2f7e42b36c1d5fbba79f6f039f1295d62b0ca72f344ed82c1c109e5cd5c40310

Analysis

max time kernel
145s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
21-05-2024 09:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

62cb58aa322d545ffc15b456dec1a239_JaffaCakes118.html
Size

43KB
MD5

62cb58aa322d545ffc15b456dec1a239
SHA1

bd2385fb44c39401985126497d78ab15adcf007c
SHA256

2f7e42b36c1d5fbba79f6f039f1295d62b0ca72f344ed82c1c109e5cd5c40310
SHA512

2122cb518217c52ec19bd6488ffd7120a88cf94f2f7d765de07d9ce3b918ac23f76bf5dfe9b8aa7c14d20ea67095220b282ef52ba7ea129d05c6ca31f63cdd0f
SSDEEP

768:weX8Jnpje0pGNdm1HLZTCI3xIE2EvweratRl+yaG7d7FvqkNv2eb7bkuzXpmPV/2:F4pje0p55tsGU7d7FvqkNv2eb7bHsPV+

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3124	msedge.exe
3124	msedge.exe
1928	msedge.exe
1928	msedge.exe
2912	identity_helper.exe
2912	identity_helper.exe
5192	msedge.exe
5192	msedge.exe
5192	msedge.exe
5192	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1928 wrote to memory of 1512	1928	msedge.exe	83
PID 1928 wrote to memory of 1512	1928	msedge.exe	83
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3052	1928	msedge.exe	84
PID 1928 wrote to memory of 3124	1928	msedge.exe	85
PID 1928 wrote to memory of 3124	1928	msedge.exe	85
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86
PID 1928 wrote to memory of 4516	1928	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\62cb58aa322d545ffc15b456dec1a239_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb1a3646f8,0x7ffb1a364708,0x7ffb1a364718
  2⤵
  PID:1512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2200 /prefetch:2
  2⤵
  PID:3052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:3836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
  2⤵
  PID:3100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:4752
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6456 /prefetch:8
  2⤵
  PID:2344
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6456 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
  2⤵
  PID:1292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
  2⤵
  PID:5244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6156 /prefetch:1
  2⤵
  PID:5252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,9895472789981174214,4946811036690515070,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4024 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5192

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3612

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4808

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4f7152bc5a1a715ef481e37d1c791959

SHA1
c8a1ed674c62ae4f45519f90a8cc5a81eff3a6d7

SHA256
704dd4f98d8ca34ec421f23ba1891b178c23c14b3301e4655efc5c02d356c2bc

SHA512
2e6b02ca35d76a655a17a5f3e9dbd8d7517c7dae24f0095c7350eb9e7bdf9e1256a7009aa8878f96c89d1ea4fe5323a41f72b8c551806dda62880d7ff231ff5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ea98e583ad99df195d29aa066204ab56

SHA1
f89398664af0179641aa0138b337097b617cb2db

SHA256
a7abb51435909fa2d75c6f2ff5c69a93d4a0ab276ed579e7d8733b2a63ffbee6

SHA512
e109be3466e653e5d310b3e402e1626298b09205d223722a82344dd78504f3c33e1e24e8402a02f38cd2c9c50d96a303ce4846bea5a583423937ab018cd5782f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
20KB

MD5
397383c90a2d930f866f405747e27466

SHA1
7bb6b5d6cee104c877dc5c3462f61232ffe5b360

SHA256
a67db01d19e15d8fa76e5a075e336e195325d79d277a83aadb6a440acf887c47

SHA512
4357eddc0581e3cd6209646540bf59756cb4035d7dba47d5cb6b0050e6c202bda65721d4e9d644f37e3cd105bc5fa240574cfa96649f01e2769b796b523e08aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
44KB

MD5
88477d32f888c2b8a3f3d98deb460b3d

SHA1
1fae9ac6c1082fc0426aebe4e683eea9b4ba898c

SHA256
1b1f0b5ef5f21d5742d84f331def7116323365c3dd4aec096a55763e310879d8

SHA512
e0c0588ff27a989cac47797e5a8044983d0b3c75c44416c5f977e0e93e9d3a9321b9283ea077e6dcad0619ac960ee45fe8570f1d5cc7d5d4117fee4f2f0c96b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
11b836cdf05633100338e093f3d3c977

SHA1
5d30bbae4d7a1bdd6d03dc68edc0604cb6b5387c

SHA256
1ca4277513406c8cfca678357077695e82392e380a2e4bf6edd1eed6acc9d9ae

SHA512
2802289be2d5ecf1c0fa5f4beb23369929d7819ac855a0f0bf500bd38de45d012f031e19c9b05b72c6ee49a2db908e561a334be72113ef6cf7f5d97698199478

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
39d95ddbeb57a4f16daf4c2db551ecdd

SHA1
9476458d3bc98bad0f078f506eb22bccc2bf2604

SHA256
dd5bb12666ac6722629b9ceddcd430652cf53b4dcf068cbbc83de4bd8f9cee9c

SHA512
97385ca1c9563f7766c83d40a08e936280187c7087a77716438cb05ca66e40dc4ae94d093a20642fd8baf601ced82bb2a85503d4f4cb752c0db772beb0165676

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
26d1201d7806aab6979ee8aa1a1c2cf3

SHA1
3d7f82adf143d2de62686f6fc03137c82ca2ed89

SHA256
bce0643105c6ec194d290a32138d5793cfe38cd2d4730ea16e7d8481d9a3e170

SHA512
45aacaf165fbfa36a49b8a633ae68b843912d070e546f182e29f97fe787a8a9d200857a0998fa64b4729e7c4722d10e9d5def30006590d8e94c28f2feceb54f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
abce850996670f0931d8600f0236e3a7

SHA1
5b38c562ea05230658001524d3a58bf4f5c1c149

SHA256
ec2a7f04e4cf1992ce377e47a8cb46fb72f14c2ee9ab10d9bdec6729bce89af0

SHA512
7449151a8670ba5c7c9bcaaefbc7c7aee4bcd08a34bb0d3ef12ac10f6384991297f2095727e43d31b2ce1f441b4e27a5e251b8fcce2be39e95250587fa4438d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
8a8197eb4d5b88eed4e5db738db861e2

SHA1
8705b3af3221e55a17ee01fd04d56363c703b731

SHA256
f57ca2b242f1cdba3947805530d0bc17d9c3194b9dadcf9405425e50dba53ab0

SHA512
57c452d08df4a927aebe5b12c7062a4392b759b84e0b424c9a1ed9e3ea9e8ad262bf15f36527b74f0e7d9f223c5b3c81f783d91bf2d1865f60778df63a6deeef

Download Submit