bdbbb833d454d29c60f0d39806729600faf40eb0d23cee4796c9fd15541980bb

Analysis

max time kernel
145s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
02/06/2024, 22:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8fa5316257a81f83aee0c9aa1b032869_JaffaCakes118.html
Size

175KB
MD5

8fa5316257a81f83aee0c9aa1b032869
SHA1

9abfd5a63a4ad90a1fdee7e3a4092d974e4f3b9b
SHA256

bdbbb833d454d29c60f0d39806729600faf40eb0d23cee4796c9fd15541980bb
SHA512

1284b00c45e2ce3694d9e93d64aacb12d90ddcf4a67145b5be6253b3fcd9e961ea61bd151bc5824e855d6ff7c0ab57c57b2548011c52f9cafdc58d7ba7a54e97
SSDEEP

1536:Sqtz8hd8Wu8pI8Cd8hd8dQg0H//3oS30GNkFLYfBCJisU+aeTH+WK/Lf1/hmnVSV:SOoT30/FSBCJiSm

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
512	msedge.exe
512	msedge.exe
1072	msedge.exe
1072	msedge.exe
1640	identity_helper.exe
1640	identity_helper.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1072 wrote to memory of 4696	1072	msedge.exe	83
PID 1072 wrote to memory of 4696	1072	msedge.exe	83
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 2304	1072	msedge.exe	84
PID 1072 wrote to memory of 512	1072	msedge.exe	85
PID 1072 wrote to memory of 512	1072	msedge.exe	85
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86
PID 1072 wrote to memory of 2352	1072	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8fa5316257a81f83aee0c9aa1b032869_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd6b7d46f8,0x7ffd6b7d4708,0x7ffd6b7d4718
  2⤵
  PID:4696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:2304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2728 /prefetch:8
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
  2⤵
  PID:4884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:4988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:2380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:872
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5876 /prefetch:8
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5876 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
  2⤵
  PID:3428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
  2⤵
  PID:2960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
  2⤵
  PID:3152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:3488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,6147679176371393975,6786474174904143110,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3164 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1620

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3892

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2756

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2964

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
80c663a77209f9ce9969b143e99e4f74

SHA1
9b775a0e54647b588218dafa2d40c46411b26b24

SHA256
c4d63c8062110a14578d405f28d1f38c01281887f45e3b8938057afe3997dd2c

SHA512
5b8f31ff0bbf5afe885e14bd7c3c726606ebf0e7afdefb4ffa47d2f4430472782913484f8dc7725b5709d7075ea518d4dcdbecdf4dd176e57e00728cc9561e4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
1e5c89f1326d9f59ca25be56711b5f2d

SHA1
9a9874c3053589802f61ab2362ed6e12c8c8dc62

SHA256
2eefaf789de5001fe7de14a0c0bfaad5dcdbb0be463bc20dd65a00ac693e2f5f

SHA512
c5727581f782d854143286b8cfbd8d20ce51903450330dc444da1af76bd8f7fb8e2ef34801439b434686bf8f704aa023be950010286ac5b7119387b5ddb081e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
a50df18d2c941e3a64154811579c660c

SHA1
a418cb07b9ba012636207bb6939db77159b24f18

SHA256
ee90c14c6b58921035474b1a8fa55f0e4e3feeaad37793d55cea0b4f24414471

SHA512
00ad46069bd4ed7cd4c7737a352d74d1cb5d2bf6deeef84dc90398744bd905b6eeb64da32966bf5fd1a976420dd77fef1c87e4c6410c24dde9c6947bdfd31f2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4bbfbea4530c6e4e86b7455dcc4fa6c0

SHA1
2000aa22bb4391c5989f3224696442a579edd0ec

SHA256
b01b951b8c8be75fcbe0655e5433281d72308982fd57d9c69398e861e4d44ff6

SHA512
04c06fd2f7a5f652e48b44f9239bc482ae2cc6238f5704f3dcc28a9781254028d766c3c87841f2d22d0e530782bc192dc19ecfd1e7a3f5280a3a466d30cad604

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
10d6665f814592b9dbab3739186cb6b5

SHA1
26be2a081f5e6e84b3a497d6de8be1b2d4fa3056

SHA256
7623ca03e36847761e58c1c0b049466e06703ffa4242fa96120e24ee5e7316bb

SHA512
d3dff3e400e91014eada29afa7434a471d632e0823f919e410f210283cf946d63ce1b1172822ea1d66e6af95350665652e868483a0614d97ab9875e82ce5e6b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
29338fd4f3c9e488abbda51ad193524a

SHA1
7997967ccc07e0825c5260f6517c4dce2a42acea

SHA256
8744dbf33754c3071ad2df88fd2c2424894a9297fdaa0228c1f3d821eebab6fb

SHA512
fa14de6e16cf1c3c639bcb862f2eb37313292f78a45838c606ca1ea5823eb2d59170a246da5b740f4a6fe6a3c883c98fa95bcce7965bfe175a3fddc6abaca986

Download Submit