661f77c8791f4833fcdd5773831f96a9a06a7fa9615eed7dcb24feec70d33758

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
26/05/2024, 21:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

76d04bd5f2933cd883e14abac8df8463_JaffaCakes118.html
Size

109KB
MD5

76d04bd5f2933cd883e14abac8df8463
SHA1

6e70e8b3ad15c2020ea1cb9d4db848efd5992956
SHA256

661f77c8791f4833fcdd5773831f96a9a06a7fa9615eed7dcb24feec70d33758
SHA512

d311db592a8a5cb167a6d6d0c7456ffad33815535fb8948a5cb411983856b4c4abbfd660a1c732545e9775bb1154248818f66b1ec975f9b5c4b64d2d97868b79
SSDEEP

1536:73IxU6s6zspnmTUAmmOqMEe9wS+sMjfCt3hYlqyMF5rTtt5BNGVaIvlq/ufgBeV0:7uzOqfSwdjqTIY57GVaIKufnb5ZkdxT

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
2144	msedge.exe
2144	msedge.exe
32	msedge.exe
32	msedge.exe
2076	msedge.exe
2076	msedge.exe
2076	msedge.exe
2076	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe
32	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 32 wrote to memory of 4800	32	msedge.exe	85
PID 32 wrote to memory of 4800	32	msedge.exe	85
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 456	32	msedge.exe	86
PID 32 wrote to memory of 2144	32	msedge.exe	87
PID 32 wrote to memory of 2144	32	msedge.exe	87
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88
PID 32 wrote to memory of 716	32	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\76d04bd5f2933cd883e14abac8df8463_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:32
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe902246f8,0x7ffe90224708,0x7ffe90224718
  2⤵
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2268 /prefetch:2
  2⤵
  PID:456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8
  2⤵
  PID:716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:1616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:1132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
  2⤵
  PID:1700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1
  2⤵
  PID:2052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,843659110451702043,434714077943420505,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6948 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2076

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3776

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1956

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
20KB

MD5
b6c8122025aff891940d1d5e1ab95fce

SHA1
a0c7ca41d0922d085c358f5dde81ae3e85a8c9c4

SHA256
9954c64c68000f615e5066bc255eced1195d1f8b7dbc715f9062ddf9f147e87e

SHA512
e62a37b55b6b8d95c24fb624105ff6ff72f118e31760d0da1e8df8e8acf627ec6327c26dfa26df8535585877604c7948d2f621ccabc39beec49787e22c302c10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
00526e79f7d7622694a9591016e93267

SHA1
e646f7c800ba76f412c67ee91662db485850b8f7

SHA256
44b69a6ccd181d27451517b5b636c7be01e060c2ced1793b922f0cbf6d55557a

SHA512
db04402326229ee9b0a52e7a60926ed34393e219941e3b244d3e9edc84d35c6f0ca851e34cd4235a8036c61cceb903d1376d3c333654c30b1c0e485d34dafb22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
f1cd71baaba7dd159f53a9a606ecaa3c

SHA1
bf5db57a840f133cac5c62e947320190a3623f9a

SHA256
f49e174fbbb81d20d075bf492b5c7f2f9045bcd6aecb8b691184ecb5e53291a7

SHA512
e9dba9a4f1ad89cb7e953d4d3e969e093b8567865b0f9cd8daaba30e5be89a9b103ad60ef316d6231bd0381e3aa7c60d84d191f95893ad19ff53bd6f75642f5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
9bf2487f6325106a84f1f85ead54d6b1

SHA1
be6ead3f5f4074260476f58e4a4011af14d42d06

SHA256
7d86dfc3205cf88a98f18401af711c576b86c421fe949bde104fb05b3218514b

SHA512
a772e2e876569556b5efbc2ce8b94b4c1d243c1c5339d6b2ce70e4e16d1b06ab48574c25a239cd123d39b3e7f367eb4786b3d5a794706bdc4ea0492e85f29696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
97ef2182f4592132d43984679e48aff3

SHA1
0a25d75c49cb9473f6994619bd6f9fc28fbb931f

SHA256
a2530adfe642d729e87faf8a45cb702f45010f28ec74519c5122080eab8a75ae

SHA512
7fb2c4afbc47f52875bf3c86ecc9d9cea9d0f9139c886727ed904c612c25c31d915fa1599c634119da67cf62bc6d5eca741421aedfd718ae9aad7f6fef0d1b2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
2b988c314f5f5f55ed3910bee21394ff

