Overview

overview

1

Static

static

1

69542c54c2...8.html

windows7-x64

1

69542c54c2...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-05-2024 01:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    69542c54c2f5e7f70364314e90339694_JaffaCakes118.html

  • Size

    6KB

  • MD5

    69542c54c2f5e7f70364314e90339694

  • SHA1

    2e1e765e5da19a661ec656c2bacd1e3252da0bb8

  • SHA256

    9e1344e27265d66b341bc5dfb4d18db617be289c96fda50cdbbfffb06623f2e2

  • SHA512

    49a2a19b72a4d370cd15f10ad89ea8e0dfc1fbd4dea6bb00c52c95d0f33a11d0778ddf850fa141e1c95aa344b0e49cf6a6dd2772114977e7e2b692bb959190eb

  • SSDEEP

    96:NIGawVytIkukydwHFvay4ONwAt4QFMaRXDVGdPqJ4pFGvaiyy6F4ONwAtKF4QF+H:8tIku9dw03QxlDEdPHW7iQoR

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: LoadsDriver 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\69542c54c2f5e7f70364314e90339694_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3500
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd521f46f8,0x7ffd521f4708,0x7ffd521f4718
      2⤵
        PID:3228
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
        2⤵
          PID:3124
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1948
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
          2⤵
            PID:2868
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
            2⤵
              PID:4996
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
              2⤵
                PID:3376
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4576 /prefetch:1
                2⤵
                  PID:3128
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
                  2⤵
                    PID:4864
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
                    2⤵
                      PID:1148
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
                      2⤵
                        PID:1888
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
                        2⤵
                          PID:3996
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
                          2⤵
                            PID:3252
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
                            2⤵
                              PID:3940
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
                              2⤵
                                PID:4560
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1
                                2⤵
                                  PID:3932
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:1
                                  2⤵
                                    PID:4500
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7544 /prefetch:1
                                    2⤵
                                      PID:6000
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8152 /prefetch:8
                                      2⤵
                                        PID:5892
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8152 /prefetch:8
                                        2⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:6052
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
                                        2⤵
                                          PID:6060
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
                                          2⤵
                                            PID:6080
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
                                            2⤵
                                              PID:2584
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1
                                              2⤵
                                                PID:396
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,17376641038668120647,10302120097805916811,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3032 /prefetch:2
                                                2⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:4664
                                            • C:\Windows\System32\CompPkgSrv.exe
                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                              1⤵
                                                PID:5080
                                              • C:\Windows\System32\CompPkgSrv.exe
                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                1⤵
                                                  PID:4084

                                                Network

                                                MITRE ATT&CK Enterprise v15

                                                Replay Monitor

                                                Loading Replay Monitor...

                                                Downloads

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                  Filesize

                                                  152B

                                                  MD5

                                                  2daa93382bba07cbc40af372d30ec576

                                                  SHA1

                                                  c5e709dc3e2e4df2ff841fbde3e30170e7428a94

                                                  SHA256

                                                  1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

                                                  SHA512

                                                  65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                  Filesize

                                                  152B

                                                  MD5

                                                  ecdc2754d7d2ae862272153aa9b9ca6e

                                                  SHA1

                                                  c19bed1c6e1c998b9fa93298639ad7961339147d

                                                  SHA256

                                                  a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

                                                  SHA512

                                                  cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                  Filesize

                                                  4KB

                                                  MD5

                                                  8e3a9d780e2cdf4a64be0b41d6b1065f

                                                  SHA1

                                                  61c311b47724fe74936d9f6696b0f2520e25ae2c

                                                  SHA256

                                                  ee5c56573fd2b05288e1b62119000d47383c18e7854f88c6e04c26ea87ffb16b

                                                  SHA512

                                                  a46f27d0aab89d72165ae6ab440dcf3b7ccfb78ba27229f5c44551e44e8729f40ba1b647b2906b3b030475cd032327f92982ab3adba2f74a5209b447c7cb9844

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                  Filesize

                                                  2KB

                                                  MD5

                                                  5cdbb6f2ce2900d1e2a174e568f0d154

                                                  SHA1

                                                  bb50cf59664c4e5903bab1cbd3d053f44d5c70b9

                                                  SHA256

                                                  e3c02d5041ddfc322c1891c832429cf8fe03c31d92b392e3c44bcf871a43d7af

                                                  SHA512

                                                  e9e9624ad5bb984c8a7aa9c2471d28e53f02f05544c24ec7857279a69d30e2360f29715fea0254fdf793578bf6317fff497f02ab9dfbf56680d896404194acce

