ec05180ce2fbfa37f3fe551255cfc76f332b0da671654179ff260125e3e59586

Analysis

max time kernel
148s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
02-06-2024 05:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8cfabaa8ce7a8524974c99a5f5912157_JaffaCakes118.html
Size

37KB
MD5

8cfabaa8ce7a8524974c99a5f5912157
SHA1

cc8805e4999c5734ba2e109ace7944c050573d07
SHA256

ec05180ce2fbfa37f3fe551255cfc76f332b0da671654179ff260125e3e59586
SHA512

5fe4dfebd9450654e73db7e103fd087094821294567836feb5ecc43deb09d3f8ac999ad33efded02d2f2203cf071fd7753d78a5c89a3659d82d55e51c3d050da
SSDEEP

768:zVMac8RO74Jch8gJXCBHUlKm3Z+AlRaUg6ugqjapPPFBesCUly0BsK:zVMacCu40hXCx4Km3Z+AlRaUg6ugqj67

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2564	msedge.exe
2564	msedge.exe
4900	msedge.exe
4900	msedge.exe
1464	msedge.exe
1464	msedge.exe
1464	msedge.exe
1464	msedge.exe
2648	identity_helper.exe
2648	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4900 wrote to memory of 1660	4900	msedge.exe	82
PID 4900 wrote to memory of 1660	4900	msedge.exe	82
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2388	4900	msedge.exe	83
PID 4900 wrote to memory of 2564	4900	msedge.exe	84
PID 4900 wrote to memory of 2564	4900	msedge.exe	84
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85
PID 4900 wrote to memory of 3932	4900	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8cfabaa8ce7a8524974c99a5f5912157_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8fd0746f8,0x7ff8fd074708,0x7ff8fd074718
  2⤵
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:2388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:3932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1296 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
  2⤵
  PID:2080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1264 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1464
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5368 /prefetch:8
  2⤵
  PID:4248
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5368 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
  2⤵
  PID:924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
  2⤵
  PID:1288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1
  2⤵
  PID:1184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,12139397496638580699,11038461397328327978,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4548 /prefetch:1
  2⤵
  PID:2396

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4868

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2716

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
883ba22a1e01c8071170d2dd11710b6c

SHA1
f85d88c5fcee5e2c78dd275c45a94d0b4f2410f3

SHA256
5431d85d94b03a640f5a1bc562035b18d20c9661ec2379ce64a0beab6e92fc79

SHA512
6d77049b3c345a503bfbfb61510a0bce3668603728d9454f6b668ab98add0f40603214def2d85ed1f0ea1416806e97dbeea4bd692b453155f26438aaaa26533d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
342B

MD5
5ce8546e0119b259e1abad75742f4964

SHA1
d5807fbfbaf118faf45dcc40a9f3a9be8c0e9793

SHA256
70cdbf70713eab6dc7681ee1cab998e06ff775b6d99ed5c495d7224375739322

SHA512
17dd8e7902b70436f5e2bdc45ba6fc6826f3cbbe17239895f5f67c6f6d62c56f99dbe02fa4ebe1593912db54dcacff0a9d71113f4b64272d4e220c0e18afb764

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
411B

MD5
251579df10d3652b7fd09bc8a98c7bba

SHA1
07130e08489d093873d3237502227bf71e42c9f1

SHA256
b96e0b55e5aa2ff5404579e483ed7e21e941018c9cd2b8682bf5979a00f66bc1

SHA512
8a69140b21a1a33eccd56ac344a91a996d96d1463195aa2200b04e88f40da6a4d39c9f1b92bc3f36af68e987d740b8f3fd40a813abb1c3b3b21455e3e0dc2ae0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
5c00fd90dd92c9a0c16de785d962dde2

SHA1
7f9e7d0ea2d95a6bf2df3001c8cfab66ba0d0563

SHA256
0362a5d0d9fe7a6ee97f5e071039e39cdcc4077428b0e6ab8fa27528b97e0789

SHA512
46a2edad2472fe2572d6333e515c4a59a7df738aeb66820ba0389d65eeb10858673a6d1558a81e6dc8b7dd60a194636a779d80eb1e2af5e06551ea6345d1238f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f10adee874595b1c87e761542556b36d

SHA1
4e824322287729523b3bf98a3214424de2191039

SHA256
79f4aa82bf560e77b0a76edf1865a686a833eb706938ac9fe5a03f2f15aff92a

SHA512
cbed0fc7aca0970edb000f507aaf050b79e97bff3beb604233129adc036c07ac4deb0ebc8aff2172850ca9b3a5d5c002e4035917d7cae4639b5e81ae8a84ff51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9d2ba09181cfac7c83f65f8978bd73b5

SHA1
fc5c44ebc7d5ce92e8ad1113e3d735d5ec4f3ef7

SHA256
1c155ccedebe86ab938e221b984b1ddfea80d20d268326219b0c4862d662b296

SHA512
2443d3bb4dbcf14d90d33585e91295387d68ae17a6ff5ff613c710047e373f65a6cab6eed3e0b0137f8a4342d26f616ca772d9fd6fef5b52731287b2a34a21ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0a5392e9bb9c25fd6a3e55ee3eac5117

SHA1
f5d637e505d0210014c0af57391547e52f2b3efa

SHA256
d4b36a149aebdf65be31713db1b2765f88262abe4c6836de72e50588ea68c133

SHA512
19706cc81f1093e12c58431dcf75675d93c1b940ab5b10e715abe2ae7bf03eac845b032795f39deae1fb3e5277d4477f7af86d244099d088425ed66690300dcc

Download Submit