68723ad2fd710133071e190f748cb9838f08a11c329d1122a9bc71f8aa202997

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
29/05/2024, 06:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7fd1fdbc7b065cb29436494e1cf0ee38_JaffaCakes118.html
Size

72KB
MD5

7fd1fdbc7b065cb29436494e1cf0ee38
SHA1

389314163369dee2b2699dcdacb8227ce45d1f86
SHA256

68723ad2fd710133071e190f748cb9838f08a11c329d1122a9bc71f8aa202997
SHA512

96bd6f2fc5e68ce0afbbf751a55240eecef66091883dd497a1d282799e1fb5f5409da3b23546952e60724d1520ad7b7f5e417083657b500c1e91a8d19ec81ebf
SSDEEP

1536:lxVtziyd7Ef+FvPNo5LTPWC6NAYSY4d6PvviQWILdd6UjDz9CgRT+l:/juOEfIvPNodOAYEd2vviQNdd6cz9Cg4

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4536	msedge.exe
4536	msedge.exe
2272	msedge.exe
2272	msedge.exe
5340	identity_helper.exe
5340	identity_helper.exe
5648	msedge.exe
5648	msedge.exe
5648	msedge.exe
5648	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe
2272	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2272 wrote to memory of 768	2272	msedge.exe	82
PID 2272 wrote to memory of 768	2272	msedge.exe	82
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 1080	2272	msedge.exe	84
PID 2272 wrote to memory of 4536	2272	msedge.exe	85
PID 2272 wrote to memory of 4536	2272	msedge.exe	85
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86
PID 2272 wrote to memory of 2412	2272	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7fd1fdbc7b065cb29436494e1cf0ee38_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe1cb146f8,0x7ffe1cb14708,0x7ffe1cb14718
  2⤵
  PID:768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
  2⤵
  PID:1080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
  2⤵
  PID:2412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:1348
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8244 /prefetch:8
  2⤵
  PID:5136
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8244 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8240 /prefetch:1
  2⤵
  PID:5444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:5452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8504 /prefetch:1
  2⤵
  PID:5780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8532 /prefetch:1
  2⤵
  PID:5788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,8178709290038939810,14589289990495697286,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4812 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5648

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2748

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3108

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c9c4c494f8fba32d95ba2125f00586a3

SHA1
8a600205528aef7953144f1cf6f7a5115e3611de

SHA256
a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

SHA512
9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dc6fc5e708279a3310fe55d9c44743d

SHA1
a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

SHA256
a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

SHA512
5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
bfdff2c8e9cb7ed6669b281f04af02c3

SHA1
1ff82474a2e471a4a9c45931aa0e5241a71369f9

SHA256
40a3bdd2d1a98978e65235b46ef7516ad15f3df94f55cdc6a4c1dd7c3b035671

SHA512
cc36c41110cb2caa3ecb559efcd1d131ad59b3e14a78686fff8fcf9e6a5ccfc102ac025d51740e06e676ab2cd5cf6a8580ad9b039b3abd2ecf485bfa97541701

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4be57b20169fc82fecf5be283c1ed742

SHA1
e029cb5ad0c4c4ceb13084465a0579bb9e8bb853

SHA256
de98ac58fed0086972b6ffd4eff5acc7676841961d6af6be5e9f59df2f69b847

SHA512
23ee48d00fc15fbc8ca17fb39207597d1e1306d79ae8883fffb3ee6d277e1bbaaf174662151005e9e7e8b17ac5bcec2658d8e189463d744ddd76d7043ef68615

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
42fea7bcdf914e93b06f71f88e1c638f

SHA1
57d1852d36545376d2f11ba021f98b782e5714ca

SHA256
93ef5edf6629b97d4fec42c7eef166b5f893b190d2a5bd396eb231f91850141a

SHA512
f30fdbf11fd91ee3eb716deefa64e3eba003716c8f1eaecfa518fb6408099a408b1856db252cf4db794a0507df10537172518419ffb864e82bdccedd21c00fe7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
913a23f521c501a6007a69415a897738

SHA1
3bcacea722f7a50683788854d3bea882039d4e7e

SHA256
6804565f7287cf3a63adbe96cb3e2c6096165cae6d32b1f674c0e2e7c994fd91

SHA512
db15458ba4882e483d470515d898e053be57a6461cf56eeed1f13d26798f8762cd445f07e53061e2b83362764674763d8e5409d908ae3a03d616b6d17359b4ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
f234f156576eddc3dcbbd7f4c5a720ad

SHA1
a03705d909e0f8817af0bb52b668482fe552e844

SHA256
7011de33a260cda0354f59c798a36b20a18ccee879ec433b46aef4e230157e79

SHA512
ae809dc68ca56c7d30901fb314cf809aca77ae9293eee628c9a1a9d53ea7f9df0be638d6dbe8abaeeefed3e5e85a509d2597d3a02e52c5920dd4fac1482ae982

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
e37079e3b6dc7e548200d314632681a3

SHA1
50b1a61a944f61cecfa05a693f0ffe40e0207c36

SHA256
0ef499bca6a8d94df0dc24e4cba509d0a51e7b1518fcf12643e5b10225a18836

SHA512
8284cfb9ceab35d9b166138890bc188b9424d4871a5e2a1930c12f4463f533e29563466bc1453a58c8856e60bf9124e74a784ec9956527775ed94ff9decccf98

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cae1.TMP

Filesize
201B

MD5
95af500fb654af409fee37c4b95a7fba

SHA1
d4c22188f924d35977de0df72b15f8f4d2fbd161

SHA256
111acb037094a6c742d1186f0eb911ed7cd13d5fc2b97bd1e99e872fd092a9e4

SHA512
c86db9da76478b14ebdaed5cf8771b9c0e13a3bff828746b3ae8ef320bda0a09cbb05b8612620003227f7e05336c070f1d6e8c344237d74791c01ea963ea7534

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f011c54275c105b4c16237ac10c55a2a

SHA1
bb64b9de3202fafb7b8f4949ae388d9bfe8e61a3

SHA256
1d733996ea4f36f6de0a904a2a76c617753359fb7d6c671ac9b6288689469b35

SHA512
a853c16d5e9aacc0075e962f3c91bd96dd5d78c1409622b3b6897eb7ef3f28ccab4aeb7b60b03c89559f4e0d68d77e7df2c8d8498b141b6a0762f9eabc8214f7

Download Submit