0fa294ddc2b38ab5b7dd022ff8eeec4b6b7b33aaf4f47f8d8a5328b9645938a8

Analysis

max time kernel
145s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
04/06/2024, 18:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

95d2f807ed1a4541d507df07f51061e0_JaffaCakes118.html
Size

46KB
MD5

95d2f807ed1a4541d507df07f51061e0
SHA1

9fefba6b1a83999b81ad4bd8bf820b32067408cd
SHA256

0fa294ddc2b38ab5b7dd022ff8eeec4b6b7b33aaf4f47f8d8a5328b9645938a8
SHA512

3ada1f3e08e22610a18962e97e5ca678e59d43361f5597cfe61d14d50496d2511e1f78d7d7c4ca023793f8e282938c85a8ac1b379834cf67eb129729e88abf48
SSDEEP

768:EHq02VjyJC4WrwAUtHX3lC5B06TOgeJCXuvSbLUTP:EHq0cjys/ELX3lC5B06uJCXuvSbLUTP

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4860	msedge.exe
4860	msedge.exe
320	msedge.exe
320	msedge.exe
544	identity_helper.exe
544	identity_helper.exe
4516	msedge.exe
4516	msedge.exe
4516	msedge.exe
4516	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe
320	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 320 wrote to memory of 3016	320	msedge.exe	83
PID 320 wrote to memory of 3016	320	msedge.exe	83
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 3648	320	msedge.exe	84
PID 320 wrote to memory of 4860	320	msedge.exe	85
PID 320 wrote to memory of 4860	320	msedge.exe	85
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86
PID 320 wrote to memory of 1912	320	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\95d2f807ed1a4541d507df07f51061e0_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffed41746f8,0x7ffed4174708,0x7ffed4174718
  2⤵
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:3648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2540 /prefetch:8
  2⤵
  PID:1912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:1840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:3656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
  2⤵
  PID:2512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2224 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:1452
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 /prefetch:8
  2⤵
  PID:2464
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2968 /prefetch:1
  2⤵
  PID:208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,4234904384219474155,2207679984860120876,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4516

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4472

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1964

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
23KB

MD5
e1c71f7c04be834f5587230db2ad24b3

SHA1
f3bab9cb99d9f343bf7ed3981aaa7450515d2424

SHA256
9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899

SHA512
205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
36bc66e88bff7600a3c9318e60291ff5

SHA1
98f09ab8162a440bdb95627a5fa8becbc7d2115f

SHA256
155a9426dd225a9a64d63c0bbf7bd5e5bc25ccda1297dedbf39164079dddcc22

SHA512
e39837a4be21cbb9dd093afce4b56161a0bdd7aa05f7669f3978f21a8c943a60c01855b16844cfb1c46c4745dcd7147eaf6334ead69cfd1f6cd94dd7ea94b597

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
91d113f84554d9f7db3aefde83669fa5

SHA1
da84559bf0968e039edc8cb060926b123da1e817

SHA256
0ce503df6c5e110e6496fe9b4e8b37a1e957fd408174ef995daeca7710ed0836

SHA512
d7c903ae90197968a0a9e9e16fd5912639cb1b994d2829be655dff72868c51276393fdcfa1f7d1e5369d2e7807ceffdf35d9416092fc5977255e8744b3148555

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9e8f8bccbad391b8f3dd4c229bbff2f7

SHA1
f19de910f513e388e3fac4e4313e93f0ca4a9be5

SHA256
384ca683dcf5382335addae2b4f7620a5c522414e28ed2b944d12e12130fe8d1

SHA512
cc3a46d8f5807ff70d5c05dad6d8b4b34ec6c6854e1024aca04b18549a134172d76af2ac33251a91c4a121e217e6d08aa260075b291a85b35be171df976f2f9b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0663b618b1d054325dcbf9ebbf3ed1c3

SHA1
6486f9ebe2071205524ef63a13ffe19a6caddc7a

SHA256
fde84dfcbf236cb8db26275716da788a22762fe9eefacd25a15127eacf182747

SHA512
d618e48507187666150cab6aa5926a0bfe484cb73ed73bed1609bae646e65e221ffbaa015ecb99b50772e90ee343b21793f706bc337bc4229bf69a0c75bcad47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f0d106de7df74a12320218b77c157ac2

SHA1
bcd88757174687b645f608027dfef0fd0149e747

SHA256
83d5eb5fea2a68639a5b444e7bd4450ce415f2a2aebb4f0b192103e54042f7b1

SHA512
17c14dad943ab9695e65c3234f0b006a351834172743955b646797b8b058ee24af0ed1371e89d9d05063b3b977c9c3ec472c2bcb459864b0be60a04296710031

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7a6197ff5d1fb30ecd7e9a7dc413e304

SHA1
786b40ad952ed50de5d899fadb54cd03d2da0a59

SHA256
26f407c785e7686aa9d661c4d60bdf71cf43d41e721c632f649a43bdf5c40a04

SHA512
c93bdcaaabdb7591dd52eaffd11cdfe470fbafa0a73e6bb9767e49fe32f0f4889ed774358024a85d6a8964776217a376507e0804b6ba5de027cfb2fd5aeffbb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9513a8c998c46de96f8b8f35785cbd74

SHA1
372bc33affa5f39f2dce718771c5399f11c93a59

SHA256
a326df84d208e1bff797aef545b26ca44bd2bea7002bba6bbe953f684f3f902e

SHA512
d5a82dc96aba4ac16e7b1a421229cf3d437f3c7639888af672e74aaff412149d7b4faa7aa01a4ea5a298220199ef61dda7ba6790080963aab8d5c67d8f509aaa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e04c31fac0d3cbcf4e284d50dc8a8ca5

SHA1
c1a4c94002726d4d86119b9fec5868e6ded78923

SHA256
5969763c200701d2dd3965d16310a8f0f6e2a0e27dde251aae1e84563492262e

SHA512
0b855977f68ade057135255b29b8eb2a1a8332ef5382f48ae490137df47dadd977c6ce62e3e89f4e016b6d008bd4b7f6f4592e91d06de3bd7114309050263b99

Download Submit