Overview

overview

1

Static

static

1

68498e45a7...8.html

windows7-x64

1

68498e45a7...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 19:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    68498e45a7e114c8fc79274084c99f99_JaffaCakes118.html

  • Size

    102KB

  • MD5

    68498e45a7e114c8fc79274084c99f99

  • SHA1

    85a14d61f7019dde51dba0150ba40805af3e711b

  • SHA256

    cb63e448f7310ec397ec543304db2472f61dc6d85c3e5784cb6acb51564a8f6c

  • SHA512

    75517926721e9d35a73a16226ce55034b404ece0d564bd7545bbbdff38b06c11dcb181e29b79b5d7f56f359d6b98f0fb9b3cd8154f1bf1c1dfe3837fd9d54a70

  • SSDEEP

    1536:Gqex187NJgeKdtQPgsFVEXvG3Vc1XNDaDn8l+iRTMoSqdAhnDun5u+M1Cj:GqeANE0Aulc1X9a8lPdAhnDuA+M1Cj

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\68498e45a7e114c8fc79274084c99f99_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1868
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a1dd46f8,0x7ff9a1dd4708,0x7ff9a1dd4718
      2⤵
        PID:3988
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
        2⤵
          PID:2328
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3616
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2404 /prefetch:8
          2⤵
            PID:2032
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
            2⤵
              PID:3356
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
              2⤵
                PID:4512
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
                2⤵
                  PID:3472
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
                  2⤵
                    PID:1920
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
                    2⤵
                      PID:1840
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
                      2⤵
                        PID:5056
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
                        2⤵
                          PID:1348
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
                          2⤵
                            PID:3544
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6364 /prefetch:1
                            2⤵
                              PID:4148
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6600 /prefetch:8
                              2⤵
                                PID:5364
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7292 /prefetch:1
                                2⤵
                                  PID:5912
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7304 /prefetch:1
                                  2⤵
                                    PID:5920
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7428 /prefetch:1
                                    2⤵
                                      PID:5928
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7568 /prefetch:1
                                      2⤵
                                        PID:5936
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2488 /prefetch:1
                                        2⤵
                                          PID:5908
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9232 /prefetch:8
                                          2⤵
                                            PID:2760
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9232 /prefetch:8
                                            2⤵
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:5472
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
                                            2⤵
                                              PID:5512
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8832 /prefetch:1
                                              2⤵
                                                PID:4604
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:1
                                                2⤵
                                                  PID:3564
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1
                                                  2⤵
                                                    PID:2464
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,10857276859856637485,5343546828366953538,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8664 /prefetch:2
                                                    2⤵
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:4748
                                                • C:\Windows\System32\CompPkgSrv.exe
                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                  1⤵
                                                    PID:3540
                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                    1⤵
                                                      PID:3320
                                                    • C:\Windows\system32\AUDIODG.EXE
                                                      C:\Windows\system32\AUDIODG.EXE 0x3bc 0x510
                                                      1⤵
                                                        PID:5420

                                                      Network

                                                      MITRE ATT&CK Enterprise v15

                                                      Replay Monitor

                                                      Loading Replay Monitor...

                                                      Downloads

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                        Filesize

                                                        152B

                                                        MD5

                                                        537815e7cc5c694912ac0308147852e4

                                                        SHA1

                                                        2ccdd9d9dc637db5462fe8119c0df261146c363c

                                                        SHA256

                                                        b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

                                                        SHA512

                                                        63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                        Filesize

                                                        152B

                                                        MD5

                                                        8b167567021ccb1a9fdf073fa9112ef0

                                                        SHA1

                                                        3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

                                                        SHA256

                                                        26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

                                                        SHA512

                                                        726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                        Filesize

                                                        1008B

                                                        MD5

                                                        7c957b928105b72e6b67f785ae60d3f3

                                                        SHA1

                                                        feefd12d1e72c8d8b7820ea342e13aab241ccb62

                                                        SHA256

                                                        4d31581854283f6c2bbdd9b6f4c41702840e97c32ba223e65a4d99fd4ce55374

                                                        SHA512

                                                        b0c628af0a7189642c6c32fbfc129cb177a41d868a0bcfa2591306131bca59e057ae37765e7b845f66c3766bdb2de12bd9d819a323ab490c20fcd3d3ecce5b02

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                        Filesize

                                                        1008B

                                                        MD5

                                                        7883e6726b79fef5ec383c4960c31d18

                                                        SHA1

                                                        e535cfc86ee632e5898780e31e1c00d1d9d64948

                                                        SHA256

                                                        4164e1bc1ce63baf8335119dde8cb591626dd046888c499766eac16d444fd130

                                                        SHA512

                                                        563dd382b8cf4935ac5c893a52e887366b18d0c46c5b31e1da25e545b0fe5cc08461aaa2985ca8d61d1ef139abda7ad7edbe111cf276df57d6eb292588c2b196

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                        Filesize

