127968cc2824dd47853c33dcd4960644b9965ae2836d7c781cf11ad68e06b469

Analysis

max time kernel
148s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
29/05/2024, 07:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7ff1adac003488448ba188d62fa273a8_JaffaCakes118.html
Size

215KB
MD5

7ff1adac003488448ba188d62fa273a8
SHA1

d5bcf9a2cc5faca2d6aa011fd5e5578011ef0d08
SHA256

127968cc2824dd47853c33dcd4960644b9965ae2836d7c781cf11ad68e06b469
SHA512

7e1495a9421f105a5f0b6a6b48cdfce142984995c339144f0a771f59cced28e2039529cacc563b0884301cd5bb59556e3092349a9b85964993df286a9bb3826e
SSDEEP

3072:G+Y2MYJ6rHfgaToXdYKO5a9MmjtFt1gqI7KiFqXSe7/NqhGr:GBoaTobnrIe9

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2984	msedge.exe
2984	msedge.exe
1280	msedge.exe
1280	msedge.exe
1048	identity_helper.exe
1048	identity_helper.exe
3428	msedge.exe
3428	msedge.exe
3428	msedge.exe
3428	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe
1280	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1280 wrote to memory of 644	1280	msedge.exe	83
PID 1280 wrote to memory of 644	1280	msedge.exe	83
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 4516	1280	msedge.exe	84
PID 1280 wrote to memory of 2984	1280	msedge.exe	85
PID 1280 wrote to memory of 2984	1280	msedge.exe	85
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86
PID 1280 wrote to memory of 1104	1280	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7ff1adac003488448ba188d62fa273a8_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff85efe46f8,0x7ff85efe4708,0x7ff85efe4718
  2⤵
  PID:644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2628 /prefetch:8
  2⤵
  PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:4316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:3272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
  2⤵
  PID:4984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:1
  2⤵
  PID:744
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6196 /prefetch:8
  2⤵
  PID:4724
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6196 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:3008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
  2⤵
  PID:3908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
  2⤵
  PID:1300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5912 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3084 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10896005044650996598,17476402245018640394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6936 /prefetch:1
  2⤵
  PID:4880

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3388

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3116

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
060db61f83dcd25987482e23a34b2d9d

SHA1
3f9879470fdfdf03b880ba2eb80292fd6969f59f

SHA256
e2b13d4c5a0bc1d7e3e82cc2c2fb23738e0bb0d99115cbc75fb344a4c2112f1e

SHA512
f87d8d87ec1a87c6ea8155923be18348be106afab757eecc349c4345673ba40084a0c608e94c3c69c67e5dc82891e9a44b5ab1c12ab7dd97d44352b53b7eadc3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ae54e9db2e89f2c54da8cc0bfcbd26bd

SHA1
a88af6c673609ecbc51a1a60dfbc8577830d2b5d

SHA256
5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

SHA512
e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f53207a5ca2ef5c7e976cbb3cb26d870

SHA1
49a8cc44f53da77bb3dfb36fc7676ed54675db43

SHA256
19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

SHA512
be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
5157a360a43b79e27edcb4e91ed5fd4a

SHA1
8e473693eb80100c29bc9de1fba3ce5ef826db9e

SHA256
900a6137e41c5b29fd69b991a5b81987ae17ef8990f06f68260d49c5bde44997

SHA512
0c3f5f7182b6184ef0348611ad9af12df5eb71ea3c3c27d030e9305ca363fe3589d2b3d336e40c90fa5bfbb7891fc75b8b812512e7cd5f04612d32152412ecb4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
5cccff587ceedc30449e1c4b6146c3d5

SHA1
1724437d9bac245b47bf540a94464a27bf244b18

SHA256
c3aa6692cebe405517f37a99947a4a9311ef2b222450e3a364739b21cb0ea5ef

SHA512
fb4df789569f46f444d727fd5cde166376167769ac88d346edefac0f71e1b079a8ac7c68a1c2386f686d12662854090311a6fc7905369461b9c654d5251c2baa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
56bc4ee44f46cc56abea7091eaa58599

SHA1
1258d6b705dd454b77749c4d1d7a66f39b66ffed

SHA256
2fcad898dee79ac11551565a74056f8f852425d699d0d4b087f74cbac6dfaa47

SHA512
3ad0e5c6b4af8894423a72bae617f8553c471c89e60df3720679dcc1c0cd73ff7b53698053626b85ab2ccfe246958211c88f2a82d4f4282ee1a213e4e2145329

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
66a2ddc699e934c098a9276299354875

