645f01a294a2897a7c750b8aac4162ba0c2dfdc2abc2e73883242f48fc7f18a8

Analysis

max time kernel
145s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01/06/2024, 01:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

88f342d7e54266fea3d650513226edef_JaffaCakes118.html
Size

29KB
MD5

88f342d7e54266fea3d650513226edef
SHA1

c564d608b4cc9784e3b03a539d1863e6b4328767
SHA256

645f01a294a2897a7c750b8aac4162ba0c2dfdc2abc2e73883242f48fc7f18a8
SHA512

055eee4d31b1bf5a622a80ed544fee0b77e318f4d8785bed8b435776f902a9d33344ec0c22265f2d710afbcd86640e0917b1626af1f58aa17c7b9a02593f9177
SSDEEP

768:SkVfsvqC5Xtfm4xR9YpIj6FNxaIN60SiBsx:SkVfsvqCOiepfM0SMsx

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3996	msedge.exe
3996	msedge.exe
3156	msedge.exe
3156	msedge.exe
1892	identity_helper.exe
1892	identity_helper.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe
3156	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3156 wrote to memory of 3644	3156	msedge.exe	85
PID 3156 wrote to memory of 3644	3156	msedge.exe	85
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 1032	3156	msedge.exe	86
PID 3156 wrote to memory of 3996	3156	msedge.exe	87
PID 3156 wrote to memory of 3996	3156	msedge.exe	87
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88
PID 3156 wrote to memory of 3596	3156	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\88f342d7e54266fea3d650513226edef_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xd8,0x110,0x7ffe6b4b46f8,0x7ffe6b4b4708,0x7ffe6b4b4718
  2⤵
  PID:3644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2040 /prefetch:2
  2⤵
  PID:1032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
  2⤵
  PID:3596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:2612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:8
  2⤵
  PID:3176
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3040 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
  2⤵
  PID:4080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,4950216017095699015,3560386503041210123,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4524 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4556

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4528

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4976

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
b9335c7ffbe63f1110e5a5640dfda506

SHA1
c1397ca5c1f20ed6816bc245891f6cf488e1606d

SHA256
163ac007d48760a06653a9cc41a048b4f9eb6de967499f8872f0cb4a0037c54e

SHA512
63893c84447685540e44457d4123d80fe8524d59e293dd3a3a6bf74aa7c904aff98667b587c99e649501d4783a3a6ba28c4c791dcf489d56e773a6e1a0754f88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
183B

MD5
5c1019a2fbbae64fc4028cb6454df74d

SHA1
d20fe68f9ce22bfa8c0b745a9766ece9609b58ea

SHA256
ff935fcbc416876bcd99dbdb408a834913432c5a18f17d8586f5301874ac6a75

SHA512
9eda61ceb453cf16e4aa8654fc73223f4c1c10fcbcc4459449fb4da3d21b452b7c81ca1a3f1a633c18d21894c3e902ea1ed1ab27a4ce2583c28b5ad0562ff48f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
80b8feacea8167a6dce74329717e05ad

SHA1
75f478db1ed211821ae065087693893504e1a77b

SHA256
3693463c25a94e60aa62d47aebfe25448efeaae58a9c42909a2ecc035dd17d69

SHA512
1f3c411628d4ce1a5c43ecfbb3a1251a35f206de89ab924fb6263dba4a835f7ef96811f2a2b02e581dcbe003898fd00e739cca06c407d2b282461669f98da364

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c454fc71262688c444af6bdf26b1fcdf

SHA1
8250d4f10b31be52215971028c3b0c1aaeb9db38

SHA256
c303c6eea4aed8af4ffa6b95068f9be3c2f4f774a2f00fdf1110e2ea6ea65919

SHA512
f13ba0c6184c97a563d16b0968f462e938020dc44786af5c1fdda61534e8647479980c3188d858d45e4f996c13ca8599d1c26df9e1016fa5ab589ba27fc36a0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8282921b99193431bc417255919f6193

SHA1
b3903110563e4121175c2cf04ae1d05868f98e17

SHA256
a43a4022160600f3b02d775fbad3a162cb440a1f52f668d618a35a012009749d

SHA512
bbed90b43e5f5490f6f16ffade16dd72da27bf664d8671caeb7efc96ac3a3002c0df364f1258bc2d7f8b6d7c020781e328c5a8fd3a5c5fd156166f0e05cda966

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
156ed826a726bfe4e1f0f96fd68a1e2b

SHA1
20a7a978a2e9a3d1e16dab3eb8ae6989d566b9dc

SHA256
9c9962e57e0c6f3bd857229b454279a44f8bd8ec236df41e3508ae22548939a4

SHA512
03289049e313812296de68e8c116134b434738caac12bc0a3cb91a3929cf941713e6801da382a1b7b2de06507b18d1cdf6180879eddb028a4e4ed6cc4f1b184a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
15a98b3d5394feec85aff791c6f3de89

SHA1
ba56cd321cc0396395c859b27225f4b36b8a571f

SHA256
6ab5ea7beaf776b025404929032a38f863c980ae5f8f7e7d41de264a3e7dc01d

SHA512
d4c4af09088f4e240edb2227fd96e5c686a0c93dd4e98d30d88ac00d7a627f0b02599699433fbfb4aee2e633a7a0fcecbf7efe75ee8154849c42b19ee479d67a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5812c8.TMP

Filesize
203B

MD5
1053cb5e7a0e96f8f7433485b9b934db

SHA1
3490d0ecfbdfddb119722eb7cadd4c07e89b56f4

SHA256
9bee00fd63db04cdc73b872badbbf91d10d5e52d7c377585532b2361a56db7cc

SHA512
72470575de9d1b4efc4eead5e6651e058bc5e5176e1756df7697e8b3d8165084721f4daf229744f77741ed786e696c4efa90cef85b59fa999337e9c0d85a61ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
69649fe05fc81cb6d2173976ab2232e2

SHA1
f1c62ed0fd0df06c24e8eb39061aeb37df89509a

SHA256
c260a6b6edafb9d11b013678076074c2a7bd47ad7423c73bc3af8e3c0f714795

SHA512
d263bcdd1dd47370a549ba265a07c1c97be372de18f4efd25bed190060281242f2293b722e8a3e67ac9eafc9f233d14b3c8add8d44d54de82f36b4588e8038b8

Download Submit