626107a2573074d43233dfa0c3c3fac39a01f7e498ec92e59a38a460b5d0c5c2

Analysis

max time kernel
147s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
20/05/2024, 17:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

60547488df9c8b8301400c0657b707a7_JaffaCakes118.html
Size

60KB
MD5

60547488df9c8b8301400c0657b707a7
SHA1

e7f5b61f5922878cc277bf0e794bce8b33f254d4
SHA256

626107a2573074d43233dfa0c3c3fac39a01f7e498ec92e59a38a460b5d0c5c2
SHA512

a436d3646f2bda0df2ce4334bca87608b34c73402bc78ec17d472176b6439f7696d5152ef3dc5fd0ec2a34f6688f41f0881fe8f07a338e05e801d80c387e0603
SSDEEP

768:2ayHHvPWlooWmztIlmw9APAEL/OiCogIqJEdnYHu:23HH2ldWmjbmiC9EdnN

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3904	msedge.exe
3904	msedge.exe
2812	msedge.exe
2812	msedge.exe
4024	identity_helper.exe
4024	identity_helper.exe
1860	msedge.exe
1860	msedge.exe
1860	msedge.exe
1860	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2812 wrote to memory of 3300	2812	msedge.exe	83
PID 2812 wrote to memory of 3300	2812	msedge.exe	83
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3788	2812	msedge.exe	84
PID 2812 wrote to memory of 3904	2812	msedge.exe	85
PID 2812 wrote to memory of 3904	2812	msedge.exe	85
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86
PID 2812 wrote to memory of 4092	2812	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\60547488df9c8b8301400c0657b707a7_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffa80746f8,0x7fffa8074708,0x7fffa8074718
  2⤵
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:3788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
  2⤵
  PID:4092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:2748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:2300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:4804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
  2⤵
  PID:2496
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 /prefetch:8
  2⤵
  PID:2872
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
  2⤵
  PID:2952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:1872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:3156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,10037533319730058524,70631872495130242,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5288 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1860

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3668

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:116

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
5c7af2c94972173e7d00a335f781c7b7

SHA1
9400bd80169404af07da0a310b567db54bb282f1

SHA256
7b2c48e446300c80c957fab2239ec7ee029727986accb3329917b8d0a5f30733

SHA512
d6a40a5e6d63505c9ce7e9b2897d3dc2eb9a42961b6dee538e3ec81775d4b9b82757e62dcde8afb8bfe6a2a9531cc8c869791abd7b753ee1a789b1136ef99e6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
286a0e43a5a2244a38a8b84941f7d13c

SHA1
710018a4db52c8c845556201acd5e5a8c8499bef

SHA256
04a23a172568e4e73541c81d33e5fef8abddfaa2fcc114567fd45ae4047ccdef

SHA512
4617d19bad49b738ebaca16b5bdccb7cabe3d597035cde448e5d1522cf16950d23466a76b382241b7a889f0272a558f4ac25cf074e5dce31a2a7cf1ab574ec47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ea2499f3377d0bcab27d28939378d891

SHA1
da529f62a3ce889a658612648de6778a84d4e3e1

SHA256
a4dff98d7b41a363b4f72dc5d301d3cc8919dc3b52423f07de7e7ebd8762e82d

SHA512
e8330d89d79473d3b470522ec05ef51bed940671bc4a333471b70c2e0b00f8079b2a217cb82cecc36ffd0afe6299cb4ce8cece42d59302a9297f64435c12e2bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bec5610ac95bbc1d379a4019b7e3167c

SHA1
5aad67a674b701d8f5f4c2dd66ccc13ed4dab59a

SHA256
38af4d20730989bfebd8015f0ab9791b9c6c248eca4e5c66914f1c28043718c3

SHA512
8e4854e28546c59711dfd81fe25d4d49976eebb46db7580fd2a89bc80458834fd92daf9ee610a67180a04b13b42c71aba44e480a578d0ae5d49fee87e97fc4d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
51ba7617d299dc17d095d17b12681fc3

SHA1
79059433c697e58690e1fd6f031ad28a5478f243

SHA256
b4a5ffd01f536d45d5a559eb6c963c7cfa32d27ffe6a94ae33d58eb1fe971295

SHA512
76e7251e7a8eecbbf3cda121547ad2dad94c125b0ecabc4c68d23796c97aca9f145677f058517887c5645b778410b0f9f67c7b851df11cf0555754eb113b58c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
9dae885bd247e3cca213c09611df2cf3

SHA1
77a587008fb752152d5f92baa5e74aad6b0b5797

SHA256
3ed2102b431a5a9fde1d2d1d62ae75572e8ace208b5ec76bf8cc5bf17a9a2a45

SHA512
b7918191c1bf2f4bff1d758ab2f299edb6f15e5461ef9d9f9c12b0b429c32a03e9404ada5558b83451f1ae8192ed17c4de29d37838fc070a85985f032c1602ad

Download Submit