fa8550e5732ebdc7fb79d0fc9ff7ac2d4b7cdae803e09c15fc128e81e28416d7

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03/06/2024, 14:58

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

92312e72501b392f2337b6fdd7bf3ee1_JaffaCakes118.html
Size

104KB
MD5

92312e72501b392f2337b6fdd7bf3ee1
SHA1

33cec3c232a34e746db962f2f4b7f34d14bc4942
SHA256

fa8550e5732ebdc7fb79d0fc9ff7ac2d4b7cdae803e09c15fc128e81e28416d7
SHA512

05d5a7e0d2675b537992c6cf75ec1c2daa86fcae6f48d11683868b878bf5479f1d2e5efc88162df2351195d517d10b5f31d0f4ebeb39103927e25024ba0e119e
SSDEEP

1536:fPswB920H49BIJ0q3tUykZ0ouCYrgOwftGOLGThGyRBKdTlSoaUX/sHuZW:f200cUrZ0oFwg9AOJBMHj

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3076	msedge.exe
3076	msedge.exe
2228	msedge.exe
2228	msedge.exe
1232	identity_helper.exe
1232	identity_helper.exe
2480	msedge.exe
2480	msedge.exe
2480	msedge.exe
2480	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe
2228	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2228 wrote to memory of 3260	2228	msedge.exe	84
PID 2228 wrote to memory of 3260	2228	msedge.exe	84
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3552	2228	msedge.exe	85
PID 2228 wrote to memory of 3076	2228	msedge.exe	86
PID 2228 wrote to memory of 3076	2228	msedge.exe	86
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87
PID 2228 wrote to memory of 4864	2228	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\92312e72501b392f2337b6fdd7bf3ee1_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8f40f46f8,0x7ff8f40f4708,0x7ff8f40f4718
  2⤵
  PID:3260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:3552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2524 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2732 /prefetch:8
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:1292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:4764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:1356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
  2⤵
  PID:3656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4496 /prefetch:1
  2⤵
  PID:3472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:4984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:2752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6336 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1
  2⤵
  PID:1932
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6844 /prefetch:8
  2⤵
  PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6844 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4504 /prefetch:1
  2⤵
  PID:2772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,12801471093055975068,6605713823471682758,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1876 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2480

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2664

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2008

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
44KB

MD5
23536ccfe05b737ae639fe63ee4cc435

SHA1
6d2e9822835dc3e6117a4d2addfc8f241fbdbc82

SHA256
6ae9edfc411ede03661a3d910fafddab3d6b313d1f4668dc8c5a84c5ab23a3ce

SHA512
f416e36b2322bbebd211fd1ea69c88883f00c7b00f14474a5fcce4a408840c0d1b0304eb8941509a38157d0583485f638959eb7d5b9ae668aa88c1d3eee8dd0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
a54cce6ad6890258de79b7832d218749

SHA1
94fd8a58cd37b7d2cd272674b34209815d75ae67

SHA256
402918d6bd8e0f269c96e8a523c31dc8f4a9b3e64e70df2327943e1f4139700f

SHA512
142b2e2297ff1b8f00f1d4d5a3909f22ff90da232652999520111919cee91b97c763bb4e5f71a2bc4a4fc75b88395ff3e665d4271e5a4c6d9cb7a51e41483bb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
f1672e94f5673b6882cf6040ed7e8af0

SHA1
666cb9f028eaf9fd35abdf20786c858c0a6fc452

SHA256
d05e68a7e5770ced5749dd1f69f285d7cc7a1c978620a2c3b28834127954393c

SHA512
cffcd7fa9052c3b1964473e90e934a039a0bfeae01bbd8aef447091df6870ff76ba066517198a27a5f1c9f25e32cd0b4d5a323100784e29136ac38568a4e54e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
7ded3547420ff108787a37f3ea426b8c

SHA1
58f34a4c1aa88d8ec56f995e3d466da345bc5d77

SHA256
caac94fd5c45bc2877fd150f997bb99359556d6591f525c6faf7846e501b0e05

SHA512
d5033a410d2a24bd49b1c735a1cbab97bed9807fc967b20d431ed53640036002391f5837ae7e15a5ce7ccb3437a9c6d24c60746bd08eea35be93eab08ddfbc5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
fb6d1ff4bb49dc8294712eb48c504c65

