Overview

overview

6

Static

static

1

95c2aa2276...8.html

windows7-x64

6

95c2aa2276...8.html

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-06-2024 17:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    95c2aa2276f5d977013f4d2a7d091da5_JaffaCakes118.html

  • Size

    139KB

  • MD5

    95c2aa2276f5d977013f4d2a7d091da5

  • SHA1

    68de08ae91cdbd599dc21f61625c50aea16d63d8

  • SHA256

    7600e3bcafca222dc28b073e0f89e9d597699254e0fb09eeeaa41ffc587e1ac3

  • SHA512

    f209865f014e0fa56963d4cc43f5fc700116cd6fbfba52b0b89592a7fea31a4bfeba14876921eaf7f49313f7a92a0d93aab97e6a042d5e2e83f917a159546b1e

  • SSDEEP

    1536:2EFwEziO+TImnBQ7qr/PAWvJgdElpM9eOZPDmLejBL1iDiuO48n0Y5uxs6r1:v/WId7qrXFNM9eO5eO1WGx0Y5iZ

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\95c2aa2276f5d977013f4d2a7d091da5_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1780
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb2e0646f8,0x7ffb2e064708,0x7ffb2e064718
      2⤵
        PID:1892
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1880 /prefetch:2
        2⤵
          PID:2988
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:828
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8
          2⤵
            PID:3076
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
            2⤵
              PID:3092
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
              2⤵
                PID:4764
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
                2⤵
                  PID:3736
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
                  2⤵
                    PID:1628
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
                    2⤵
                      PID:2812
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
                      2⤵
                        PID:4872
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
                        2⤵
                          PID:3248
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
                          2⤵
                            PID:880
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
                            2⤵
                              PID:3664
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4296 /prefetch:1
                              2⤵
                                PID:3284
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
                                2⤵
                                  PID:2212
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6868 /prefetch:1
                                  2⤵
                                    PID:3604
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2036 /prefetch:1
                                    2⤵
                                      PID:4476
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
                                      2⤵
                                        PID:1360
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7996 /prefetch:8
                                        2⤵
                                          PID:4620
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7996 /prefetch:8
                                          2⤵
                                          • Suspicious behavior: EnumeratesProcesses
                                          PID:4032
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7216 /prefetch:1
                                          2⤵
                                            PID:4908
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:1
                                            2⤵
                                              PID:5008
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
                                              2⤵
                                                PID:2992
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
                                                2⤵
                                                  PID:2760
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,8790326007993038056,1200901699064817349,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5932 /prefetch:2
                                                  2⤵
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  PID:2356
                                              • C:\Windows\System32\CompPkgSrv.exe
                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                1⤵
                                                  PID:4840
                                                • C:\Windows\System32\CompPkgSrv.exe
                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                  1⤵
                                                    PID:3080

                                                  Network

                                                  MITRE ATT&CK Enterprise v15

                                                  Replay Monitor

                                                  Loading Replay Monitor...

                                                  Downloads

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                    Filesize

                                                    152B

                                                    MD5

                                                    2daa93382bba07cbc40af372d30ec576

                                                    SHA1

                                                    c5e709dc3e2e4df2ff841fbde3e30170e7428a94

                                                    SHA256

                                                    1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

                                                    SHA512

                                                    65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                    Filesize

                                                    152B

                                                    MD5

                                                    ecdc2754d7d2ae862272153aa9b9ca6e

                                                    SHA1

                                                    c19bed1c6e1c998b9fa93298639ad7961339147d

                                                    SHA256

                                                    a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

                                                    SHA512

                                                    cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
                                                    Filesize

                                                    44KB

                                                    MD5

                                                    23536ccfe05b737ae639fe63ee4cc435

                                                    SHA1

                                                    6d2e9822835dc3e6117a4d2addfc8f241fbdbc82

                                                    SHA256

                                                    6ae9edfc411ede03661a3d910fafddab3d6b313d1f4668dc8c5a84c5ab23a3ce

                                                    SHA512

                                                    f416e36b2322bbebd211fd1ea69c88883f00c7b00f14474a5fcce4a408840c0d1b0304eb8941509a38157d0583485f638959eb7d5b9ae668aa88c1d3eee8dd0d

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                    Filesize

                                                    216B

                                                    MD5

                                                    20db7f926f687e52236a8cb20c5b1f18

                                                    SHA1

                                                    38cdc8f8a73ea055038b4f7de10945b9a817390e

                                                    SHA256

                                                    8904d2d41412323cfa8298db5cc1b4499e32a66a56a3269a1781952f7b594f87

                                                    SHA512

                                                    c5f671da8d97774f73578ece1abfc9f605f90ad99da91f22079bc6fa3ad918af13835483ff478caa2fac83d820d465ef83181541328f385d9fba561d51645742

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                    Filesize

                                                    96B

                                                    MD5

                                                    f36880a05aba00ac2f008abc2e13a6c2

                                                    SHA1

                                                    c5060e316a4a86ff185774ad5eb356899201c7af

                                                    SHA256

                                                    1d3efaa99f02b82b8b8e5d1c867c74411820070f09f68a198bd0d8a3b5f63d76

                                                    SHA512

                                                    13bb41e0c1f84aa845dc7fa02c5a91e72e3bb26a02ed99a0e6ff2c5138f69664e94bb4a5634d61382d7076ef6be4fd3129d91fa8989b71710f4ecd82584650f2

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                    Filesize

