662cfe98a96f5ea2c27cfe01950ad54698cbca9b1119ead0f088db52900fb6f4

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
21/05/2024, 05:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

622dacbc6b7faa7e1dfe21a2003bac25_JaffaCakes118.html
Size

93KB
MD5

622dacbc6b7faa7e1dfe21a2003bac25
SHA1

beeb6c9f653552772e8ba048e2b1e0436f436324
SHA256

662cfe98a96f5ea2c27cfe01950ad54698cbca9b1119ead0f088db52900fb6f4
SHA512

e1956dfb9f2e07c3a7689c8ccf9d8c9e8f1716607467c46ef37fd30a04962ce631b7d36e81ad8dc5dd6807dc7eaac26e9e7ecc8a0e693c5052b242c2d653ba54
SSDEEP

1536:lATNK30Cu/KW7M4Nw4TMx2/QPiCOgzquvlrfoB//y4f2yzEKHfLNKuISRtkuePJz:MKiM4Nw4TMx2/QPiCOguuvlrfoB//y4g

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
428	msedge.exe
428	msedge.exe
1608	msedge.exe
1608	msedge.exe
3316	identity_helper.exe
3316	identity_helper.exe
2060	msedge.exe
2060	msedge.exe
2060	msedge.exe
2060	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe
1608	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1608 wrote to memory of 2564	1608	msedge.exe	82
PID 1608 wrote to memory of 2564	1608	msedge.exe	82
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 3300	1608	msedge.exe	83
PID 1608 wrote to memory of 428	1608	msedge.exe	84
PID 1608 wrote to memory of 428	1608	msedge.exe	84
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85
PID 1608 wrote to memory of 2300	1608	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\622dacbc6b7faa7e1dfe21a2003bac25_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7fff1e8a46f8,0x7fff1e8a4708,0x7fff1e8a4718
  2⤵
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
  2⤵
  PID:2300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2108 /prefetch:1
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4224 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3912 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:1632
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6544 /prefetch:8
  2⤵
  PID:4280
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6544 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
  2⤵
  PID:3712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
  2⤵
  PID:3836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4136 /prefetch:1
  2⤵
  PID:5192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
  2⤵
  PID:5200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
  2⤵
  PID:6040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5924 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2899453463951620885,4173341331753959180,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
  2⤵
  PID:4416

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1884

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1300

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
537815e7cc5c694912ac0308147852e4

SHA1
2ccdd9d9dc637db5462fe8119c0df261146c363c

SHA256
b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

SHA512
63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b167567021ccb1a9fdf073fa9112ef0

SHA1
3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

SHA256
26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

SHA512
726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
79KB

MD5
6766ccd03f709b46e04e275c09ceec35

SHA1
5902cde78649b7c4f202fce88dd25b0c74a28aad

SHA256
92e816437880ad287f2424579a048ac4ba985f533a70c16b5cf8cf2f483ab238

SHA512
49a87f5f246934187e9768102020f656512a32a51b1af7e2275f5a941d4ea2685f1f0cd6d84d447d1d7911b1669e10f3b8879890be2238f561c9776ae47fa9c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
55KB

MD5
6cd02bec45e3ce2adbeaff686c56c915

SHA1
04d8bcee0cd067256b85d6f2b1a6db3c52b599de

SHA256
8b0613db96dc90b83b694414f5e9a53c407e7a5b4c6f05d3c2c3e1d3c68f1933

SHA512
2a0314979ba9135b6c3634ac0e40503fdabe36e806504b87f28cd890f110a0a298a1a2e4d5dba4d4fe2300ec88aa41a60171db69b276f5bdba2ca77f875df02b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
49KB

MD5
b27973c330569be9da57610f0c368cbd

SHA1
833f0ce090a9ba7047c06c18e6204dda1323ff7d

SHA256
ec403cd2c71cc3c9df0df4e9b492a65ad77982b020f544a9cf75dd8f110b66d1

SHA512
edbb5b7aa38009fbb71f6563ed215a3fd7b8bd3c20308b87b6231b3de7419eedf31166a02a1bb42d4cc65408a373aa845755e792d43af058e9694e2f98b32d72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
16KB

MD5
549d9ad1988f3111375f64c74069ee6c

SHA1
e01f0fcf1a9d67b3d9ad6ba4b59b7b4d1f64fb77

SHA256
ff432fcf8093bd9ec4a32c277dcb8720c32b6df543f33867c47532729fccc8d1

SHA512
0d402a44537daa373bb5c55bcc57df85ea375be9df7234a40364900207bf8cf72ddf9f8c1b6fd302bd0d09db7db86316caafe736c8d55e25c80c27637e8d103c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
16KB

