3dcc4f01b6ccde42e188663a9febf987c62ab2a9ffb4e9affa750e28724c5131

Analysis

max time kernel
147s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
04/06/2024, 20:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

962f3efd9546249c76070a9675e3fba0_JaffaCakes118.html
Size

154KB
MD5

962f3efd9546249c76070a9675e3fba0
SHA1

29d74dc992dfc59c8f0df0d3d77e11c0c0f8c152
SHA256

3dcc4f01b6ccde42e188663a9febf987c62ab2a9ffb4e9affa750e28724c5131
SHA512

0387dffea9ca1c5e7af999d0d1abfc5ede51562079df03f4422b53f9cf13fc57ee3075a708c3fc4733d13077fd5908a538430fe0fcf75d2f9f40129829a2fba4
SSDEEP

3072:PZY2MYJ6rHfgaToXdYKlR/qq1L1pHqp7/t2m3:PmoaTo51Zct

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4720	msedge.exe
4720	msedge.exe
756	msedge.exe
756	msedge.exe
4608	identity_helper.exe
4608	identity_helper.exe
2332	msedge.exe
2332	msedge.exe
2332	msedge.exe
2332	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe
756	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 756 wrote to memory of 4248	756	msedge.exe	81
PID 756 wrote to memory of 4248	756	msedge.exe	81
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 2648	756	msedge.exe	83
PID 756 wrote to memory of 4720	756	msedge.exe	84
PID 756 wrote to memory of 4720	756	msedge.exe	84
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85
PID 756 wrote to memory of 1740	756	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\962f3efd9546249c76070a9675e3fba0_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffb447946f8,0x7ffb44794708,0x7ffb44794718
  2⤵
  PID:4248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1996 /prefetch:2
  2⤵
  PID:2648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
  2⤵
  PID:1740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:3656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:2144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
  2⤵
  PID:232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:884
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5424 /prefetch:8
  2⤵
  PID:4012
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5424 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:2576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
  2⤵
  PID:1080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4620 /prefetch:1
  2⤵
  PID:3960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
  2⤵
  PID:1544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2988 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
  2⤵
  PID:3196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
  2⤵
  PID:704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6088 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,14459216494628069895,14757975375066677463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
  2⤵
  PID:5060

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3944

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4256

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1ac52e2503cc26baee4322f02f5b8d9c

SHA1
38e0cee911f5f2a24888a64780ffdf6fa72207c8

SHA256
f65058c6f1a745b37a64d4c97a8e8ee940210273130cec97a67f568088b5d4d4

SHA512
7670d606bc5197ecb7db3ddaecd6f74a80e6decae92b94e0e8145a7f463fa099058e89f9dfa1c45b9197c36e5e21994698186a2ec970bbdb0937fe28ca46a834

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b2a1398f937474c51a48b347387ee36a

SHA1
922a8567f09e68a04233e84e5919043034635949

SHA256
2dc0bf08246ddd5a32288c895d676017578d792349ca437b1b36e7b2f0ade6d6

SHA512
4a660c0549f7a850e07d8d36dab33121af02a7bd7e9b2f0137930b4c8cd89b6c5630e408f882684e6935dcb0d5cb5e01a854950eeda252a4881458cafcc7ef7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
74KB

MD5
1c7e1982bd31c4ac1f58bcd3bdde7267

SHA1
d672d5a215d6f3cd05138e121dc3a2aad8a584b0

SHA256
f7c3dc7f8feec3cc31ed8f65dcd3ebde31629c69e62c26ee44cb0dfc55c3de83

SHA512
33caa8d1f077129fc36e4da0f50aa8fb29b204dbc7e8439781f8e28a953da49a63a1057a83aeb1b33012aaeaf205ae62c34d1391b8885d375c486aa15ec4000e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
31KB

MD5
548260b20981c0be2d9dcf8d01c08c24

SHA1
84230120f8f1bd559eca3fb2fec6acf6cffbf4e7

SHA256
2f8a612a714e5c928525fdb193f8ec12f7965a6c0d63dd8e58ccae239358c8bb

SHA512
9308e58083e5a6989b7646de95d251c5431952dcd55e613e9c7100d817e847da0f4835bfbd0df325d9ceeb4fb9680d3e89311997b801b16bf8426893a2a34c69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
22KB

MD5
6f52f16e0c8869759029f92150fac68f

SHA1
d7171b0111ecbc51953fb6a6a0fcb639c9aacdb2

SHA256
0ba65009d2629977348e7cc30414a518b21b8fe7f50351fcead70764219b9bb2

SHA512
ebcfdfbd773d2e7a0930684c7699f4e557995473c50ed7875cddaf1ff03fd889684400c6f17558b6f801ab5c66da0dccc312cdccb1b2fe8e8784e8c0987cfe11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
18KB