SHA1
d1c13444ea7acd791501040e961f040c21c7303f

SHA256
8dbd274604d3dfb4e1b7fa1a3b429b0b40e9492fa8a135e4c858edd28f32855f

SHA512
a3d359796f90e4bad2b2fc767e500be3e70e15a83ef52a3bf887073016c89d903d4534a1bc8124bd739074cfbd14531113a9f1e95094a8961ddbc45434c49359

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0d2e129901d7bf87c9af70d35b42e0b9

SHA1
14ef9fd7b47f7a5892d64c9896286382f3092b1f

SHA256
10c7a3bc10799144c257b4282516a906e6374fa467cb3f98ae11d11c556c880d

SHA512
ebf8e2c1ef8b51e91d261de6deba5fac878ad8f76770e1a805e35b2df69a0992d7da1edfb4a79cf2d152b8519adda41dfd913d2fb9591784276d63b7fb42ca2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e64c8c8b09288484919ca9b5ad4187f9

SHA1
af1f3a0084ed5ed58817fa8289e4ef552ac617c6

SHA256
40ff6169aa8c0bd40504807c1235d4c17da40132c58d6dd49505994d8937ac93

SHA512
e486c7f7147d5d867fca32949a56feddd596a45770962c03803abdcd5b00362a74003bd0b8656d06810a623f192c9cdec6b6501eb17d046dbe80a27c6a42f3c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5ced286fd7252ee27c38f47e19798978

SHA1
644e7b5702a995af9c796a1a10f44da0956dbc3e

SHA256
f42174612e31851deebffd995bd738aa6cd4d3d046993de1d1b140de9ae046ed

SHA512
78c7bf3584a9b24425c90eb03ff0851f94454666afe1394d0f8a219053662755df508640dbe1b19e9d336585ba49803d1479ca52d95ce0358d4e7422e469e368

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1e680b5e05752f0951a3924f7d4e96ba

SHA1
9359ad6217c83939febdfb76b43e865dc9631418

SHA256
38179e491695d9974352175df48c2a77fdd12e1a809bac9299b41713743da506

SHA512
8152bc1dd4903b8db00145d76aafaae59d04f6a02670c40f71e15781ca36d129de2f177237138d9e2384cee12e8ac5a7df1a09e2101e021c670e6593c61c1fcb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
871B

MD5
549efd202a3dc071bcb5c943e5639104

SHA1
dcb7afbe953771490bdf6dfe93fc297e7b710d66

SHA256
21eee6aadd9b2d225c09fcb8d54b9b1d7e50bf3b27f957bc886330a6e1db532b

SHA512
6d184dc6f4c362dcdcdab9e2b7b8bc125453db493b9e935405d62f86a4b2f9121fb8ac95281d31f986a6e7554a9200c79a30ad21bf48517310674a6494ae1d86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
eeafaa3148f8c808007545b6cca14282

SHA1
7a34a5647e6d69258ff3ead85206ee6a34da20b1

SHA256
a92bd23dd352c20695e19b83e2398f9edd19da3c8a1685c055666b574c347be1

SHA512
8ce56392e1c0db67e2ae074ad23873fbb5f0892a91568c52779be4ef1d5c60cb9b50dd70705a89abc6e2ec82896ecb5e8fa8454b54bd3443e47f4721a9caf378

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cb3f.TMP

Filesize
203B

MD5
6500186358dea7e255b546279d94aeb6

SHA1
91d218a29aa8bddfb409f5caec83bedaef8f9106

SHA256
9bf48abedb213ad16aabd08d22de8abed1fe49d66d85ac5d05adfb2f055b815a

SHA512
a9f86b6aee7d60d6532d2f712851ab521d98ae709754a80018f20158ee171d858408c7b5b9ed65bcc1d2c36db98634893ccd87ad5c42451ed83c8620471496d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
35d7b4be80425d91671b4899f29c2b2c

SHA1
72ac255915922968553e961dd6d7438ca3c0232c

SHA256
bead16f20b79affc358ccb9000c69c708679001242039374ee233fbeb16c7c06

SHA512
a9814dfdbcc14d2f4472b83575a99662f0244561c7654b2566c99964d944136b9c85fdef3885bed9477e32868b22589be773fb4c4ff7e31747257af6c96f71c1

Download Submit