17cafa6c475f5ee5841cbda4a697b9c42c74e516af3bbe12b3b82d5d7fb099cb

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
28-05-2024 06:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7c177ba49f2754d76fb172ad65c30ff6_JaffaCakes118.html
Size

3.1MB
MD5

7c177ba49f2754d76fb172ad65c30ff6
SHA1

930106269819e77968682c442b1f127093a01a7a
SHA256

17cafa6c475f5ee5841cbda4a697b9c42c74e516af3bbe12b3b82d5d7fb099cb
SHA512

c4f2a665492e930346d3dd392b460cb2307ce2bbb767fa3d4d79ea73bc265a779ceb05240c03ea36cd30d49a75bfc87cec66b5b0affcf47d52e6c161f25631eb
SSDEEP

1536:0mdUjSDRo3ErQXQ0HjNG1fiA+7T8GQe6LnFjx199sm0GOm7/i4uoqHj0SEUoGSqt:0OUjd

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4236	msedge.exe
4236	msedge.exe
1500	msedge.exe
1500	msedge.exe
4524	identity_helper.exe
4524	identity_helper.exe
2500	msedge.exe
2500	msedge.exe
2500	msedge.exe
2500	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1500 wrote to memory of 1184	1500	msedge.exe	83
PID 1500 wrote to memory of 1184	1500	msedge.exe	83
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 2208	1500	msedge.exe	84
PID 1500 wrote to memory of 4236	1500	msedge.exe	85
PID 1500 wrote to memory of 4236	1500	msedge.exe	85
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86
PID 1500 wrote to memory of 808	1500	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7c177ba49f2754d76fb172ad65c30ff6_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffffc5d46f8,0x7ffffc5d4708,0x7ffffc5d4718
  2⤵
  PID:1184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8
  2⤵
  PID:808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:3236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:4836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6296 /prefetch:8
  2⤵
  PID:408
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6296 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3968 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:1544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,79461189217030762,8390593056405646959,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4816 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2500

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4868

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2daa93382bba07cbc40af372d30ec576

SHA1
c5e709dc3e2e4df2ff841fbde3e30170e7428a94

SHA256
1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

SHA512
65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecdc2754d7d2ae862272153aa9b9ca6e

SHA1
c19bed1c6e1c998b9fa93298639ad7961339147d

SHA256
a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

SHA512
cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
aea83198738b769c9da56768bd955b8a

SHA1
a217f1dac814cbaaf19b05e83921dbae1ace079f

SHA256
e4e008eff6edbe3a08408e19ae21ddd132b28cc0e00c7a72f142794b7816fb00

SHA512
f14b99ae69f59568c71b920614db4a84783d679fd711395f596bf30ac7071c641502d0f3d5cbc36c032c00c0ce158572fdf15bece95e6bfe436941c41b7d6451

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
b7da8a5996de992fbdf9ca3e73cbb59b

SHA1
617ba460cd067727711b7921ba3278e28c6d5c85

SHA256
d8371096c5cbeecc807cdffc97b2edbeefc79e19c15128a87855c734e6bc70c9

SHA512
3ba1cb6ed6f84ea46b4131b1b4340648ffb16dee4794c4889d9ac70fb8e22d2631d16b7cd65b3b4a1541295b9ef28a9f12d587c8b58a3e71defb7e8a3d4097e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
126da303573a87815097d2d49fdf4d01

SHA1
2d3a9f5f2c12c9e13b0407e57e1e32230b97c077

SHA256
c793ad1a865235a37bf120f380cb58df6479234d75b8a654f7e15cd5cf2e4d8f

SHA512
d28d9c4cd6876e949d854d09b5623a685c4cc9e3bd5f1cf9cd742ccb161f3cea714495043a62115564648180e6dbc756935980757d712b78b84365472d8a7d71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d068d0b376be955a7987a1e52838afea

SHA1
be4ee5964b27bc9427d308f79126d90aef726c1d

SHA256
73d0b6f87cbb5c518efb52c67012a411203e8e265f2b069f296bf7c2244b65e4

SHA512
a70883d3ebc104814ef3ab4629cacd79619cce8a2e174ba3f85a2833d8d4aebf99ba9ee59c577a4de0a653369ac06c6bae8b5e3a318bd5063d64733e542e6430

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
e19f685e26d862b67c30b7ec878304a6

SHA1
a7183c7150b60a193718472375ad4d456822f01a

SHA256
ebcce3498d44dc6a2f08bcedaaa2f4b9b6bcf42e8eb4372f1603e8eab0abe04b

SHA512
6a00b6945d6b6903eb063b1188d11953988f16ec37879de932bd7f2c942ff205ce7d8f890c5e754afe8d82b2ccd63a62005fe1fdce6b2db525a96512bb999899

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a6ee.TMP

Filesize
372B

MD5
bfd599bcfa72927b05a656ab7294e6b9

SHA1
423712070b136b9c4340a1252b08c4fe70df5560

SHA256
3dc83ccc56b44abac776e139ba7882b3e5d1774ae237cda411e3bc83c6c520f5

SHA512
f449d06238efdf3821879d9f57be9ecb3acb3e7e83ef78e5b82e77760f7fb1de53fd3c8c0c53cdf926c8958ce65294a1ae5c9d7c5e8f165e7a760f3523783679

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4bc1992580f6b5536b36108e143ccdfd

SHA1
2bb664afb2440656d07e323a48c112e02ac479ac

SHA256
4be38ca9d835929fa8657b65c9042a966a735c03751406c56b1db6e715186628

SHA512
a8bb11f524b1ca2bc36e55311aec6f3c6ab4b65cd0eb0919364e9f2a734a5eb5b5330e0d56b741f61690c018fb22981401f5bf9ebc4d5f3ce955534851572b4b

Download Submit