                                                        6KB

                                                        MD5

                                                        36e5f90f15a38c2a367d2dae6cb9d7f3

                                                        SHA1

                                                        3d4058466bd680d8e8cc89f8689e355d8e872716

                                                        SHA256

                                                        3b86b6630c33ed6df4d74cd41c5784f8a95ad989278e67a5f9ee35ac1c904358

                                                        SHA512

                                                        7e30c6f1fc328e9e63573edeb0c4789e6b96eaced1202a5fbb07a1c4209147ae6a924a9c58cf8f79b947f638b7706a36ef5e91e629fbff5bfe991046ae7549be

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                        Filesize

                                                        10KB

                                                        MD5

                                                        c0b21e08bbbc4f0e7d2640e82e156fe4

                                                        SHA1

                                                        35bdae14af70d8b9aa3716dedfda244bca9b9eaf

                                                        SHA256

                                                        0979533b7b33253ca5c74f04cfc5c9dd72be08559308058f9240929efc0a2611

                                                        SHA512

                                                        ced26d77aca6198083b2f100d8ab9533bd42ae30596cb233bcad060c79d7aabe59b0d638c31debbe98421db6a4be912c7dabeaef533ea98d8e8c29628b4a325c

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                        Filesize

                                                        5KB

                                                        MD5

                                                        f5f7b10c565fbed57326acb75d18e305

                                                        SHA1

                                                        1e8a8185e9ec714320a2ed8b07d9ec547787ef56

                                                        SHA256

                                                        2ae785759f184e985dc7eb17959bedff9e72f4fe0dea5ca5b8ef83073c8c70dc

                                                        SHA512

                                                        3c8b1d907ef212e9650dd5e0a277888ebb68a8be2c58cdbd14207cb67e2fafaf91d9a8e609944bf0e4df8fb31b4fec0928607fa7bd18aa837e57c1562faeb96b

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                        Filesize

                                                        9KB

                                                        MD5

                                                        28689574ce28cbfe22e8f1eae9e6a20d

                                                        SHA1

                                                        fdc88d2beedd58272aea025d035e8e006a673574

                                                        SHA256

                                                        480e328f0ae44b24344e959daceaae4922d2a60f4529c3654b6b0bd3019dda00

                                                        SHA512

                                                        72caf612aa1607858522d1dc20bd9e3630a2a30efb6c4270f73da27d3cdd48ef2f05ff892e9b287d3feac680ebf9b6178a3bae12e051909869bc36095ed5c826

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                        Filesize

                                                        2KB

                                                        MD5

                                                        ac0b36734198716a880cffbc3bebc745

                                                        SHA1

                                                        1d25ddde9f2af910501d38c2681fc5af5d80978b

                                                        SHA256

                                                        491a828d151be1921253b4ad197c61b3cfaffdebdde904134d3982ca7cb52def

                                                        SHA512

                                                        e7a6cea011754a29e44db04377cce8d2c1dff8b571d2ccf022c1c82eac2bf1239b3b23132c8f8f967581293729103d912e6141434e437de22ce24b8ea60a60a9

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                        Filesize

                                                        3KB

                                                        MD5

                                                        da332cee05d4d25f0b84658c4ac44f4c

                                                        SHA1

                                                        f68af197aba845c4932fac5bdb75f7fcc25063c8

                                                        SHA256

                                                        1371a77af30b9dbb65156b566ef1200f3c9ce5f7b9831a48f56b1d90bebbd81a

                                                        SHA512

                                                        22682db1bc866672de9e3778b8c3ce66fb47fb7089631e050786a317db02d41c392e75a523f54a16ecd1392cb70a55a177716e7a4e3b75de6fdf38891cbbfd59

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe578b0a.TMP
                                                        Filesize

                                                        2KB

                                                        MD5

                                                        782d4c37b691d1041dbf80cdc51f3099

                                                        SHA1

                                                        d86e307d0d77d99cc1328c62f793e74fb01bff13

                                                        SHA256

                                                        33274de3998c4d5c05a7797bcd4000715d8170c9a8b0b7b59b76dfce6118baed

                                                        SHA512

                                                        c060c9bbb2a1369c5d519179215dfdd0dadf9353ada708709348f5c7dd8a9d5391a32ce2fbe06029206722225fe9aa49a8b99da3526aaa0af31434d0e0f60e3e

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                        Filesize

                                                        16B

                                                        MD5

                                                        6752a1d65b201c13b62ea44016eb221f

                                                        SHA1

                                                        58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                        SHA256

                                                        0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                        SHA512

                                                        9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                        Filesize

                                                        11KB

                                                        MD5

                                                        6e1fb39b2f098f39db8d27266318fb38

                                                        SHA1

                                                        54eba88690524e1ded412eaaea97addf6eb9415d

                                                        SHA256

                                                        3ef1fbaea2229a4c25ce0fda18d6758d5ef213ffe1e167b784ba552f06915ad7

                                                        SHA512

                                                        6680ae5845793363a5dbdbe0971b9a79ad54585915cfb23b84dd808a348a2e0e346e1d31e3a6c10db2042460a8194dadcb5e6619ae22ab279c790bfab684267a

                                                        Download Submit

                                                      • \??\pipe\LOCAL\crashpad_1868_YHMYHJVLZZRYAACN
                                                        MD5

                                                        d41d8cd98f00b204e9800998ecf8427e

                                                        SHA1

                                                        da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                        SHA256

                                                        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                        SHA512

                                                        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                        Download Submit