MD5
45f6402158263def6fc92f13ac67187e

SHA1
4c27acb7561ebef5423909491fbe4ab0b8bee0ae

SHA256
74fba77e0903616824151420f5a41cc7397984221a3346df2ee414341e2b5c50

SHA512
8b84a8f80fbe78aaba46e8d8e9a7d4e6f6017997e6240b1f037c0ce036cbd49507ce9041557a2fc85b0869e1bbddf236f5422c13968ef1c963cea43f2321bc33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
19KB

MD5
f34e2fd3e51c313d81d121373f71a19c

SHA1
9f18eae29b76c276be795cd0914164b05bad67a4

SHA256
f5d55c0cb0437e78ebe05c2570564abf5919c6ac384776b74b68b0db9d5d0561

SHA512
4fc373497f64822c1fe35cfaeeb5c421c763f7933001165a8025d9fd472106deb49c715a0885a49d93da8a0760f6d0abb28d92a55687c0263e01d53265be1eaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
20KB

MD5
2d1ff6a957e5509662bc985d074e4fb0

SHA1
ec024dd4a4cb1d751c7d4f290474a7d17f60e848

SHA256
c1d810f31f86677bb6eb23a9603d96809e13634c83d9513350b936ad860441cc

SHA512
d5ef9d49b1a4fce4f8395bfaa99d4fc3fe8798b97424f982cdf3e6b490d2dbc4e2cb091633971cd477ff2c51c9bcd03ed3b735447207cf8c930c927533c3c0e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
8e456f2c2ef8ae5acdebb88196b6cac1

SHA1
4c8ee4808e0330bf34fad0088ecff9d0177ae3c2

SHA256
36777d705ad20b1d1be278f9414944f966626f5cdca1b0854c1f954f7413de3f

SHA512
341f467d086f441cd696186dcd3386b66c622b3aa3e19d6f09c4b5afbe1b553c576ea0b142183a8ed30856f4a6191be5403ba0d9f3fa865c154fb929f4e0a971

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
3104717397f6bf10478fb6deca951319

SHA1
2373561d97ebb7c507d151a4ef3697680fb34e1d

SHA256
d6e322989709777841e00ae524c8c87d524d48374fddde08efc42fd63177e81d

SHA512
1a8bb3de41166c567c852f8b9cf4e8b7a4776f0cdbbaf8aee8bc1898c7a1b0ac5038cc524a9bc2da96308675810cdc2af0e9152ba43872bf8fab832c694bf46b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
6b48fdc6d5f3d0f3ebc016e8647b4cac

SHA1
c3ab3c0bf8fe31a7770b5437f7714debf6b0bed6

SHA256
3220d072ef579131da1ad28cc1ad46c5666f5a3346ba15e65f00092b00282087

SHA512
e03a2be473178fc08c41665236d071e87b7262d7026442179af661bacb62372311a5ea8fd0163a947b32043943fe2f8ef91d98259b2c10320dfe39516d49a9cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
a1d273a62fc056b1533c93f6b95df318

SHA1
15159bf017dd30eb7aa84a02d8234b208e38266b

SHA256
a3fe7a9864a2410f7a22ff3d504f5ead6bf2ed2454a11e59c4d1d80d0eb8f7f4

SHA512
26c8e3a1543840a1fcf458035a01bdc434ad190211c79f24f4212dbd3b93f700de6b1456898f49cdc7b638f5c3ff4f03c079e2029a45067a9224c56f4836785b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8dd1095373666246795ce39990621c11

SHA1
06ecd6641cb34bfbc2de829fe7d2e0147022e3dd

SHA256
930f83cdbf05333edbf5a1a54ef067623a1b2939ce057a02ba83c1a31d2db95b

SHA512
c7144c904c4419b44440787adeb0bfc8c15cfce183abf2b11492ed115f961d4523e32aa204c2d62918a983da8911872a20ec9c951c7802fbff34d8045b4c99c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
569b477099b1d0453163eae01b984dad

SHA1
45b71d7b01dc5544f4d167af30dc189fa4313fcc

SHA256
04b2003c6489a29e7ff431e5dd8e160f1283e700ec9b591910cce6a579c8dca2

SHA512
1866ca6e90e0ba4cf732fdad58ed1c4c97cf7188d9fd939ba1916f2dc7a45a5ab5fbbcfd7756a67c9446187b663cbeabca21830d4019eedc528f5f73eb5ab720

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a4c3cc11cf8f7629318aaf9be6c721f8

