1757acc952fe2cf6bbd50ed1bcad40256e70f9eafea88c22f0468d97847b2f03

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
25/05/2024, 18:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

72e745c10520de544fb2ab5f3436d7a3_JaffaCakes118.html
Size

175KB
MD5

72e745c10520de544fb2ab5f3436d7a3
SHA1

db2620a20eb30c401b1ebede097214b0987caca0
SHA256

1757acc952fe2cf6bbd50ed1bcad40256e70f9eafea88c22f0468d97847b2f03
SHA512

e4428ca8d477c751878192acd53e4ef47f8ff227f45ccd1ed711f4f4593ffa330f9ed0af6eccb94cc2d10d9d9737f980daa1bb7bf4c17efbceff32e1907f01d7
SSDEEP

1536:SqtH8gd8Wu8pI8Cd8hd8dQgbH//WoS3vGNkFUYfBCJiZ7+aeTH+WK/Lf1/hpnVSV:S9CT3v/FBBCJiaB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3488	msedge.exe
3488	msedge.exe
3016	msedge.exe
3016	msedge.exe
4580	identity_helper.exe
4580	identity_helper.exe
3872	msedge.exe
3872	msedge.exe
3872	msedge.exe
3872	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3016 wrote to memory of 4016	3016	msedge.exe	83
PID 3016 wrote to memory of 4016	3016	msedge.exe	83
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 4684	3016	msedge.exe	84
PID 3016 wrote to memory of 3488	3016	msedge.exe	85
PID 3016 wrote to memory of 3488	3016	msedge.exe	85
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86
PID 3016 wrote to memory of 744	3016	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\72e745c10520de544fb2ab5f3436d7a3_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff1fe446f8,0x7fff1fe44708,0x7fff1fe44718
  2⤵
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2224 /prefetch:2
  2⤵
  PID:4684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
  2⤵
  PID:744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:2780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1
  2⤵
  PID:1268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:3140
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5736 /prefetch:8
  2⤵
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5736 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:2472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,13047242248177144925,7850329360828688826,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4828 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3872

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1836

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1860

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4b4f91fa1b362ba5341ecb2836438dea

SHA1
9561f5aabed742404d455da735259a2c6781fa07

SHA256
d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c

SHA512
fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eaa3db555ab5bc0cb364826204aad3f0

SHA1
a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca

SHA256
ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b

SHA512
e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
dd98231f46431b69a80bd679624be2ad

SHA1
2047217511fa9dd9c3dd2450814872bbe0c91401

SHA256
041a56b391b346fe31d04fa921fb1743af6bb875fa83785ce1d65b3bfeee7be9

SHA512
2db9bc2545f0be7b773d412d049d563aef2afbe242b150ae168135dc68bb13293edd12dfb6b0f8c497da5686d57a6d6cd6c804be69107259cab3051c1dbafe20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
087da72187f57c5a78e77ce7ccc6aa1c

SHA1
0ef797e0dc13ec43da281751b12b33f30d20240e

SHA256
3c6c3d73aedd6620d1760eda624ad2f2c6581f4f08aa0fc329771ee2a1ec9a88

SHA512
543c231655e56713ef60c01352c1a7275e0d3d0c84461efad8d855ae8491ca01d63a42953814c7aaee00a471b78382270fce4e607b170d96d1894f422ff2a90b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
5e55a05563d56ab4408aa31dd2151323

SHA1
086e15e4b9ce90388662a749b6acca31a4c0aaea

SHA256
c23f2e6cfa7815fea4cba40000312c837908a1385cb973d3da5bde516bb0495c

SHA512
a50c798966bca09c3d92f63d3f534dd1a2255de65b6b2cc711e39cbb53876e47add367205102a6f4677191a17494ed09c26c74337a74de39d2282b55932c0b47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
14294c3b65123ab63ba1d3e5d70cce05

SHA1
9eccb2b05fac63893685d1a666a63f3098aee20f

SHA256
a02e95377629dd83752b1b9b289f71b10f38609cb13ec5cd067db264291a4add

SHA512
3aef9848487c05c4c64b88e37418382332c5c01a50cab3ce239c013394bb77d65aba0c14d9df588df79cfa622d760f873210f3d8fb0c68879b9fe24d85c813c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
860f4dcf9658686fde9c519481a500cc

SHA1
054e2ac059f7ad3e4c15578481b2098cee84808e

SHA256
a65e23c5bb0e5c11727422ce7738823cba828eb90cd8cc16c29f827586c9db3c

SHA512
142d3cb486cce42c3e5a1733d59e04f6ca9457b03c10576b65e86928b5125f4b74b907f374f5701cd284310ce7caec06945be909f095e85218e07912187d1a29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b2fe17ece33f61286a4e4674f730efca

SHA1
71f88aa0fefa36e7aae6a9d601053f90b9bc2ec2

SHA256
771e6f8240ec218ef22d515fc3d608ab9bc8890dd9f5db55b5d3ded83286adbb

SHA512
2e41c738fb3a2e5326cf376f3cfc254a725809797cb95794c2db644f90bf2f754ba49b07f0b54d3f3750158cfc8303aef367fe60d81bb8064aabf86416b36988

Download Submit