MD5
49b8bd91b04839f9a1c220477b620894

SHA1
2b0a9fd53e67312dd31b3d31fe10a6147304fa06

SHA256
b54be954bf7d35ed908bc94a65365bddb73e88789623443ce875e624a35bf114

SHA512
be4d9d75a3bf7b0430d5e33c10276931fac2a4c8332ac37ceaab615c7760726d74fefcabff4b697e83f0e31ba6c5515e7321cd2454a37430430b7be50e6c43de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

Filesize
57KB

MD5
0df7815e089ee836eee827c69c45ffb0

SHA1
e1f89c63ff9e6975550cc5c565fc677216ebf3d5

SHA256
f1ced5b4d4b24ef1efc7efa0298a6c7de2f4e54702a1b94c83b0c4021759bdd9

SHA512
9b8b563bd80eb465a8b6069f0abaf50232754d5e24fcbfda35f1ca1a3b1c99d23bb55d81a02b4f054f1d0463cba21705e743188c38f526a33be897d9cb334468

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
bb65b10292eaa42b8a31256630d4e218

SHA1
5e6e7d64e0dec18871a9dd9a28cb558c08caed4b

SHA256
a171e74a6389fd4930f9fffc641e7c2fc5b1649657c9c7025a13bb736edff2f7

SHA512
53bd45044866a09837625f439c5c31d0ed32ecc0cb18275c4e4c797d4c33c772619ef45eca559ca44d22b22fe2cc9741615312d9d458c2ce0f509e413946b695

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
6ea8fd7f44e4ddfdfab92a9b87a571ec

SHA1
fec8245091c70084293c47fed579ccc2b14e8479

SHA256
b313987a2ecfb69c6e9fb727770625af92fd2d20d9fa57902729f505ae7dc8eb

SHA512
cc5ed2a03f02bee996063ee6c0508542215c813cc5dcc7f017d3cc4d5b37e200fe4a240096a3382fe46252db005f337379ccfe549f77c012bd1cc5d71b537554

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
1294832f98c9abfe9cd339d24c91e891

SHA1
b999e2f5bac25df56bbfa02dd4a3eac8886d4810

SHA256
91b0152e8d2cf430930fb259b4e95255a79742c068fb97c1d88f10c61228bf66

SHA512
23e4d113df6f79bfe5bfe9f547c5128fb96df42fd9c9dfbd89fa46819fa23567496e75168fedfab00fdc21273793006d695631969e9fdaab262050c33d8aa52a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
fa3fdfbff69d377ad6c6e51d53c0251d

SHA1
eb2109ee1c7b7b22f2cc3529eac695a7bbb6e75b

SHA256
c07394a1675adadc9397756eb63642d6a97a71dde61e2f90b87f0b9ac407d5b6

SHA512
68c75a0c920a122659693f11b66bbc85856acb1d9cf71b10b1a75bef6afb996cb2bd53130f1bc8d90520535fc6bfbac9396679ed4abaabb56d13ae7f7964303a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
e3f4e805e07e5641d2d5d2e57f443844

SHA1
210f1fe17c5888897d97f5950635ceb1f80570d1

SHA256
6e836da78b6df1f026313eeea6c7cc9842e81365cb11dd775b4600c1f98276be

SHA512
ae041308b249925cbeffe080f6772b7334e2a526719e3705e7ff1edd217b5db8af442ffe8f4d7b6f6789a50b824d65d7ac94182ef88548869b0b673ea01f89b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
154ff4f0faacfa9d77788895cb2b1d66

SHA1
c926eb20fc2b4ccfa7df27c57e54d8609e4e7b9e

SHA256
8f6b3a521313abc70154d47cda75d1163e398430d54956cd62b74a75b0e5fced

SHA512
ca8bea66bbbc7ef63e30254ac9cfa1b39d98835a29c42cef66fa52b1fbb6c2bbfb6decd2310af69cde03cb4e25cd2f14e1c5d3220f9fa8a4e3344f4c21e128b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
7b0db3d5aaecec5466e0749b1fab0d35

SHA1
f3863c1486374ca94ad26959a43a22ad6e6f75cd

SHA256
c8accc2280a9acb3060febb5655b90a2e2bfc9b0cb290a1403655c7977ae55df

SHA512
d8450e38ce65826843ffc2e711dd623045ce4f1fa57e8144af5798ce5c0fe8f6fa0021215478895c72a7b61d0a134548f4c3c9ad226f53e3ceb65ea9cbc2316f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
aeaa91196651fa1fd6a9f70b1f796c89

