f3174ef8e063e494979e9c5eaf34030ee041252c1d5ce42c1a00c43c4c6463f01e24dfbefebfca155a91f77274d268985e20f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
65b831acf3bc6a889cdd8686b9292ddc

SHA1
f4fd3e0b53da17bc9b30098d8c7ddb399c68dc35

SHA256
1a2f85f3c31a3aca0a498ffa9eddb821a302d09e361f6267e8b3e536628ff8c6

SHA512
6878115c192ac96226547a263ae5f62a5be49503b4eb9acec39a53a473ad700832b70e3b4fda459cf49ff7eceb8d5a0b0a7cfa378c65a149ffcb658f2561fa1a

Download Submit