b99e79aeb208d0972f912a444b8f69ce07e502e216438e3dc2b3397e30bdc49c

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
22-05-2024 22:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68e7f627320b1a48a2b306b9c6e6ae19_JaffaCakes118.html
Size

30KB
MD5

68e7f627320b1a48a2b306b9c6e6ae19
SHA1

40e7bc324d0370c23ed9e050fd06260b4aa91a22
SHA256

b99e79aeb208d0972f912a444b8f69ce07e502e216438e3dc2b3397e30bdc49c
SHA512

c2817e67d929460055f0c8bc703c104b3f6c7a5eb9c85dfa65214ed69af06292bf727116e881e17c333d3cdda3b032b3ccea117f0a73aa1c2a221fc37a5ec6d0
SSDEEP

384:wWueqV0/exsMapNKz1MQRwnn/eluHfPzKefTMR/ddN4Nia1f5K8YThYeUwCGwQ0U:67V02TrR2JfTlF6MQ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

Processes:

msedge.exemsedge.exeidentity_helper.exemsedge.exe

pid	process
2908	msedge.exe
2908	msedge.exe
2252	msedge.exe
2252	msedge.exe
4180	identity_helper.exe
4180	identity_helper.exe
4452	msedge.exe
4452	msedge.exe
4452	msedge.exe
4452	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

Processes:

msedge.exe

pid	process
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

Processes:

msedge.exe

pid	process
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

msedge.exe

pid	process
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe
2252	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 2252 wrote to memory of 2732	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 2732	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4896	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 2908	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 2908	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe
PID 2252 wrote to memory of 4916	2252	msedge.exe	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\68e7f627320b1a48a2b306b9c6e6ae19_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2252

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc6f0146f8,0x7ffc6f014708,0x7ffc6f014718
2⤵
PID:2732

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
2⤵
PID:4896

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2908

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
2⤵
PID:4916

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
2⤵
PID:816

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
2⤵
PID:1676

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
2⤵
PID:4572

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
2⤵
PID:776

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
2⤵
PID:2396

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
2⤵
PID:1552

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
2⤵
PID:1260

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
2⤵
PID:5092

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5276 /prefetch:8
2⤵
PID:3288

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5276 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4180

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
2⤵
PID:816

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
2⤵
PID:4308

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7112 /prefetch:1
2⤵
PID:5328

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1
2⤵
PID:5336

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,11127835181836474294,12344719550914498032,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1824 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4452

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3392

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3960

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
144B

MD5
b7e66e23ef03b2226b5f6c5aae6c8ec9

SHA1
b1a107904b9eee3f4b21137bfeb0464fa21d5c98

SHA256
481cb37dfb7af411720c268a2d838600d310f061a6ac9fab1247e9ca6d801a07

SHA512
1827ca03f45dffb1edf81475489472430db263990d1941a8595a99b994bdb8bff640eefa234c2ac2880db62f805d89c50bc648da1ddcc33a8182989a8a54e66f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
168B

MD5
f5a9a73cb178ae65678ed717e7f8730c

SHA1
5bf7db447a038f470378aefc0b61829710307176

SHA256
952e7482cdeb82c7650873c877ee07f508b1cec43b500361453e7dd0ab87e446

SHA512
de932618cecd1c253769c7b21cf609fbbf81b60d832c1deadb270f5986127407ab0e91489be2d94454a9b3bf85687cad313c9d6095601c9d74c24ac29404492b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
2KB

MD5
2baefaec1b89d3735e0ced337f79b1d4

SHA1
3b0e4c134400b65156368b1251c0ce7f2ccdad45

SHA256
0345c86728007ad810b000897b2d9b706bf94ecf954f5ace4e170f79f1fb4a96

SHA512
94d6cc4acf41cbea3937bb4023e2f9ff1ff3cb310dd1c4f0474e2f4c7b940c171813ebcfd50a80a875ab27aaec35c7be1082ff53fd4347be5f270c00ca76f96e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
5KB

MD5
8e30733b40d5d9d77ada7f48c7dc2fb5

SHA1
01a4d489276d63d337298aed38c1755a85305831

SHA256
d0256a70ff42eecd57ec36223361ecdf39b45fb3dad33d50607a2d7228c67b04

SHA512
4c4910d892e0b9973fdfdfa40679333ec9b6447a8ca9b503c02b5d7c42a9a3b586ce526f72b5486a2d25774876f50e83449b0a03cbff7425e860f00dd861ab6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
8KB

MD5
29366f0665a48daa657cd8205c07570e

SHA1
39516621d5a6ada911f79ebcf13ad2a294c27864

SHA256
47e4e20cc5477d2dbdefdb3966a9adb8feb70cc8b535e85718675678ae55f5d6

SHA512
9c63aba037156119cc5d130d388ea02d749de7ea0b1080980c06e84a07ec2d7f3cde83e9e6de5f1f2fdc3d6a27b1ce6680d908b7f41482fd4ccdd49089a8b775

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
7KB

MD5
6ef68286c5b97d32f82bdf7c4641d169

SHA1
4bdefcda10761f5083262c8601680346eba4043f

SHA256
7c75016530963ef9b35f329e1c458dacee40ae5980600e86a3a182a0a47f2c69

SHA512
e2c78a23fc65821d606ed7e32fadea80741aa0de801938117f56e2a55801a7e32cd9646b83d8784843425e5df0a535f77896ae4f74ce7b8468a3442c548f0732

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
11KB

MD5
ddf37dd941dda4467d64aaaa823025a8

SHA1
8a36e5ccc597cd5cf2b4bd087c23040ba86d8b7a

SHA256
055d4c97df0c5bc06cb2a0e512faa6f15e373f43393d2c1a2a35303d60b10464

SHA512
c38208d3f2d671a157d62788d4a13cbc148094074a3ef8f88840c5d493928ac1aa74cac9a5013a9d821c523faea66c52dca882d737fa9fdca7f5b72b23e65f49

Download Submit
\??\pipe\LOCAL\crashpad_2252_FLXPNLOWFJIQSYGX
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit