884414f7d11fe1805214b5ff03aec115454f1345083ceffea58581c82693dfcf

Analysis

max time kernel
150s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
03/06/2024, 03:34

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

906926110f0f3706f34efb60d878eadf_JaffaCakes118.html
Size

96KB
MD5

906926110f0f3706f34efb60d878eadf
SHA1

b22922d1c8a49d3efb39251584727d8bea455797
SHA256

884414f7d11fe1805214b5ff03aec115454f1345083ceffea58581c82693dfcf
SHA512

f05a752ec9a6f771f06763235a00228322cad46b35f2aa2929d90a5ded306bf7e59e76081eee4f747c98b510fba07d0316a70ac6b0c01d98bdc982547a6d52b2
SSDEEP

1536:SIq0dfIh569n1Tq2VbG2zpQSaoQJ2etTFldcb3WV2NwM9D2xCURqqPPxgz0ghNxs:zx1OSA+9IPxg4geefR9Dt+JbiQp

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4572	msedge.exe
4572	msedge.exe
2796	msedge.exe
2796	msedge.exe
4920	identity_helper.exe
4920	identity_helper.exe
2600	msedge.exe
2600	msedge.exe
2600	msedge.exe
2600	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2796 wrote to memory of 4908	2796	msedge.exe	83
PID 2796 wrote to memory of 4908	2796	msedge.exe	83
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 392	2796	msedge.exe	85
PID 2796 wrote to memory of 4572	2796	msedge.exe	86
PID 2796 wrote to memory of 4572	2796	msedge.exe	86
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87
PID 2796 wrote to memory of 2208	2796	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\906926110f0f3706f34efb60d878eadf_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffffc5d46f8,0x7ffffc5d4708,0x7ffffc5d4718
  2⤵
  PID:4908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:2280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:4804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1316 /prefetch:8
  2⤵
  PID:776
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1316 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:1312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
  2⤵
  PID:4332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4128 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
  2⤵
  PID:1632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,2908394223355312450,5403219599496641149,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5824 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2600

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2292

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4592

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2daa93382bba07cbc40af372d30ec576

SHA1
c5e709dc3e2e4df2ff841fbde3e30170e7428a94

SHA256
1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

SHA512
65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecdc2754d7d2ae862272153aa9b9ca6e

SHA1
c19bed1c6e1c998b9fa93298639ad7961339147d

SHA256
a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

SHA512
cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
8d4e364a1fe64d96e1752e9b86153bbd

SHA1
e2a1c07e9f568232c4a807477f0f4e3ae1b01315

SHA256
60b9b53406ce021627f1938f7550d0eb75b1f31c99daff1678144f7e7cd51a8e

SHA512
5b5292b49cc161aca7f6d56eb89ad0d64304a84fe83812f837c1892d9143f1661c1bcf68ef9275b73a516141b70d5bf5286d17c4d9c2fc45c1922255736edd73

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
471c09e572f882dc7decf0631437d5ac

SHA1
59825ad57dcc070a1d1b29b9ada0e47546e94486

SHA256
c9d3c9c3fc79135593ed0323480e19e6ac352d8f1656590077e26628d1b09da3

SHA512
ec2a47c359b2fd0e06fc0b41f6f047f861348b4c77ede7614825cc483a255776637a01be511af6b6235f5375c6ae5f00fd123a7d018108431607b3bfe92f719a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a09ecdadee4fe4b6f51b72b3d50aff12

SHA1
23d2f6e4540550c5271c1da8a6ff5b9a9dd98e88

SHA256
2267e72fd2d096579a6fdb2bd638d44c7e11fafd5155a53bd10e8e10e0d42f7b

SHA512
85fe35aa410c615acbf021cb24e268de21c139e8e2179303b4a195e3f23c297ae4d3b166e6ec9b0ad90f6e914791a4a3b93b47b1ec6419183d8e5e5be8dac064

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
96d4bb9e5aaeb79c24e752def77be60d

SHA1
ad885f619d7711a08ef0fb094733e9d9bd3d4449

SHA256
4ef32fd6d9451985f677089ad36b9009984c1bdc614fcbe4fe31675ef496cba7

SHA512
fafc09c80f1af2dffa30d43109469047c492e48ccf77c6cc28eb50f026f8bab01ecfd3e79c7e0c0f28b5ff15121d0712f39bef3fdd628952b356271093fd8842

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
162cdad05bbd0bd4267b23cb1d410139

SHA1
1060761edfb8ccafcba1d298c95045299ede3297

SHA256
4f5e3118f3b9715e1b1c4382103b6e71657736e6392c4654e88d1d3a63da6b36

SHA512
16cf1ee05a5d6c381f52604bd800a8e7c2bbfe7f2db5a1c173e92721699affdd3174a389134a88029baae30c5d4aef222effcaa44a978411009a4d3da7ca8da4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
83644842026670f855fa974d359cada8

SHA1
a06d1c0396e97fd7b61d88303827f938eb49839f

SHA256
c55cb099d511cfb200809f4fe3a10c0246fe4646d8da54a50f3f0578ed8073b4

SHA512
9c7415f60250c7b46f1bce0ba0f772e1e8445753f1488e20c60645395042d6ad5b922312bbc4f7c7de3a267d6c27608cd00ecede6f15c770293c740714c04bf0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57adb5.TMP

Filesize
204B

MD5
316b530a7ba044b7407448b94f7af969

SHA1
31da1776315119d2df791e1e2e3fe1a0f281fabd

SHA256
210e991d465574cfc9b9cc5886e4fa78d9acb6b8fa06b0ce4f16e42459a8cbac

SHA512
8c606cc97909bf266e7393f8c863479d15ac2bc0be0de29fbf9310ceb4813a823695f10a1ebc4cc51c7becd1f383e5e79f7439f4333f75ae40b82436fa902069

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5e48cda8b712831e4c8c280264eed07f

SHA1
58f4aa087135b33455022b92f43175846f0efc07

SHA256
8b80d72bfe4267d362de2927314f57da77a1c2418cbeda85d18091fc334b622e

SHA512
e31f91a25da15dc235254dd9f4da44842c672f1564b1c9a0dd31ddf0376ca7b16da7d7b9ca1acbcb27cb98c65923e9d0325b5943f005c612d770ea32e96f7c4c

Download Submit