e676e00e49d8ba72ae42bf36c32b7aa2a2b678b9bedc84d2714f077e6045c83b

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
21/05/2024, 12:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

635520da245e3e25b25c52f2261f2ed5_JaffaCakes118.html
Size

175KB
MD5

635520da245e3e25b25c52f2261f2ed5
SHA1

fee4d1125e4b54a58d952c1d346de5ddba84f843
SHA256

e676e00e49d8ba72ae42bf36c32b7aa2a2b678b9bedc84d2714f077e6045c83b
SHA512

0833f53177304c579336cbab023fcfd939bef4f78ca680fb044593826434537c816eae68ea891f6fbc4e39051f48a02baf73257b0bc85656ce39fa9200e9000f
SSDEEP

1536:Sqtd8hd8Wu8pI8Cd8hd8dQg0H//3oS3kGNkFaYfBCJisC+aeTH+WK/Lf1/hmnVSV:S4oT3k/FbBCJicm

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2296	msedge.exe
2296	msedge.exe
1512	msedge.exe
1512	msedge.exe
1584	identity_helper.exe
1584	identity_helper.exe
4076	msedge.exe
4076	msedge.exe
4076	msedge.exe
4076	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1512 wrote to memory of 2420	1512	msedge.exe	83
PID 1512 wrote to memory of 2420	1512	msedge.exe	83
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 5080	1512	msedge.exe	84
PID 1512 wrote to memory of 2296	1512	msedge.exe	85
PID 1512 wrote to memory of 2296	1512	msedge.exe	85
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86
PID 1512 wrote to memory of 2248	1512	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\635520da245e3e25b25c52f2261f2ed5_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe730346f8,0x7ffe73034708,0x7ffe73034718
  2⤵
  PID:2420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2768 /prefetch:8
  2⤵
  PID:2248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
  2⤵
  PID:3620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
  2⤵
  PID:3104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:1092
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5864 /prefetch:8
  2⤵
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5864 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
  2⤵
  PID:4780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
  2⤵
  PID:3140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:5264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,189122439048694217,11995278914727739971,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4852 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4076

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1344

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3552

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4712

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4f7152bc5a1a715ef481e37d1c791959

SHA1
c8a1ed674c62ae4f45519f90a8cc5a81eff3a6d7

SHA256
704dd4f98d8ca34ec421f23ba1891b178c23c14b3301e4655efc5c02d356c2bc

SHA512
2e6b02ca35d76a655a17a5f3e9dbd8d7517c7dae24f0095c7350eb9e7bdf9e1256a7009aa8878f96c89d1ea4fe5323a41f72b8c551806dda62880d7ff231ff5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ea98e583ad99df195d29aa066204ab56

SHA1
f89398664af0179641aa0138b337097b617cb2db

SHA256
a7abb51435909fa2d75c6f2ff5c69a93d4a0ab276ed579e7d8733b2a63ffbee6

SHA512
e109be3466e653e5d310b3e402e1626298b09205d223722a82344dd78504f3c33e1e24e8402a02f38cd2c9c50d96a303ce4846bea5a583423937ab018cd5782f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
1b2b8485ff0a2333d9b7e51d57e8c851

SHA1
1c1055140cad76d9b486eccdd0e0096668a8cfea

SHA256
1257582af537f9de36099404ff989a3963b7b87f40123edd9d9a4db08c4403ee

SHA512
8d320785c6ffcde12c07978b65ebddc9a69be8aa0b0fb31d68bcefc636323b80ff8f6bf167c8dba452aa03af5ac145937b852084ad5c8ae09a08b010f3406dda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
a38e0ab913220832ca69be6f029bce26

SHA1
50b2a150e7633f8c163c1baa8908c207a132c190

SHA256
e332ab816ac5ec692b825c703d6ffae3c93f9d152ca70302bb9da9163830bd12

SHA512
ddb4425fddcb10bf4d493528fcf427bcc59b14d500e3976406588c7fca803e8cb2dfd58a70dafdfb84076e377bcde1a36d8d2b1c3591482d651c182fbd772061

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
d486d51038d9ea9bf1ee47f59a772007

SHA1
6a02049466b8fcc76132bf69461008650e5cd825

SHA256
cb0a62a5c43246b10300a5afb8051828de6af4417ddab8f9ed3f4874ec1f8139

SHA512
8def8bfd141ba7da44e131895c9ab1602edf675d5390d8f2fa074bbd23bb266f595f3b9c6ca04df39ec36954f6438ea402f084eb8c4f4066e809753d11c21735

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e6fa85ff1f82ebab0c3b33352cb34e3f

SHA1
aa73932c53b4d5e8d794a5e710dfc19e620c0a97

SHA256
42da5391339827b26a6ef4622b279e75c908fa8c309648f27855d3da73a3117f

SHA512
b6143429d1a52f078f39e94006c6dd9b7fc8f369b14d1114493cc58ea7acd5fd74627331016772a8a2b950538ee60daf4409e922280b3143eb8d366c09035bab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e6ceff69bccd31dc0c302507e8f555d7

SHA1
0d398db1621f0a72eac9a5ef5d5c4e4d8ccb1e24

SHA256
820a5c6241314b9fe96320fbae53e6680e9107824fc84dd894ec3ad9e1e8dc72

SHA512
a05a4185951f3382fd1125202eadbfd37b5274ec199e116c110f0ffa753b434ee62a4a8ca2901beda2819142045f96c4d9611f1d1ffca70b9c8e54744c0dbecf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0f45357185fd5de503eaf25eb568f2c7

SHA1
9d12cedeb6dc476e8d740e0ed6e410d220e89f81

SHA256
5086d06f8f3fce786ac5bf57fdb606bfa1f66568f2333fe5a0a0d021f6e2e3ce

SHA512
277d58fded17a1af1a890b50aed68a602983ee704a50c19b262d20f639f4e0ba31312e33bce4eea2074aeb6dfcf61d2353455a8165c8c96cec1d7ca863355caf

Download Submit