6d0a983165e6bb73db350cf04e562eff8b060cb730ac8760a77b479fd199fa40

Analysis

max time kernel
150s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
20/05/2024, 17:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6070075f64469f7c437c4a3e7134c450_JaffaCakes118.html
Size

33KB
MD5

6070075f64469f7c437c4a3e7134c450
SHA1

cdda50e8aa2bef60f46e13b5de646bfdf8088d0f
SHA256

6d0a983165e6bb73db350cf04e562eff8b060cb730ac8760a77b479fd199fa40
SHA512

fbc8d45b623c84217b1fcb869ff909e0d4e6846604fee8c317acc38905dc6e07635c5ad5b7da8ec8aadd14e701e50aa88f026bb53c155ba6ff5bba9c41ccda9a
SSDEEP

768:U0WSN2K4CnMz/VodHnoA5zMzj3EL4vUUnVs829bB7Q:TWSNzZnMzNodHoAZkj3EL4cUnVsg

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1428	msedge.exe
1428	msedge.exe
4272	msedge.exe
4272	msedge.exe
4044	identity_helper.exe
4044	identity_helper.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4272 wrote to memory of 4484	4272	msedge.exe	82
PID 4272 wrote to memory of 4484	4272	msedge.exe	82
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 3180	4272	msedge.exe	83
PID 4272 wrote to memory of 1428	4272	msedge.exe	84
PID 4272 wrote to memory of 1428	4272	msedge.exe	84
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85
PID 4272 wrote to memory of 3520	4272	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6070075f64469f7c437c4a3e7134c450_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x40,0x108,0x7ffd711f46f8,0x7ffd711f4708,0x7ffd711f4718
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1976 /prefetch:2
  2⤵
  PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2608 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:1160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
  2⤵
  PID:948
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5860 /prefetch:8
  2⤵
  PID:3088
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5860 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
  2⤵
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
  2⤵
  PID:3356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
  2⤵
  PID:1348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1920,4751079208584497736,15580045505076068410,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2796 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4008

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2808

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4400

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
b8c55531e7ef329281adfa7dcd165821

SHA1
a3d3d0fba169d96a570e80b0831fd410983d2bea

SHA256
624cf92382ab0a64e4bdfe7e7bcf8656dad325c654436b9f3080dad0e0190345

SHA512
6725160485ac7964e70bc43afcc5e931bd6eefc1953b2b773aebe78d116715f8da1ed383ca71d13ae969dbb884a8537bb906b9723db2dde0898ee35742be7995

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
b075a3a77607ccc57cab5bd12cda397c

SHA1
690872d58aca0fffbc2d99567def24d798a80ff1

SHA256
f470bbb45b840da1ef68d1fb858c6c0f018f84de3dc56872b299e4bb8c1e2da9

SHA512
70da94446cdb4891157219725456676903335152abf6e0088ef61c20a8a1350654d4fde806f0a7eb3e7ee4d4adf5e016160e0660334d68c7f484b72bf99ea5ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
1b3c337a296a4be6959b12d42b9afcbc

SHA1
546419108f05b2dbfcfdf282c5b5838f0b690b31

SHA256
4adcf194798cab2f7a420e8fc71792ef887dd1c4ac13e25442616e170a74bba0

SHA512
bbc0c35fdc2f55fac1e52531d70e3a1faf332ebe6573d206d29ddc1a1c6d577d77bbf064314aa74a22c713d9b9aa2a17f26e3dbc4697d14c6897413be8ed69c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
165712ca3ef7396f34c251e53c5e6f71

SHA1
fac7a99a97c18a9169d3f26be297d51794cfb142

SHA256
de5abc8c465c7b87c63947e9dc311db1306af7e9b59f8cf52fd20ecf5587386d

SHA512
51d7c5c750ba60a1c4e6d495f8f4b83a5607608e68f1316fe6fac68c2ed528c9f1ee118b5590a1c5954074bad9bd085fe6a53eb98eecaa76633a13e4f2b92fdc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e62598431624a2d0a86b3ca66b2badb5

SHA1
5736062dacebb896fde7be06e21b523ef7ddb7b5

SHA256
b521cb95be2fb8321304f5c08a40174889fb532297da9a872ff16772b71fba2e

SHA512
252d7ba0c0c45cff21c33f3628747abfbda1ac149923630938edad89d971c228fe608f0a9b7bc4d729f380fb33e812ffb859409060a088ec44ad9e9b13ec30b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9efa3048856882211a9c2da208fad56a

SHA1
363a2093734dfc9115a871b1fbc5d305ec4f0ceb

SHA256
6b53c927c93d49f82cf200dc5bde44343422af16eb4816caf8348f830f49447a

SHA512
dca75c8d62b91f1d46bde34923a3aa101b78c6451306189b03fc53d5d03ded40e701280fbb04302f4214e66d9c815c057296a109c027bd4506ef6505cd0d0ad1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
05187434e1178a45810cc9a60630cb6e

SHA1
770c2bef49957b828b7ebc9264064fc00ff17a0a

SHA256
5f060cbd532eb0a357bdeb8c35928ef439e4b63250a0881a3794fdedf94d6b68

SHA512
2acdb9be41bf986bb450645580b7c2d81fcf1bf0cdc9e75764dc8829913ea6c854fa03f89e90588e22f1a782731d71bfcab94e6ca0841d9a6ddc3cd5cd1cd9a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
d3ee33165f67adefd440a2e7d0a7aef5

SHA1
ee67885176d1b237579e2c02bfa6e0d3e93674e9

SHA256
6ce4846f6b4919b567ccf62b538082382d1c987703eb3452d3777645460a4449

SHA512
dca66778aa8e75c5e7cc7121264b31c79ae838722a99c85dc916beddf3583586cc6927bb8e0fb8ee1de50a6e7bd75376166f85939c0777461baceb77ee3fc505

Download Submit