051695b7ab11d4420ae75d55e3d9831a9d220991f427dc8e3c2be0785ab35ae1

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01/06/2024, 07:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

89d02d0e97f58ab25d834f70aca3feaf_JaffaCakes118.html
Size

86KB
MD5

89d02d0e97f58ab25d834f70aca3feaf
SHA1

9d02416c64ad3b26a581c475ed92e2a7a2ba4518
SHA256

051695b7ab11d4420ae75d55e3d9831a9d220991f427dc8e3c2be0785ab35ae1
SHA512

7298048271f9c5d43eeab9305bb96e7f9261b8aa9ffd9b7f7fe100bb0c63b6b2eae760353402bb2fba8f358e94fb3a23123c47755f516b263668ea6c0c90f39b
SSDEEP

1536:M+ycJIByEjKoKZ9tJJvqTq0npCRO+Mqm5HoKZ9tSnHEOIOII:q19KZ9XJvqT/CRO+MqAHoKZ9g9

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4336	msedge.exe
4336	msedge.exe
2532	msedge.exe
2532	msedge.exe
4428	identity_helper.exe
4428	identity_helper.exe
2980	msedge.exe
2980	msedge.exe
2980	msedge.exe
2980	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2532 wrote to memory of 1072	2532	msedge.exe	81
PID 2532 wrote to memory of 1072	2532	msedge.exe	81
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 836	2532	msedge.exe	82
PID 2532 wrote to memory of 4336	2532	msedge.exe	83
PID 2532 wrote to memory of 4336	2532	msedge.exe	83
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84
PID 2532 wrote to memory of 4560	2532	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\89d02d0e97f58ab25d834f70aca3feaf_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd168946f8,0x7ffd16894708,0x7ffd16894718
  2⤵
  PID:1072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8
  2⤵
  PID:4560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:2148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:2140
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 /prefetch:8
  2⤵
  PID:680
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
  2⤵
  PID:864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:3584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,13924851077072693203,8894498514452502482,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5032 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2980

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3208

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1420

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
19KB

MD5
0f0c9989cbb18447d2f5d954c20ed99f

SHA1
9ad0fd560c0c478c67cc8f118e363b3a1d1cdb5a

SHA256
a43a9e5bbd2d8a8aed070df3b2c799afe064312d6f248c4a498a67c0f9a02720

SHA512
ad6a2c60d3e5aab48497169e380d0fa50d7a0fd2bfa0a07313d880afaafd2ff2be7521864ab7ec661866b1ee4309467ef2733a24dba7e0facde8d190739d9fa3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
32KB

MD5
0ca678222114585bc701a81128e81da5

SHA1
7153ab703cebe63231f07951ee322af357b30d0c

SHA256
d9899ffd6d9533dd3c0c34f02c7ec9f36c0463e0b9386185b0fd0fc5a6247997

SHA512
173f744c73f5dc6578dde2a593a0b66688b9c90e2ae066fcbc75f8c080378cfb4c863047cc36785250e788bf08b77efaaef02b56c1a4a8874fef8654b16c4f28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
eea030b9cd6b32f8b54d7631b349fe94

SHA1
8e8889e486b78ad93248be8193511c6a6ee6fc66

SHA256
141db386100826241e5d82da3ac0e6f3ed5fb3170bcc92896ed3bd78bd9709a4

SHA512
d4769f847afe8deedba0a851ca4b312eea19d58e37d0317455ee8f21d470d90806a5206a8960d1d297e4340df32004edb85fdf669907848d26c0da6cb191492a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
86200baced4926fbd851e26d5b3a9ccf

SHA1
330302616aa53b61ff789cdc0b6832704f75b37e

SHA256
e7d05a20f1b7563aa13b1b64caa2c545cfee20641ab225a4610707b17dea6627

SHA512
60f151ebfd33a1da9f2d1e47d82e605c63b360d37eb38553d7a46351abc45fb1d90994c5ef8afabad967b1dec05ed1b29f614a5822eb66687b793f4a1cac4d64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
23951e3a2733f1339ea65f2f88687921

SHA1
ce9cc7812736428b77a8d23d0b7923113b21cd91

SHA256
e508e5d942f3c499c17245df50cff8e819a9595acd7072e7ae1f58e5e5ef3a11

SHA512
7486242beecf08b7af0a75323b3627af26b7520ebaf676032186bfd00e9112d625e64aa0e88708ef035cf4d421fa5e716485eb812cbb0145fec4ec0b76b0ac3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b7083c5d1cb7191845ca058d6b139a1e

SHA1
99f86026da48b8eac5e84bc9eee149b755075c10

SHA256
36468a01a8f25b53c0a6a81ea4fc5783e0bc74eea93fc20c916c98eb0dda9a2e

SHA512
3c1a0f9662f3dfcec569e1b7fc21b3a8ffb93d005487f96e916b31a1fdfa76b9e08992455e7273a71a62288d1f406a331d41134063a12082c62fce1b294ef0db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d2bb76c954be8a1a5ddedd48f786b026

SHA1
8396e744713d57e792f0af0af30fcde53075c4aa

SHA256
76fb2e2f318098c755b48533d5caddbfed5c996d629f26a629032ef08bf2ed1b

SHA512
26b96645236950c237a7072076b4b19fba23f7e892bcead569ae2efe53c72d2c54ce3e5cd6722b91bf57ca6660de0d477255b2b63ce9bb83aee01d45c26aaa90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
059bfbd90ff613edc2d5876c5cf8cf1f

SHA1
a192997313a0808a4d23c1995ee8ca712f8a1bf0

SHA256
80980c401b3968069aba8e86ab8675736101aa1158a4a9024a9b61698363487e

SHA512
770b47489e0c7d67c96b9143f4a4ceef147f6239e88a3372a09ac6bcb701af04c52fd1eae78a9b2ce89d99cd79c5b5a55627ddb9bf9591983b19671d5ac14110

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
52c07bda08c29db952deeca453c886e5

SHA1
c6f4f570d37ee93d8429ea7b19d35bd87af9469a

SHA256
cf21447fca0eb942585f3c8503b6838219ea177c4681c4df758e55920f62e0d1

SHA512
f0e24fb4932f5f35ef7f14ac087ff229a7caa16016e7afdffbed9ce2ebacc83c181a9e93a6f9a4e24edb7d540a8c0dc965b9d0ceaf5561868f6f9d56fcfe2f71

Download Submit