SHA1
76b6f87b4ab051059d60cbe9a89e660a051aefc9

SHA256
19f8e369d624ad2ae9134ee07c6f3d1afeaf93fdee8e7d07aef5123d31a1afec

SHA512
3b4bde7ad5383cd3033d54714e0e67931b39601c2ae9fc0e31e7bf3b836cf9b3df900dc5acec91cb839176d6ee368a845a7b9a191ef0b94df09f9118ed6e8c8f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
33ac213f738f380051f0e5ab61fe9cbd

SHA1
9059b5950d33d664da2d8abd1166d5935b9b3db8

SHA256
53c708fb82e3804494307e61489ddb89598f6e65d91a0bdcdc20ff16b9df3e7f

SHA512
27190e1e1928a830d7a0ac0e0f4d1c4f907355da5fde012768dec1c81339c1a4e26ea658bbe826eaffa3210b0210ae952456e22cebdab33024a88af8107f9073

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
df219e46d208cba4213ad6b20745e8ef

SHA1
030a5407082131c58bf593e50673d9a65ad4a09c

SHA256
7fdeea77de506f6b4e91a09fb59be37cbfe3b5dd599cb785b9b3de87249beb02

SHA512
3da09e1b4913069f7dc373b97913b82a7233ad3aadb7354bb079416c1dee288e5f22e57fd8aa5b121835b45b9b5b9b201219f0eb433c5a232dcd96e96361fc09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c59b4d61bdbc0f6079af8baa5ecd81b1

SHA1
15ec0ff84fb1fcffb50da6a4cabbd5ea6908ace2

SHA256
3185a29c320b2d477e4497412ad8000a6aad663237fadb6420ad98bab888c0d4

SHA512
43935d39f3c795c5a348a67685348be70029a5db5e0d2409c26d29e3e6f66d81cf4785b6ef3cd4e0e155fb237f611f49632adb8e33de58279cabcdb6b0d5fdf5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
30f79e2da044261489d20781c4e91097

SHA1
98cba6bd1c781327dfe54e9e3da890a9d771da4d

SHA256
1cd5e39c9075da7654fbf2e9bbce899237d748650a140fbf4498cdf7bc826ff0

SHA512
b9c757e22e494d532019322c9b9379a4ba2f5a9bb7b3cccce752d8cb31aeb32875005c0af4cf8f073feb4075548e6df10623f322907f60bf29d22b7b62f548a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0a0759c16e27d6b63c0069b216de980a

SHA1
c1f7f8c78973c2cec0e9f04820e1383213fcebc6

SHA256
0b6e1713343798bc9520587f7395af37f182c5086a44122cb89006ac909797aa

SHA512
c0ac1f9f3dd4b70a696297601afda139a76f6d0936abfcc0093de41b8d2f11babf3f24faa43f7f799a1035373bb34202d9ade457458bd618659a64f3c14435fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
368B

MD5
f7009e03cc76af9d91373024a4fcecbd

SHA1
f0475ee2172a347ab1b97a1087627def1695a33e

SHA256
616c7c03d58f9a9665977c3a78331d84a112efc1cad16f6dd1b993addc21f086

SHA512
738b158e30a3c9a71aed1e0546dbf0d2c1258da614f793b9c72c53e42d2c1b22df9bba945cf83fee13a7708b1dbb6a4203de9f7bd5328d427fff4509787eb1a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
698883ea33f94f074509fd0f211b51d5

SHA1
d2ee12f8ac7e17bb9b974f4baaa248b3e0a0f4f8

SHA256
81549750b9fc6d4f3aba904333803f74a287206a89d993cba644381cd3a83b90

SHA512
b74387959f34c1fb1dd0df68550b114ccba0e676bc7db33669d8a389ce776ae7f1769aa7b7fb6fcd0a06095032a12508b5de7652659cfc8f972ee7fa2766ead0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b054.TMP

Filesize
203B

MD5
cce067adce3a8809be3a02ea2b09cdab

SHA1
06fbf664b1a27b664f2cb3ebb762b33fa3e65001

SHA256
430b52693827eef96e41049642ef819bc3e08b0eaaa012592fbb50cf364f6be5

SHA512
440fad8064290fcad0a7b7f0031650b0b635447326b2d2b5dfcc668a3992b6863a72302394e18f54fd1685420355213ac00ee051741338b77fd78632cb221291

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d0e63b0145ec33cb231da8ab5b2008a5

SHA1
343a5904ad46a2766a84816ec905e691ef03a092

SHA256
bdd38083d58d818beef1f9ac76a9f0adb4f6063117f50a59f072c411f0f3ab54

SHA512
1389e568b0e7629eff0612ce2b1a9e70fea0cb2b4183c7f7e4f9c0c84e56b434dfea28848b8b15de4c5ea6596d6c0037e96d548cff769a84d631c448f0293ab1

Download Submit