SHA1
7d0e7e7ad8d08166a8fa9ceacd31f7910b5acea7

SHA256
3063506aff10eff34eab69633ea1799ce998cc4af783b8249d6f79f1f566e8d9

SHA512
fc82ce084c6fed7348de6eaf99fc322b364c885f3fa71d5c5dd2f571dfe31ede935f0e57ea2dd5f343df06f982cbe060ff41ea8ca850c2c557ba11fe362b90b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cc433912e15fc57a35e18abfc03b0c9b

SHA1
5cea329c0efa1078f82013afcabfcfd88beb9acc

SHA256
7d19653cbfdeed18ac41565fa71ca532861e29683b019f83ca7d3454753af2cd

SHA512
aeb17cf62202dc64493164b7ab9accb2d2edec2d7a384d0fbbd615f7dced59cde9110c24d994aaecef2e426c66564ff14c87ffdef19e6eb4ce10c8ba3d747ccc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
2a582ff2b9b3e7868ebdb64139ed4f09

SHA1
9ae003d74c349646bf221283d55a3835666a685a

SHA256
22405995e73e5526a771755eb6c12f804d415f3c1f19fff6f5859eeaeea2a59d

SHA512
6de1e0fd84ac56aec2daeebe8cc2a7644ad88158bba7d473a96022eac4f2bc34607c4fefa4586467d1885a34134c68ab8d318d4ac0e97aa8b871bbf38ecbb6a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f4881137033e313c700c64af7a83224f

SHA1
128d945312bb2b139671404bcc8477a76459006f

SHA256
1f51165ed606dd29584e921dbf8239dde99d7b4a19e5be11a3f31cdc5b920a31

SHA512
15e381a1b5253f0d6d0152e41afbd8125182430348c363265975ae5df20c9b98187914f37a9af545b06906d86b2839d742db6b383895d6c7bcb868f086772ec4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
50ea1684946321fe902eecb481ee18fe

SHA1
c41888d533ce89813197d1f73fbb1903a19ee248

SHA256
a9024a5af460f1a8842cf84070c045dfa0ac1a3659ad6d1236d4fa444da95eb6

SHA512
8d7f48706c6c65529041943d71cc3791e8a6602fcd2ee230d2cf648f76594ebfbbc926e5b42909ad107718e7015c61cc26c35641fa018cf68162ff837be29454

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
73796053200e00012930466661508023

SHA1
aaba1cda02e5ff05dddb5e49bad76c22e64809af

SHA256
eea5e0186e9e048d748ee000908512f04b06d74276f3f2268db335d356b2262b

SHA512
fb617c8a77fafc7ca3e8d4927f5ba6a26d3507164de2d2374d9e73d228644cc9e257aceccb18e8872732a11bfc6c7ce47db150256a2c58db6f115cc15bc97edb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
5ccbb0632d776fbdb741cbac68c88191

SHA1
463dcbff1db641d80c9baf0145fa554247bad5cc

SHA256
b6fd0c7b61aaeba9aca5d231dbe9d809a92ff9a3369cc8fffaaceefc5c8d89d7

SHA512
be28af11f40791188ae9466af8e84a4fe289775eff6bb84b24c54289a826bfc53f772bbe34f1b09af8aec954f6271944447533e1ee1aa88ee650e024b6fbf0c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
7006705b37fd2987444312fdd919e654

SHA1
f8d936b553a7344d746071880aa8cfbf53a38355

SHA256
2f70ba3d2c2b296411ef7c38da872408d56d0cd5c06e7ea610a0a10bfa6a05dd

SHA512
ac4e8c41ebf2fa25eb06715bbbff1d0b2460afd4b87e8e27fffcf46bc08764d905ee3244a848b7fc30dbbc4d35d9aadd25896bbc6ebef0540b6bd620bd11ccd0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f9d1.TMP

Filesize
370B

MD5
7a62a1f10fa76f9a30aaef518c982834

SHA1
66a7214f4eb3faecfa1b564d89a79c4e118ea063

SHA256
e0e9464c177f646c0d525c2221664cdeaf278d3e1d47acf1d8521022defc2a36

SHA512
266060170c4e7c010613b4ed56ccf5927f6fea60c2d4847bd822423745d43b1ef7c3a871577a28107a0aecfe20c6d8deaa4b7e024f8e01cd928cc1db043d0e9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5ba846fb429ee97401694522d89c9d9e

SHA1
1626b7090ab18620b8625bd0c481c9c2327683d1

SHA256
d7f06443395ad858797ae092e82e56d2d2630724132df2ae6c24d2ce0e39bc3f

SHA512
6727fc8504134551da756948d350e71da8d9603d917493a7733154bc2fadd3debbc1f549339efa5d4e4118ab02cb5c16d9c5e306b5df29ae38a8a4b6c9c005bf

Download Submit