e3681d4c2fd74430e8da5497b20194a58d650eedbfc55c5bc88f94b33df87db0

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
20-05-2024 16:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6002522a88a201fe1593eea3544c61da_JaffaCakes118.html
Size

175KB
MD5

6002522a88a201fe1593eea3544c61da
SHA1

41051e25d0b3f785cf5764a7ec8c56568aa07f12
SHA256

e3681d4c2fd74430e8da5497b20194a58d650eedbfc55c5bc88f94b33df87db0
SHA512

746695511ad4605cb7ac48c4693c18bad63caeea07cad627d6b5a166c683b513dab9558b2f43f4aa1aa795a7cbb7bbfe5b743557de47bbcb6b0e70039c720629
SSDEEP

1536:SqtH8gd8Wu8pI8Cd8hd8dQgbH//WoS37GNkFNYfBCJiZm+aeTH+WK/Lf1/hpnVSV:S9CT37/FIBCJiVB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3772	msedge.exe
3772	msedge.exe
3176	msedge.exe
3176	msedge.exe
232	identity_helper.exe
232	identity_helper.exe
2948	msedge.exe
2948	msedge.exe
2948	msedge.exe
2948	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3176 wrote to memory of 4964	3176	msedge.exe	83
PID 3176 wrote to memory of 4964	3176	msedge.exe	83
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 2136	3176	msedge.exe	84
PID 3176 wrote to memory of 3772	3176	msedge.exe	85
PID 3176 wrote to memory of 3772	3176	msedge.exe	85
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86
PID 3176 wrote to memory of 744	3176	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6002522a88a201fe1593eea3544c61da_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffadd346f8,0x7fffadd34708,0x7fffadd34718
  2⤵
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
  2⤵
  PID:2136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2340 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2636 /prefetch:8
  2⤵
  PID:744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:1008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:1544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
  2⤵
  PID:1652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
  2⤵
  PID:1288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
  2⤵
  PID:4100
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6020 /prefetch:8
  2⤵
  PID:4684
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6020 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
  2⤵
  PID:220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
  2⤵
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
  2⤵
  PID:5232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1
  2⤵
  PID:5240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,8987715676628489909,3165341720337051893,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3332 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2948

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4820

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3600

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:448

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
9fffc1980f164ac879b58781750a0c50

SHA1
1641ca331b141e4232b289e4b258601b6945e7c2

SHA256
e8a205f7b237d0729fcc27f875b2cca9c1262eeb7753d96af2549f3e43a5d6b1

SHA512
33d56fa5d72a34dadcef36a835e694d67a0e8e83978ffa01fb0b5acc678f80cf5b08c4eca8070d71733cf9baba1f6e3995181941111da681a0ec0a24cb5a2c71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
9774e8473f041d50fb75fdfc5c70b442

SHA1
2054ff26288244db86889c729300075cc8767912

SHA256
9d1b611379e3d923de828644911280c9b831e2f0f2fa2c84b13dbcb0288108df

SHA512
b7405dba7f8587f21893fdccdcb57ecea152f3af39794e9a3c51b6b50bb62dd9fb9872fb0ae00813d015390f30c890f8520d1244b7764fb760f8ddf017bc2fb4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
61f6d8aacc25846f54b49855e7f66658

SHA1
af5eb4f589f1149304fbb531cedfc92b8b1f2730

SHA256
7f6b709d4de0832b14d09504505ed640ba62e399a3daa1c679425762c0c16d80

SHA512
48328b9a1d814136cb5d4428e48469d0eadded391a589bd2ebd90de41a2479bdbe82e74d83c6e8e1cab88b0aec8c22c9ddb15483b1ef0aaef35e843fc6e636b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
36b1d6a3ff7732b6ff0d2923bf1ed34b

SHA1
c528f2fbd875ee2cba7f377bfb18c549db110efc

SHA256
162f1a7d9ee54d30f6cfe70dcd6c6fbcd04fd32d1912df38373f678bfa5585d5

SHA512
ca021c8b57193e3e855a258f237263eea037ee3e06e4d047c7a2b2d32af64c4b6b2803b618b088045712494d9df2f4515c4044763a45cfa52e15888042cf9818

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b716362e942b3a84da1cc4fa1efd9667

SHA1
e5ac52e670a8b943eec2a4e37a387328911c3cbc

SHA256
b94be1506bc918f28d144b4b1704363c45af221a0002ce2047b2a549fb8696e3

SHA512
f7ffd0dfb3a83c6b8efe9dc8743816ba924809f69c049b70622826d270572f53d93c323faa1060df2c151aed4e94a5a16846bf36a5fb3394190a9ccc93708ae4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
671c5d74b415816898892171428fa19e

SHA1
b265d65944e8bb00dfaebed0f92439230ed48e13

SHA256
a642322ee40250e8c7662a30461fbc31a8f0cb525060bc656c7623ed6e712546

SHA512
a21c8b2f2cd99602048eca341e350cb6b45c3a0b732aa03b32d5923386cd3efc5bf722b0c4aeb1d426ab2266f3951ceaa53d17fc0ad0b2d9deb81571cfe03621

Download Submit