                                                    192B

                                                    MD5

                                                    673a8fc89624c480282f27c6eb7d3eb9

                                                    SHA1

                                                    2efb9590b7dff74ca94f101a43bb56daec37951f

                                                    SHA256

                                                    1da343e600789bcfc753bdc0f23edf35a4b7e9ce253b685d2a55bd775af6ce5e

                                                    SHA512

                                                    c7c8e508659964284369d05199dd4c43d26d429f8422c133605de0dfd846d9f6bdc2044ac2ea5598941e98d4c130c2bc72c29b5bef388ccc02a45ec800c52301

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                    Filesize

                                                    3KB

                                                    MD5

                                                    5132990299eb8fbfbc8bea7e398e6518

                                                    SHA1

                                                    74459ae5ff7ecf9846ee1e419b1fd725097f4722

                                                    SHA256

                                                    83ecd5ada502cd970afacd2fb20a8c39df2ae565593ae9ad60252eb46b7e5b9b

                                                    SHA512

                                                    2d6402694fa15a92fa67a564940ac607dd2dcdbb759fefcd7b62b7628e25070499e3d8e7fb6723d36007a2db9e5bddcf1afb341638e4530df744efe066077e52

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                    Filesize

                                                    5KB

                                                    MD5

                                                    886978da59f9a5b53f57af930fb15b4e

                                                    SHA1

                                                    a6d53e51a1692d7336d36cd12ffaebcc86893f0e

                                                    SHA256

                                                    eaf1d5362a568d6a5f690b7090dd0127ade3be1f61915adbeebff9e55312ca55

                                                    SHA512

                                                    d076074d63cba0a5f43a69e1769f104032ca0f18a18dfdb0beee820e0f45055b9472c5c554ff2f201c6941dde9aaa516c38dee1458bcaee938081c0a75c4c634

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                    Filesize

                                                    7KB

                                                    MD5

                                                    3dd101f8399ab33e2ffb5b14234c8300

                                                    SHA1

                                                    b6876f1e39bc93b9788e2df999505368ecd38711

                                                    SHA256

                                                    bed7652366f0486d5003f5f65a0632ecbe4817cbbb20985419927c35fb6d7fbb

                                                    SHA512

                                                    645bdb7e11edf10f6c6384ad6ab053552dab41cf04c68c249682566d87f99b55e521c4849818d74c2b4c92bba3bd6fd7b9d112b085fadc4ee341740d844580b2

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                    Filesize

                                                    8KB

                                                    MD5

                                                    a3f3ccaecc471e4dde0fb95806f54a7e

                                                    SHA1

                                                    edad78f8d9107d01641f349aba0566c9776e4ddc

                                                    SHA256

                                                    64317f3afa30684a35ebfdee743b25fe3b7ea9a5081d2f3804452a99308755c5

                                                    SHA512

                                                    39fed987b47392eebb233f54001abb8543fbf9606e99b9be52bb24447a3099b7e41b22445ddf9356f1cc65f0e7f8ffd9c55c2e8935d5829b7fac19a5efed628c

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                    Filesize

                                                    8KB

                                                    MD5

                                                    c7f7726a8aea77bf0520085aa5b866dc

                                                    SHA1

                                                    be45bd68dcf9fd6efe1c7f4574e9f71ae10ca236

                                                    SHA256

                                                    6f143d93f70ac5e5514714e9de4128b209851732d0fa9501c71053a037b4c103

                                                    SHA512

                                                    78e89eaeff345ce6c8741d1962f97a743fb4fbf7241e3caf2e652a0334cadd3a9d23fcfec1b2ebd750752add93e903e3b2f1d1214b0f73f6c35737b166967f15

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                    Filesize

                                                    1KB

                                                    MD5

                                                    9eba9ca6b3108fdf1174d3fd46365d7a

                                                    SHA1

                                                    d50cc62ccddab9e8d56ca6dba587ec781d208852

                                                    SHA256

                                                    6047f5fe9406f0cda04c226c2d0774ea46daff8361f9e1471519766a72e69f7f

                                                    SHA512

                                                    62270b203ac7e5239119d5733dde12160cc59bcae398d4411918e1e8b6d0b18930b42e1129f3142b922addfe342034c9a47edd85c77e8d60e7c0ac8906d7775f

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57bfc6.TMP
                                                    Filesize

                                                    872B

                                                    MD5

                                                    3fe4ca7860a8aa429372564ad4e97c97

                                                    SHA1

                                                    96c207617ca95a297bf7504e69e5d3777590c595

                                                    SHA256

                                                    d22ed04721102469585eb0edbb50ee905c3314125ce320035d5e95a61122f8d1

                                                    SHA512

                                                    3574d2761f031e317097267a27e6c00e063c92ea695baf855dcfe0066525ed5d62ba02c42528adfbcc1d14b22e8dd6f9d91465f331ea834592e2fa7674b50c38

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                    Filesize

                                                    16B

                                                    MD5

                                                    6752a1d65b201c13b62ea44016eb221f

                                                    SHA1

                                                    58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                    SHA256

                                                    0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                    SHA512

                                                    9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                    Filesize

                                                    10KB

                                                    MD5

                                                    f408a539a814ba741f0577a830e56977

                                                    SHA1

                                                    0a206dfc933d761936b41c168358a7c22524fd4a

                                                    SHA256

                                                    73d168a722a1ba9817cce4dc4d76a709f03e11da35d0a29dffbb7d95bd7032c6

                                                    SHA512

                                                    2b3cbcb3f2ddb6e66472138eafd160e05f09c6a5fffb098d4d2562915c899d9268efc1a98b2a9a2069837d537b71eb0e479deecda358b32535b19b5f80318bba

                                                    Download Submit