8f84e25cc3817fdc04f97261ece3243b1f9fe1bfb2be5489558eaf3bedf09414

Analysis

max time kernel
149s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
01/06/2024, 19:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8b8fd86535a0f3f07773edc33e449695_JaffaCakes118.html
Size

212KB
MD5

8b8fd86535a0f3f07773edc33e449695
SHA1

bd4ec81b907b6dfbe2bafad9a2d29a20bfb892ac
SHA256

8f84e25cc3817fdc04f97261ece3243b1f9fe1bfb2be5489558eaf3bedf09414
SHA512

7d5e7873d9faf1b5493490cd7b82433f78357af734924aa565b198bf5cb7c8b4c9ec4349aef0785d28135520e7766bb456fd016fbeeb8d81fda4352244688617
SSDEEP

3072:KikpikIqLp1lMcXmNRStQQVAlUd9kHuW1qus67dXTk3WTvX7AWscRfp9b+g2hdx2:KikpikIqLp1lVXmNRPp7vGgV

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3692	msedge.exe
3692	msedge.exe
2668	msedge.exe
2668	msedge.exe
3576	identity_helper.exe
3576	identity_helper.exe
5856	msedge.exe
5856	msedge.exe
5856	msedge.exe
5856	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe

Suspicious use of FindShellTrayWindow 32 IoCs

pid	Process
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2668 wrote to memory of 2180	2668	msedge.exe	82
PID 2668 wrote to memory of 2180	2668	msedge.exe	82
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 4588	2668	msedge.exe	83
PID 2668 wrote to memory of 3692	2668	msedge.exe	84
PID 2668 wrote to memory of 3692	2668	msedge.exe	84
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85
PID 2668 wrote to memory of 4544	2668	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8b8fd86535a0f3f07773edc33e449695_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe344246f8,0x7ffe34424708,0x7ffe34424718
  2⤵
  PID:2180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
  2⤵
  PID:4544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
  2⤵
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
  2⤵
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
  2⤵
  PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5924 /prefetch:8
  2⤵
  PID:4784
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6832 /prefetch:8
  2⤵
  PID:784
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6832 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2224 /prefetch:1
  2⤵
  PID:5332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:5340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,14217027486460139894,15031202064408695080,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2040 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5856

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1008

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1640

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
537815e7cc5c694912ac0308147852e4

SHA1
2ccdd9d9dc637db5462fe8119c0df261146c363c

SHA256
b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

SHA512
63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b167567021ccb1a9fdf073fa9112ef0

SHA1
3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

SHA256
26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

SHA512
726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
23KB

MD5
e1c71f7c04be834f5587230db2ad24b3

SHA1
f3bab9cb99d9f343bf7ed3981aaa7450515d2424

SHA256
9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899

SHA512
205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
1c25d24cf505b2d54ad09ff649c71160

SHA1
6e33a12e3f6129cb4be55302821fdf4be7ef5ee2

SHA256
59683a9dd726ae7a91a0cbd46fd827e03f1c771b6c6b2a3b85cf93afa5753a3b

SHA512
b4115dfb6025a98daeb23fa2d7386e3c733cd68ab2099b819465924dc37c48f3047cc8f7ab8d6cee85ab789de712a083fd1e0e958c26199339cecf1e489c4063

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
87e5dce2728c57ec435a5a130e4e1e07

SHA1
7572961831673ba7752c647603678248b8fced3b

SHA256
5d61b0921e10530d213f8db03eabde9f723f2de54af0be70375a1b9720ad75ee

SHA512
d92acc08e706c85489289c2771c9d4fdf9466337a3e3611667a28e705928133c1be767d924d5d8ba7831a71fa4080f8474a2d6c9c8689d213fb8d875a6d75779

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
2a4358c0ed8e3b2c99107abb78a321c8

SHA1
1e1c93441c256c48f0eb0436880d73c73733e5f5

SHA256
be1745261d37d21a05b7c4f32daab77af1b79aaa3f4ab583f9d85ffb5a1f2bae

SHA512
ced49d8b1fb64b70987892610513bc716d04dff31abed61b14d97d793684f263dc15fa68e077e0e365022852162090f7693fef19508d3b04c4209b966f5bd191

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4a7814aaeae7f144b1450a16c492a2ce

SHA1
ff24afbe233ce0c9a94f401d71be5eec750ffb38

SHA256
7457a28f6d0940a52612be49460a0144c47d2da514853c443380486adb8e4229

SHA512
b1ea8e7d9ccfcc4d9af8b3416c8a5cea4c4d1224fa747876f88f3b57a908df5106fde520560e990a2f47636b1a5ebd1b53628489929c73ef709e92699d5f06e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0396e1a918c0c511bb1483bef0a064ec

SHA1
f549ee23a8e524274bf568c4a356dfdcdb45a25a

SHA256
296ba336b8742cfd186f764a2e4b0ce63df0fa99182857d022a4cd6989f6cba3

SHA512
f8b89e8d73950134d210d4d2622a4d3eef61f36b1490dfd7064042d45999bf2ba4280c869932b55f477fef7c8af9c6a813cf264d5f6265a08772e20710f01d31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
81a6c8afda5b7cf68a484b3934e29291

SHA1
2e589b557620d6e426f7eeac070f69759a56d692

SHA256
024c38c3050de25e6d73979768e86c782d7c560b568fe860375f5a6a9d28d858

SHA512
aab35727cf3559e465bc30cc21e7cfe89cef998b946b02ada5f398c7b777cae7d6ae207c075a6906909972d468fd0adf9c7b841286c829fc56c7b53a39a9410f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7d6abf2138ec13ce432776e0fb1d5552

SHA1
61a4a8dc3a1460b218cb54ecda8071f7e6df111d

SHA256
7a945b38553a1b62aa6f156abf0e67d3f25e1e1d8cbed76469e4b2e6cce4abf7

SHA512
7a249d70be665912a7ad02f96857091730b4d9f82402c54b5f7348b7524fa12964dc79e3504a74adc42fb479c766591b0e47709ea0ea5fe93fc457221f1407ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4a2638c2aa07cd5a7ce2308a2df5741e

SHA1
b7660b9bc47bdf15843c285ea0180faf8d6c7182

SHA256
155cd341f2e190a984f6200fea5dc04a98a2cb52d901e3b881ae78d72077a8e5

SHA512
61f1b57dbb7e193250a5595308cf5a58cb64ccf183f727ad312022bcf86de7e5a2a64e9a80b08de043569609fa6b7051f549363f61f059c5f47252508edd155c

Download Submit