SHA1
ab1ee5b6f3570b55b87c9fef3a6f46354569192a

SHA256
36b9ee3f77dc38bb4e20ca36468cfd491cf092fe116ba836f87e9961e01f1bed

SHA512
cef9291870490a2925aa7f1bd3a8b0ac60258223edeea8a11091e7e982a51b94e2f6c42718586b13cd57f4eecb0c8abe8acda61253a6b1de8fcb172882399128

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c4a39d719e02f3993c07a2b93c414ccc

SHA1
6f753857ba7bc45981538a25c068e7335a96f202

SHA256
709450a2672ea3b2692a055e3b7f923077d1fd2d1cde41e653af86cfb695d487

SHA512
d9d5d9ec1d11dd1dcfeb7c7aad5dab79401cadb8e6667e4f44e2b04093664f8ecc8175e596082eb65c9d6e96710b3fad017963fbf97ff5687a8dd8042c166e7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
107ff638bda380c0c1b20e4d97cf4d85

SHA1
ed269eb7335503654d898258db68e3fcf465988a

SHA256
72d1631f4a80d83249b21d9e8ac5e99ae2d7acee399091a4603d1ea2ab92c26c

SHA512
916f9a9445dc009b42044438013d12aae832454c9c80da6c16bca0b2c773bdcfa0718cc9c467692ead48b1a4ce5100e27b6469fcafbba622ad2b49eaa609a715

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
026899fa9b3d27d3f7b1c63f4b9ab179

SHA1
d922482a1982e6666149ea9063486495bf41b383

SHA256
6df071b6bb8ad78c9dcc9d733a64d726063b8bb549ee0394dd88c224f3a72f62

SHA512
47f0b6dd75f20c292d24e70ea796865c2ee6afc9e3961b7e6e60ad0163d87e44f8fa15998d35e0dab42b09edc91ef0f1508a84d6f243f566207b131e847e19bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
c9238f336022b80e8744f05ca4154a34

SHA1
5cdb11513c5b6dad4b45b9839a6dd2aa34172d99

SHA256
a38cfe0846928ec793e784b91c02423ee09a0e4419e80124bd335d4f83e83bdf

SHA512
dcb66c94bcab09cc5b100903828305958045ff490e492236110380f64885d325e3f8cdd9ff5151243683b45030309e8778a972abc01f9be2fee0acf02d46840d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
765081a597fc51c93e2cb3c82ea95a1a

SHA1
e7bf2b72747e4be071a67b07e124cb0b7db250c6

SHA256
fc6030b28fcabbca584f3338531a5165f63ee31cbdfed15db8a6c663045d27bd

SHA512
93e3483befd50bf8d8a81835f1272cebe9e6f8dd6085eea80270a12eaed41a65c3be765f4ec4a3e3d2a48da305ce17da7ba82f45a9943f0fe141e87589fc61ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
896b22e417255c7bff00b5c88fd8a2db

SHA1
9b6ad8b9bde8eecbad5144caff8ddbbf2494d39d

SHA256
6e882a9809bea51fa85dbcb366ae9688cdfdd135625c3199e2dbd9f569f35219

SHA512
2def3561221516c5a17099737f1dbf38aea6896481257e0999777a3c8450e70eb557d3d226b4830ea059fea68ed2eabefcfdb8706a39f247b58e06d7e90f4b6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d9f5.TMP

Filesize
1KB

MD5
16ae153c4a99f34a9f5d017958ba99df

SHA1
54b6e6d23589679b84ec6c25316e86994d2f4e66

SHA256
c7923d86fc37383ec23ccc291f4b5c9945f8752f5167f4eb44d134b9dde7e6ad

SHA512
961d55c10e1ae432bd59d3aa9191bb7718316ad8d849770fddcb0ec16f677a643e2e6a4542efecce26bf23f57b223f7fe97b6cac9ff7bfc5023b5507d7befdbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
78bbe97397a7dd6b01f7f49cf6b200bb

SHA1
89bf92c54753e6f0873669ff70ecab83e6e58575

SHA256
685da267604d396046fde7aa345ef39a7770bb7863110d80ee2ce07fcc5ee0b6

SHA512
d6128ca46e241b160a15495264f1e6bf3b612cab42229c9a33c4af6764760181a151f4c3e471466e780437bdc8239c90d1e957c92441aed501ab858c66d875f7

Download Submit