SHA1
a82170be2a446fa9d8b9cab63f7a98b4171c7d76

SHA256
0c058a78aa954a66ffed1aa072ba485970ccfaa537cbfe3e95e091f7213f5ae1

SHA512
e2399cd98bbfef47c01f013b3114212defca6d7bd634646801074e2939872509e00cb27fdf535cde954c64f309a5a93c3196a42e06c1aa52b372375125092375

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0d02544843f8ab9e536f06d566fdd273

SHA1
75f4acaeb64dafce7208776e37530fbf41e17023

SHA256
9c1caa8e1ebc9277259375b4841f1898edcb31830fa80a68fde5a1acc56991a9

SHA512
e0c6c8deeba6256dbd177e6bce433482ddbeae5f3b9b8f6f675aeae9b374d5a966abeec29153abfbeff5018fad51c55ae51363cb3edf1aea99531a9a918eb33b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
454042022bc16e8fa4e604a7b8f667ec

SHA1
3bc45491515c100b0e55593f0d352be97e64231f

SHA256
c153ba94e1bc183f43e8ec48103058bccdd9b4cb1b9caaba80399646c76461f6

SHA512
cd77064fc65262b59391bc102e319f29fc025d9c7c20198027d5401f662056b6866a3744196356ed26b9bab4fd337d8ac84ecfd25fab105aa09a6cb762a36316

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
715761ce9f86de90c7a54bbe622218b2

SHA1
776c2feaa877ef312382325e2390f58d8bbb1c3c

SHA256
4aab4b9980258c84443b48c7b7013710710dc8f773e2d11b0b49b2c75b2cf8c4

SHA512
d0b17cdebc7e275bd8422a3d26c7d988e4b020842bd469dfdc4581d3f0e15900a602563fc1afd185794b51faea33907eb63e6eaadaf432d4547dd054ac4246c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
a69d34a00f2c6b6f0d3d0b01e980de2d

SHA1
e90ef57ca1e4fa47786b68f1b055cc43d39b2814

SHA256
db5fbe5bb00bc127adc713e4d43436e59fa8adcb30a452791626373668abfbfe

SHA512
03db696d18c1aa4cf7a305d597b069de05c1fbcb5595afa74e14fb2b372bdffbb9d143b7b03975058a64bd6eda75f001937fb8a3195149c741f65b3739c98818

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
31170e94b9a382de7b5b632027bda422

SHA1
4d87f1721d625525cdeb7469cd45188d37571b5b

SHA256
2d95c9953acf07f7178ae4c60887239fdff8b077ff00deda34f5e1cc3d276441

SHA512
8805f5793903a13fd9b5478536ebdf36ab83e88d1e7a8bbec8eb820ad8292a55e5925469dceb74e9478b053c522f43aed83a75927ee9b7f8d83af4a4511a10a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
705B

MD5
e5927cec7d603a1c67686f42e1608353

SHA1
12d3b1eef13aef46d98e846d708e3ebf3575f967

SHA256
3becdc3f1ba64b2ad17a2261e9ce7db270ae10b5913ee11c7c44aef297916040

SHA512
5217de5f6047c689565c27ce56c02b0d08024c40cf37923ba98da054ef6f834e5e17f6843b1f44467391cec4f15575c6015014eab56c50fe322412e4eaee141b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cb10.TMP

Filesize
370B

MD5
351a5c1982066a15351a4d83852234c6

SHA1
d4c302cd40e72a0fe7bc546083cf0fb29e5ed6a8

SHA256
8fd084c8c1c33e4a3f025969be86bedbcded4d1d80b042e14fcab5a27f18315c

SHA512
749474bf7f2f6356f02584aaf350a413be8a048eeff92893f90ee755b2100092bde822a990cc5f62e30d6f6ddbe464e43c288559fb916573b3fc11b897a50e38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
2bb27fe0471486111acf238aef3fdffc

SHA1
d5d8bdb5bce4d1b89ac5f5d117629bac2b34e025

SHA256
ae5549c3912ba703b80fdf68f5e218c5c3e50123073c3309113339801e50833f

SHA512
5a423faa29aec3cf222d3a5c3bd6eb5f128b58c32f86afa09e16cc7563bfdca8e58c8563352cb03dd9a3c6c9dc2f6b2f7024e2708d37f935926bbc0740f4c8a1

Download Submit