00147b376aae4b36437fc52c38f7a43f78d99a0f46a51b24ef2016311c66cfb1

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
30/05/2024, 02:44

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

82cd257efecb4f7e57c1ef8dd40f27d8_JaffaCakes118.html
Size

189KB
MD5

82cd257efecb4f7e57c1ef8dd40f27d8
SHA1

69613933536fa5897e7414400e6c57ebf765e1a6
SHA256

00147b376aae4b36437fc52c38f7a43f78d99a0f46a51b24ef2016311c66cfb1
SHA512

d05229f82683c5f8b7806e2f135092cbc3b405232d324b7d84312930c4f97165ccf4222ffc3ccadda98c53b3a421f974ddc4618a50352ee8bffb359ce7dedadc
SSDEEP

1536:4VEU/8DDPEtOVTlzVIOOZsq/JiqI9tsJfzHDf:8RkPP9VTlzVHOZsq0f9tsJTDf

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
1464	msedge.exe
1464	msedge.exe
4876	msedge.exe
4876	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4876 wrote to memory of 208	4876	msedge.exe	83
PID 4876 wrote to memory of 208	4876	msedge.exe	83
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 4048	4876	msedge.exe	84
PID 4876 wrote to memory of 1464	4876	msedge.exe	85
PID 4876 wrote to memory of 1464	4876	msedge.exe	85
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86
PID 4876 wrote to memory of 4456	4876	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\82cd257efecb4f7e57c1ef8dd40f27d8_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffca1246f8,0x7fffca124708,0x7fffca124718
  2⤵
  PID:208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:4048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
  2⤵
  PID:4456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:3168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:4656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3768 /prefetch:1
  2⤵
  PID:4400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
  2⤵
  PID:1540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15937153852457459191,5620365066773267101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2204 /prefetch:1
  2⤵
  PID:4772

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1612

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2116

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1348

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
23KB

MD5
e1c71f7c04be834f5587230db2ad24b3

SHA1
f3bab9cb99d9f343bf7ed3981aaa7450515d2424

SHA256
9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899

SHA512
205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
9a8be4500544e2ac08cbe4f916d27e72

SHA1
5c23b6ec95cd126b4c42df618b6c70ac5fa0e763

SHA256
f7c57243efc57afff83c0e79da6cf7a67d59db380a7166aff22546dcd2c507e7

SHA512
74d06d6758f35e4d75cc4ab3e052948a82a2e20123788318c0de7a278f2cffe42d083bf4d882937c8d295ee6d61a8da1ebfbd2f02ab40077acb008844df6c64b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
a2c8ec961c39965af42343aa3bc5ec75

SHA1
e79663eb0771e0135f3701e1d980240da82e2c27

SHA256
d76856b43b946c8c5e64add237beea9dbc1b36fc6ec1fcc566dc92227b044dc1

SHA512
4c696a5cb90f1dfe62fa230e40a2970e66bff13ec51eb797c7c1a0fce1823b9558a5d195613cd5f2e00b01a37be86e155a3c5fe6bb0c16c80ddcdf361c92ec1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
e2ce50b3d9511251980aad4dd0794cf9

SHA1
fa0a6e96544c32b1869035ee0e739fcbb5994930

SHA256
bbe72e116678c73e98d3fdbf26ae13c82c973dce31117f799283ac63e3249033

SHA512
a2e1a67adf261d0ba125579645d572ea5ec0427a3b4df52885cc0f2fdee8d94797826705234d729e45f99c9a01138f04b035efb28da73006ccef07925fb70e03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
06e3bcca8eb205433a5de2a4bbda2fcd

SHA1
64a750cfe81f77b282bdf3c42b6aca88646a21fb

SHA256
72a8df7ed5af5d33be1c3452345525ff20b630675027b795ef3101c4c26a2515

SHA512
f0d6ccc6cbc33624a0ea8420a32ed20688fefa8758d90e8521a43c8fdc10594218bfb43ab8d618b60889d819804aa2d9325d85a0bc2e67ae31f8a0c080e30c9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
86b0faac7df87efa55457f6627bcdec9

SHA1
2ff13d37d2ba1a5f02a69c19943ab5d05fc18624

SHA256
4d75151d1eecbd12d0aca9548be4ecb736d205ee99b58c1a732e524db0a4f18a

SHA512
44be357a197efe2163f14760a590e70d6c0ab5e8c31894113fb2f5a6aee9537e7c9112bf07a01845b271614f7dca984e23ccc57ced5e985a7d53eb4bee006a9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
5a7619cd414857bc6b66f94f09ae8636

SHA1
3a9e5e731321b4cbf22ca26da34f322c3a00615d

SHA256
a115b86363cad02e055293e944e19bd194da9c8280140bafe04a004efe906193

SHA512
ed9b51323179e7a9f26ae8be51ddc7a1add65e2cfaff8cfd5f4644f1a0cce1661cf269318dfc8d918772d1a79d5fe17df3406205c7d1e247ac452230b96ff2de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5102067011cafedcae78d79bdb805905

SHA1
fb556d80bac2e68f6a08eef8d5651a6ff629c08f

SHA256
a58dc60de81539f1567e713b678d62f53a1420e0819ba26da8fe287980f92cd1

SHA512
c5d12113d528a110feec253d35a28b3bc1be58fae9f0e921145644325449ef752c52be12d804a237c8a6b5fbe22c911990984f57f8686648afb46c6644517eb7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
cd636b71c60ab52201486ae0a06e9618

SHA1
ceb210f7c0ec76c0672f859a03e6b8f7f100c25c

SHA256
a44990377676255c3f3f519386db5912a7188a0f05dc9fd550b1d4ec32a7543b

SHA512
950c82d94ae91b434b9d139f542da0f7f531fca88098c73029f12ff58937d7032b5b9c716a2aa1dff2837fb3932027aa0ad4e34608724521dc7889852d60ac59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
707B

MD5
9509e6ccc8c16713538f8f11606f6241

SHA1
025c5320062e50b1fd05ea71068804b2cdb84a7d

SHA256
8da21274bf0faf7c8aa84875cdb015b6ea3db385011baba14d8b9d57c9fbfc4a

SHA512
7aeb3b5d5d18f76234dc8bf00a5582a6939356c4ba8f3620d8ce364d97c5cb40e49938b5fc4b810faf75dde979c7ca627770a02a87a1076b84085234f5015bfb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e85c.TMP

Filesize
540B

MD5
af5955f6bd2ee418929b94501b8424f7

SHA1
0b3d5000a830ae2e7c88123cb941042d5e82dc2e

SHA256
cead54ee5c05b0ced61971fbc3effda1060c12c6a9806d40e95eb943e53f466b

SHA512
322135b6c5e86c3dd374a74a78479ee4137d81e3e297b3fe90ff9e3d0434af47afd6b4975ed71dbf81c56d213c9e70a50ea839800663ba3ae9344f675717830a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ebedd018437abc91f789d2e02a46842e

SHA1
a9244dcf35a0b3fa2b3b06c8f98d0039d5108bd9

SHA256
f2555e04a99da4be3f86192428846703718e52bcd0c3e145d7e8427c6e9f4c56

SHA512
5fe9ab93b3cbbfe3c34b91dd75b45762e2c2108e136dbbb67ba8f7b54812b2e4ceaaa2383c134244657b2d1c306125529d2dfd637e15f33637e53437d8075654

Download Submit