948c355d8e57624420c08f9843e36cc2ece276460e2ddc275c059551fd9a37da

Analysis

max time kernel
145s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03/06/2024, 04:15

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

90803bd66922bc70ae9fe41fd2ece4ad_JaffaCakes118.html
Size

70KB
MD5

90803bd66922bc70ae9fe41fd2ece4ad
SHA1

08f733bb65c8c5b9bedf66b1a84dc3020f4cfd17
SHA256

948c355d8e57624420c08f9843e36cc2ece276460e2ddc275c059551fd9a37da
SHA512

1bcda2675a04e6a3d261438ce32767432a061f3fdeb2510d018cfc0cc7bb7f93b9381e3a2f054eb6dd55a1f3a6ba8b762d52c6560f8dd85baa362c70a416217d
SSDEEP

1536:YTupBZ414pxuTHJ1RXRBFJMhJuQ0mdrQ0ylvJ7xfLTp:BpBZM4px81RAMQzM0ONLTp

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
452	msedge.exe
452	msedge.exe
960	msedge.exe
960	msedge.exe
4964	identity_helper.exe
4964	identity_helper.exe
436	msedge.exe
436	msedge.exe
436	msedge.exe
436	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 960 wrote to memory of 4904	960	msedge.exe	83
PID 960 wrote to memory of 4904	960	msedge.exe	83
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 4136	960	msedge.exe	84
PID 960 wrote to memory of 452	960	msedge.exe	85
PID 960 wrote to memory of 452	960	msedge.exe	85
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86
PID 960 wrote to memory of 1180	960	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\90803bd66922bc70ae9fe41fd2ece4ad_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffde42446f8,0x7ffde4244708,0x7ffde4244718
  2⤵
  PID:4904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
  2⤵
  PID:4136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
  2⤵
  PID:1180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:2708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:2672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
  2⤵
  PID:2428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
  2⤵
  PID:2232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:2360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
  2⤵
  PID:3940
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6372 /prefetch:8
  2⤵
  PID:3664
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6372 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
  2⤵
  PID:592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1
  2⤵
  PID:2112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,17580082615909680565,8226490958931200515,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4620 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:436

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2124

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2768

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
328B

MD5
cfe198f15d46afb8b45ad0520788956c

SHA1
c5ab2538bdc1e612a9e606d4d501d5e9fc24d028

SHA256
5683a4246f054d094680df3a1ecdc33c0ee231fc16bb7e6b586d18b53674f0c5

SHA512
ddc408dfada8b921541a14145a9b28e046f369115ae80f419af26e08f27bb691e738a74a40e06a3cba919f5a065016e09f8ae9b72ff61ba1ea16c7299ded84f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f61fa5143fe872d1d8f1e9f8dc6544f9

SHA1
df44bab94d7388fb38c63085ec4db80cfc5eb009

SHA256
284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64

SHA512
971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
87f7abeb82600e1e640b843ad50fe0a1

SHA1
045bbada3f23fc59941bf7d0210fb160cb78ae87

SHA256
b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262

SHA512
ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
44KB

MD5
23536ccfe05b737ae639fe63ee4cc435

SHA1
6d2e9822835dc3e6117a4d2addfc8f241fbdbc82

SHA256
6ae9edfc411ede03661a3d910fafddab3d6b313d1f4668dc8c5a84c5ab23a3ce

SHA512
f416e36b2322bbebd211fd1ea69c88883f00c7b00f14474a5fcce4a408840c0d1b0304eb8941509a38157d0583485f638959eb7d5b9ae668aa88c1d3eee8dd0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
07d616d13ee3ab75c8a0a4f97475eb7d

SHA1
f80ccde340c5ac295944ed909fb0468e59a02d99

SHA256
d9264dfeb4a0a370a35164810557f047eed296e45f309ebf5b5a374ad4608a16

SHA512
7527da8b91d487cc9670e5560b28d88192c634457609ffac234820e239c6db741980252eaa67b8a3f490cbbf64389d904d220f13b6bcb2a0ce7751e7c07bbc3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5705ba1156638eaba2295822c7e5cc67

SHA1
ee8cb247552b36cc82399706c33dca4366329b4b

SHA256
25e3bdf6b9bbf4918b4405e5eef1a95b5203f29cdd8840e8a014e38265a58044

SHA512
86c1f83d75d79ecdadbb6d20fe3fb5fe4316961e4c181c0088de2be7553f607b1117601abbb09055c28288066fb0f7d585df453e126f202ca0cbe46aac97cad5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
1be55285fb9e4d95199cfb8426c8d2d8

SHA1
3b82560ce722eff73907eab856ca96cadf6d495b

SHA256
e95307f618e2f6709b1f4f911f266f38c8ffd23e9046c4b91145421cf752328f

SHA512
0823149f9ff6db561529852795bd922e5eb7e270a8e4e1f1503d38fb81e2cfc543272d4d29e5845727214f503845adf856681f7de6537d98bd56302c9eb7f573

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0330bd2f1446b8b06fe38a8d911cc966

SHA1
ee7c1a94f4564ec72b0fb3260ef491b16fe9c87d

SHA256
a5783ab85b57ea87a02922c6848473c6c2547609ed75cc4b80d86e165aba6da8

SHA512
834c0938b3d079321cf27f5ef03e391c85b001aac7b59318c9725ff0c86d87e560761308250bb635be4704a93c2ee97c31cd42346a8bb894ac5a90a665734757

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a177fca88c92d2514f9087a72937b91e

SHA1
eee41c0b019587db3eb795f096cc667d8805c745

SHA256
20db613c478479aeffd44225f7fb05d65ed12def110da8a1894abdd051253e64

SHA512
a238620ec35f986ebb1ba1d36a0429a8c9b7fdb87d8f161568037b833cc43fa1d2dea4e14422956f8f1219d05de2d9487bdeba5a20bfb0e82d1d8ae170dbb54f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7e30e4cfaa1bc909746441e2b1facd0a

SHA1
b43ed78ec379724f93606e5df979e95a34eac72f

SHA256
763ab660c070a15b14090729f81d3b811670f8ba153ef274608c014ce54e6770

SHA512
7c437a97437ff96877bc13efedb5aa9a28ee39c3cc5fffea3dbb99e346f661330c3548396973e831b12a33575019b48040b782839b943e6630078f64bbafb8b0

Download Submit