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                  Filesize

                                                  5KB

                                                  MD5

                                                  bb75691a884bd2ae0e93cccd77d665cd

                                                  SHA1

                                                  12a498769c26c8886fe60331b8ea95859a441acb

                                                  SHA256

                                                  5c147b3d68df0e903b51c3e9e5af5dcd392a89a6b1f6c76dceb478669a747d4a

                                                  SHA512

                                                  52cf1d90fcdd16e441b0b35b0699c333ed6fa4004da9a96eef8468f8cebb1a0a1b67929b54e4189d617793562bde7ec5d5268e4a62e47513335f420c751a284c

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                  Filesize

                                                  8KB

                                                  MD5

                                                  7178a87ced7dbea872df731c1dc877f0

                                                  SHA1

                                                  e9b09b549361e325dffbeb92109c5948006033a2

                                                  SHA256

                                                  9ccfd65570279a9e1f5d0499a8d0cd7ea4795e3e637a4161e148556c04966542

                                                  SHA512

                                                  58d8fc80e3b1e460e325dfcbe44a6d6877483a9924cf776748a8142ee0540b8c6cd19eefe4c4a25f35019e9bd24e008bdcfdf53b08779d0839b51f03b8892d0d

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                  Filesize

                                                  6KB

                                                  MD5

                                                  cfd1e379f7810fcc7772749329178fd9

                                                  SHA1

                                                  6c00144ebcb55e1d82642bbbc97b1f4819593ae5

                                                  SHA256

                                                  faccbdfd967a1c55b4a80329b4d56758460b58cdea95f613a1262d2bc57691c8

                                                  SHA512

                                                  f3c799720fd16a316df00dd0fe59bd37524b8233efaa45b83e7c4900c1cca090fcfffe16ba4f7038fe6407f6db968ac00944091014ba413ba974cef1e811ded6

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                  Filesize

                                                  2KB

                                                  MD5

                                                  ca91e28901ce72cf4f27b8a57c0ee503

                                                  SHA1

                                                  736c842530514f03ae48fcdca689a161c059d7da

                                                  SHA256

                                                  afae3e3abea6317c381b3ccc3a40b8ce1610d70cf855b41e6e9e73a830364d11

                                                  SHA512

                                                  dde5e17d45361876db86364733e5d92754068f4d2e3bca6270b024b88c29d840c090a0c9c64ede2e2ef2f5a7a02f4a319fc383cd2ef9d7773eb67bf161d494cf

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                  Filesize

                                                  2KB

                                                  MD5

                                                  f95a789018aafd18fdd8a7d2e20154b0

                                                  SHA1

                                                  917cbab5e30fb18849d2dd95498f5045edf22bfc

                                                  SHA256

                                                  b6f306cd3aad151b749d6f4045cf81fa4361e2d750d2703027b0751fafd50583

                                                  SHA512

                                                  a81734e3ec09fb2a6dcf343458d55738cc69e946fb6a182c2ce21743ab4c26965ebab027c8735124cbc026585fd368a8beb2a3c757ba401e1d9d835389c21524

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a642.TMP
                                                  Filesize

                                                  706B

                                                  MD5

                                                  e44a6c06fc7ca006ad6287dbbb66e794

                                                  SHA1

                                                  184f430f98d1ab8581b790e360160969e22b7916

                                                  SHA256

                                                  b0a2350815988a3b2a45ad4894bb5d1965e63a66a954bb35901bee48f7d02c88

                                                  SHA512

                                                  e1079b7d429be4fc593219085f900db7a0b12f03ce4e2844f191f7ab1d5f834805bc9622691b2966602ee34e6649d4cc7cd4a3375a8baaeacdb42264e03a8fdf

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                  Filesize

                                                  16B

                                                  MD5

                                                  6752a1d65b201c13b62ea44016eb221f

                                                  SHA1

                                                  58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                  SHA256

                                                  0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                  SHA512

                                                  9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                  Download Submit

                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                  Filesize

                                                  11KB

                                                  MD5

                                                  16eaa4e284f7338679592cb359bd6bd4

                                                  SHA1

                                                  d9ac42aaab5e154cdaf2c32923cfb308323c0605

                                                  SHA256

                                                  01b6b798a66bb41fc4b9feced6402891c72b1ebbcc302330a7b908716a7fede8

                                                  SHA512

                                                  8bb6448c2ae1581c44aeb3e3d8debf2e3f5f53e8a2670ced9e01160adb9d42f8ce0f8b2ba9ba11cb6d23f69e23e7c7b54e1aa0587b56f0e43d152daa744bc4d2

                                                  Download Submit

                                                • \??\pipe\LOCAL\crashpad_3500_PSDMHKFZUZDKFFUY
                                                  MD5

                                                  d41d8cd98f00b204e9800998ecf8427e

                                                  SHA1

                                                  da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                  SHA256

                                                  e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                  SHA512

                                                  cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                  Download Submit