52a982499ddd816f9f159974066ba26437b08475fcf6b4efb1ca9820743b4599

Analysis

max time kernel
145s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
02/06/2024, 23:36

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8fd37b2a7e550de27265def781d874a8_JaffaCakes118.html
Size

25KB
MD5

8fd37b2a7e550de27265def781d874a8
SHA1

3ee7fd587824fa668401a0898a1eacf956274727
SHA256

52a982499ddd816f9f159974066ba26437b08475fcf6b4efb1ca9820743b4599
SHA512

3e8e2a55b29511d121703b71bea553a52b1310f2dede3726c396c12d98116c38791a63a9bf277882331624c1f977d96179bbf734763845cf668b595856a17d8a
SSDEEP

768:aOPtZRsV2+64kPENb8JZYDN4n+Gy1JlcmVaq12M1Z5myF:aO1ZRsV2+64k8F8JyN4ndoZPF

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4088	msedge.exe
4088	msedge.exe
5080	msedge.exe
5080	msedge.exe
4500	identity_helper.exe
4500	identity_helper.exe
404	msedge.exe
404	msedge.exe
404	msedge.exe
404	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5080 wrote to memory of 1512	5080	msedge.exe	83
PID 5080 wrote to memory of 1512	5080	msedge.exe	83
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4864	5080	msedge.exe	84
PID 5080 wrote to memory of 4088	5080	msedge.exe	85
PID 5080 wrote to memory of 4088	5080	msedge.exe	85
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86
PID 5080 wrote to memory of 3244	5080	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8fd37b2a7e550de27265def781d874a8_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffd7e046f8,0x7fffd7e04708,0x7fffd7e04718
  2⤵
  PID:1512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
  2⤵
  PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:4192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:2328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1048 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:2156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
  2⤵
  PID:2080
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5868 /prefetch:8
  2⤵
  PID:1596
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5868 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
  2⤵
  PID:4560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:2816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
  2⤵
  PID:3472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2984 /prefetch:1
  2⤵
  PID:2756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,3777202640406325788,9788203545254864704,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4628 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:404

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1436

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3972

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f61fa5143fe872d1d8f1e9f8dc6544f9

SHA1
df44bab94d7388fb38c63085ec4db80cfc5eb009

SHA256
284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64

SHA512
971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
87f7abeb82600e1e640b843ad50fe0a1

SHA1
045bbada3f23fc59941bf7d0210fb160cb78ae87

SHA256
b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262

SHA512
ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
ca29bcd0938c3ff4c3ebc0708a9547ab

SHA1
06cc3e3ecf3a815511a4487d0e79b3a6b5372959

SHA256
b22b000c6dcf6ff2c4276ecd7041c0688f9516cbc9bab94ae7dc6fd851407b32

SHA512
fa5dfd7d0ca3e721e0388b64a398bbc5df234708beed611747980f9affd660b7c3fc4a35615063f41bb516a436c7182c225512f3d8f401278841d040a7179d4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
523B

MD5
85a42ff76af4aae2134f79b242d91e69

SHA1
87a802f01aa27d6bfc528f78178198936f9f531f

SHA256
277b772a8dc83cd3af703a0e19d7bbc0dc7673cce9db264ec5862fbf25bebc2b

SHA512
03b7752b3dbf8cae2ec1c76cc85108bfe404cc7446777fb367bb384f2802e2afab608572d4062b2cf2f7085df57d3066b103f6bbbfb8674092b1a5b218ed9b63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9a72e48d4127ee63f23223b4ffb6b44e

SHA1
9f15c16dad23e265a5afcecebec36370a985e062

SHA256
d6168e9e4caaebf0f95a28e4d9ec6fc89d9472c03ffa01212956f1f82530573c

SHA512
99244c3a79d9df7f8c0d0fd8b997bd101378385df8883e9fdcccdfa11de4dfd09e90d1a74963a3ca6fb345622a43d31ae90e8038f3cc84ddc26b688f15454ed8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
856d5b9d6b16e02fdf6a568c797451d8

SHA1
27f2e67f29614b3b0c875e556bb42bffbad52e8b

SHA256
b2dbb042e15d9c68e05738d8dba47e9dedd8836ad590f10107b0638981a8c4b6

SHA512
f4446c5cdfef285ee5fbf02c31489086d7ca0bc5568ca1065294d9e296d721656e0e50919bf2594fc6b525b2aa9a665d666f08e3907b997c379cabd75eb52490

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
af600bcf8c83aec66221fb836e0ae5c8

SHA1
5c6e370dc5df87d9bff57bd5a1ba4c811c4b37bb

SHA256
3bad4e65aae7eab2476d155fe8a28f7b77d9afe8fd0e4b8ade5fe1c2471cda17

SHA512
aacc7ef452acb90823284410c81d65f336cd51b2e31c0abcd6c0e2fce03beb52c83d1078087f903e05230db357d2337e1edc19a219dbc5ac87766c9a23f05827

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
2529d31a7fb04915784593751eff7ea3

SHA1
332d147d3048a428890f00165c6ee7179a731196

SHA256
d009567ca71b97320c0c61ada51872ad702637da02c8cafc9251c0c1224c5012

SHA512
be6afeedc18574939d7601e6111c47f3bf807a14b2774682f52267270fab1a7497cec3aa11749938c05dd44d5a346f8188e0bbb6872d33454ca0662d200fdc64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
896aa97d2a21d90d3885cde331281917

SHA1
6cb149359e4eceacb62ba905a4eff06a61837d10

SHA256
0889288f10ef9c1dffa664ca7be58a31fc5953e2dffb105f4fd7118c53836a3a

SHA512
34a7350e314957e2c112ced8e453f2d431c412aa5737ace31ade627c7de34c21f6632ef2fdc110fdc75f7e9602aa10196dfeec892f63a545db4781b064d52950

Download Submit