058298321e24359e2cad46e0a3910ced800d773bff1f81ba4e3ae15f08116af4

Analysis

max time kernel
146s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
22-05-2024 14:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6795436fd26ad9081dcdf00582f8be64_JaffaCakes118.html
Size

358KB
MD5

6795436fd26ad9081dcdf00582f8be64
SHA1

c54006279c2f6829eaa9802534699c1d6b2eb6a7
SHA256

058298321e24359e2cad46e0a3910ced800d773bff1f81ba4e3ae15f08116af4
SHA512

dc8be1f80bb33803dfbf37040975e78551bfc65fa7e6f8e24c28c7606cf0d6a5c59151efba764c1057da5201b29dc2299fe5e1ba4b92db8e5d472f908a0d088f
SSDEEP

3072:m0RMQSoQHvJxiiZGXOv1q5rTOgc9pltREGuzi3y+gKi1Allsg2K5oio1v7N7lzLv:m0RMJoQHvJxiiGXGJCXpLA2

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
764	msedge.exe
764	msedge.exe
1984	msedge.exe
1984	msedge.exe
2452	msedge.exe
2452	msedge.exe
2452	msedge.exe
2452	msedge.exe
2892	identity_helper.exe
2892	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1984 wrote to memory of 912	1984	msedge.exe	83
PID 1984 wrote to memory of 912	1984	msedge.exe	83
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 4668	1984	msedge.exe	84
PID 1984 wrote to memory of 764	1984	msedge.exe	85
PID 1984 wrote to memory of 764	1984	msedge.exe	85
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86
PID 1984 wrote to memory of 548	1984	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6795436fd26ad9081dcdf00582f8be64_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe40aa46f8,0x7ffe40aa4708,0x7ffe40aa4718
  2⤵
  PID:912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
  2⤵
  PID:4668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2604 /prefetch:8
  2⤵
  PID:548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:3632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:1440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1300 /prefetch:1
  2⤵
  PID:2572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5744 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2452
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5928 /prefetch:8
  2⤵
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5928 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
  2⤵
  PID:4472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
  2⤵
  PID:652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4076 /prefetch:1
  2⤵
  PID:2588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,11418773099898609746,15173027734819860805,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3980 /prefetch:1
  2⤵
  PID:2272

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1284

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1836

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
c22f8d4e30522f923d57be1d2111e9a5

SHA1
8f6c15d24d6532da0649d07991646579333507ce

SHA256
deb6cb5e29e6e7d30467ceb45fe95b1c60d584007fdbe11f90fd9a0334d9fbbe

SHA512
366e7a101505e0175d85f78517ca5f599ed08d1d8b6b293379f0c994092ff5891b388a00621040902a335e3eee50b4ba8ebc7036b975823bd0d4b27f095242f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
d495f8a4cd7384cbb97551cba62e8fbb

SHA1
9f7e8a35451a35b582ecb2b5de369186f0475cc2

SHA256
bdae74bbfafab443c260a52a299be2b2b5e9dafc6ccf63404d70e655e7cdda67

SHA512
aec4ce2c199351db44356af73022243864b3d17473bd27f7ab6216dd537946703c80e06aa99a25e404f5ffd6308eac36da0ed1e6effd3047a3e85e5169e04ae7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
4f8ba58762ba3457cc6aabb9c58630ba

SHA1
5d83294fe348f8bfb611ce4f74a1f87c4d1cc582

SHA256
d0c1f578814c3f04b2022ab5f317cc1c88e182785097a1bc728cc9057f7932a0

SHA512
973248d0565245e9c72dcab6ed3812e48be4b18076ad09a59982ac203238fe450ee6fb31f8e60ff0d5e7de72561aabc71371f529a3c1e1e3a283206788e115a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
5dff2a1b6c628dc57b57899efd9249c6

SHA1
3cdace11a6b585b28212f75e66c5b882119e504c

SHA256
3e9dd94bce3ac4daa43b5d254345d399ea59703593fe250a21709e5bec8383dd

SHA512
e4abeff90ed2e29854c5a8ccfca9024b71eda8d8cad57e3fc68fdcc75d59393a940a433b3eefae7b367e12c66a013b24ce398a33431f3851e59c6d3807e693d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
40c7e6d2ffcd08ff9c3ce8547e3c971f

SHA1
7b5ba42f5eaa3d66c9d399efdb948b96b7c8be56

SHA256
9ea070b091944ccfdd4518958b57780d5d987f1188e722debe11f2aafa107a45

SHA512
3a21c8eb346ea968ad22cabafb568d844a1a10cd0ee5af35e379116e57cdeda9dcd655cfc42e1b1677b04559e63ca288fd4afbf2a4df830ffd6524a0a0a7cf3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
a2cad90102e942ce01d5e6952c078293

SHA1
d6332644cd9af8b90a060a9575a34d26e64d7707

SHA256
5637b8c9d8475ef05b82902a2b822d4ddd58afe09ff81158f9dacf12e9d1ac60

SHA512
1a2ac7a745869bb6618c2c7fc0a851f212d8b17521a111e9f9a783024aec1f939b5132ceb7745fa30a162d8a20c80e13b657b563e0e8cc0b8fe2dbf98c9f7335

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5823df.TMP

Filesize
204B

MD5
bfe65dd4f347d36f3225093761377dda

SHA1
3508eca63e27fc2b2d044f442aec9d9b1a9583a7

SHA256
cc48fb228ff70d4e894d09e10bf1d9f729561beab63c349409e4fba48ee7aee1

SHA512
15fc7d9632eee129a89175601a0c6b6ce7582e58b9ba9297a6267660663de6fb7e5d8a12d66bbf8f733bc4c29012b1f292ddb49d229ec9a5e3273e7c74479116

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
797b428f8e22f9aa2073639e5ed5e5d2

SHA1
39731f8b8ba6cf8ccc8046aee54c35e916b86cba

SHA256
e0c13353bbb75661f7ee31746e4f15e6d7cecf3fd4ae13b126be7edd38d69a79

SHA512
dc6a9b8a99f4b99ceccd3af07dddc23bc24d7b9884e1aa8a6e1508819322752e1beea3d994de09bfbcbf0e1af8238ff13c195fc62b5821316fb2131e8302385d

Download Submit