67bdf5a484cd8e6719a4d4a23e24e5e225931212f811fe75e03b27256426ceb3

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
24-05-2024 11:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6e559a71bfe73c92c922609daaba391e_JaffaCakes118.html
Size

50KB
MD5

6e559a71bfe73c92c922609daaba391e
SHA1

ae397b9a6f2906a188cfd6b2405ef9de0c7c5828
SHA256

67bdf5a484cd8e6719a4d4a23e24e5e225931212f811fe75e03b27256426ceb3
SHA512

a32e992b00db43bd802048cfe44fcf5e4efcd8b8449a342c9f6e1246d57e1dd2e5831f2e596b694f8217f7a548a1f6a39b5c04cce7e5dc8194b69e39a559d128
SSDEEP

768:XRMUgOriWNcaSoagGTvPfXLS8kiL5hkMIzkxVBsDRDw5VJwHaa2SPz:XRMb/FvPfCChPhBVJwHa2

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1104	msedge.exe
1104	msedge.exe
5076	msedge.exe
5076	msedge.exe
3880	identity_helper.exe
3880	identity_helper.exe
5264	msedge.exe
5264	msedge.exe
5264	msedge.exe
5264	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe
5076	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5076 wrote to memory of 752	5076	msedge.exe	83
PID 5076 wrote to memory of 752	5076	msedge.exe	83
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 2248	5076	msedge.exe	84
PID 5076 wrote to memory of 1104	5076	msedge.exe	85
PID 5076 wrote to memory of 1104	5076	msedge.exe	85
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86
PID 5076 wrote to memory of 1648	5076	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6e559a71bfe73c92c922609daaba391e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffedb2d46f8,0x7ffedb2d4708,0x7ffedb2d4718
  2⤵
  PID:752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1784 /prefetch:2
  2⤵
  PID:2248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:3104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4160 /prefetch:1
  2⤵
  PID:2168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4160 /prefetch:8
  2⤵
  PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4160 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
  2⤵
  PID:3664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,2573230760308795185,4681940063930027611,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4892 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5264

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3880

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1300

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\74eea52c-aa98-4c4f-8d9f-901fee635735.tmp

Filesize
11KB

MD5
aa1db053551ba7d54e6abb487f98179f

SHA1
5e7a765d4c9e5e4af715caaa75c3a80e69f652ef

SHA256
ef192c7e4d218413d277f8f77903b8d5b235af1165e64a730e6c48d0e7a95054

SHA512
c936d539efe6bf4107bcc2f6a788218796209fd7865795d3d44b3b2b56d894e4ff44de1d2fa7190bed72e151ddd1e4d31fb5ce23d7c48767bac183e8d62bed85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\27407323-064b-4289-ad37-c2ad471300a9.tmp

Filesize
5KB

MD5
30fb03ad9f4049c758fb4e5dd4268667

SHA1
c56c785c81ef5c8966c97bad80e59b07f7529d86

SHA256
42fdd978f8e8e8da981e8299ef6dd49987fdcf119d4479bb8bc17afa992aaa02

SHA512
61243754f52723205a245607655b82327337bcea60742fae60423b813a95941f7993c81c94372029f18f03a7f3f75bc8b731e7242af4ce61337568f27ce11eb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
9d1145557805470d991123434b31c71d

SHA1
8e524c49db27fc9ce6feb0a6db95747795ae1a45

SHA256
15362d823c9b51276810786932eb4360c98c285057f3f8d867680533b2cb4599

SHA512
04b24a23ccb7bff75dd2b36c697b703e75ed8abbe69b08fe005961b49b3f5df17508113f346d622aafacefe7f90abdb374a8620bf24345c0f3327ca9340c7dd1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
928B

MD5
13d094c8d5e3be4a86277ade2c93867f

SHA1
58d8cd8c26901147551b2d50bcab28c961ddc044

SHA256
ca51d67e5d6ee33bde61c39731f9bef69a51194d9bbaa9c8d44ad6e591096aca

SHA512
19c2b448272fedf718a0943f781c3529c9e2386c41b95d3fa8becd33c6c87c3736e5f28f5bb8a8b62caa65207c4282f01f5e98ad31dc851707d322d784b17e0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
928B

MD5
d6ec02fe1d83a0a0446d9295629164c3

SHA1
da23e052cef1f8d332c010a75c58aaabeceac4e3

SHA256
98771669e9d10b6f4e4365d4a6017d3254b603a88677ab5f2392d7a432e4801d

SHA512
0b2d7b5c187347278a68b494f82a79192020c537d019640ee5824a6d5035a8b045bec0ea23079c4242526e95f10692bb4c9502e5e58aefeed0cc627b569569df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5bcea4c07559b5125e249cb5b1fb6114

SHA1
ef677d14aa8d125f99c0617f79655a8b50bbc9ae

SHA256
8db8da5d7c1b4cf7981f119bacb0b2752e91e267906dbcbea1e946d37e19b45b

SHA512
98c4f6ad8e27628a5f9c70eab5fe9b426f3e68955672093ae72553710eae964a7efe3b196ce6d90ed6b58b49ac76bd50c275221fe38b032c527d0bc62eeaed93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
add53ea541229cddbe79370e27b90724

SHA1
83fa0252e51763abefd064d7e5a3b0e870e462a4

SHA256
f82f7f9b35fcda46f9694d1fe653ac51e60ca71d5eda4b2325a3ceab45c35b03

SHA512
98359943b1c3ff3943eff741adf734c924d7dad590ca474d188382c885b0f0092493a8b7e20217551c0c156228fd027af098e62d08f2e53281aaf91e2cc4678e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit