12fd5be3a2c84b47b28f4787d673f6c9c72c6eb0a2c1db7abf5097c372f1933a

Analysis

max time kernel
147s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
05/06/2024, 20:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9938892cf97c5a8275a4fd674723723c_JaffaCakes118.html
Size

61KB
MD5

9938892cf97c5a8275a4fd674723723c
SHA1

893e58126cd55f3433022c3c32a3ddb101f85996
SHA256

12fd5be3a2c84b47b28f4787d673f6c9c72c6eb0a2c1db7abf5097c372f1933a
SHA512

0a745b8edda98e894c0177dc23ef7b0a284745a3fb3262ef044f1021734446f87e4606f4d50fb99a5021954acb1a1cd572c0c7514e995bf99adedfb723e2ec63
SSDEEP

1536:YgZq/pDCGUbeGX+nVU0qaRgAi7gbMZExl:YgZq/pDCGUbrX+nVUCgAi7gbMZExl

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
968	msedge.exe
968	msedge.exe
3588	msedge.exe
3588	msedge.exe
704	identity_helper.exe
704	identity_helper.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3588 wrote to memory of 4628	3588	msedge.exe	82
PID 3588 wrote to memory of 4628	3588	msedge.exe	82
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 2440	3588	msedge.exe	83
PID 3588 wrote to memory of 968	3588	msedge.exe	84
PID 3588 wrote to memory of 968	3588	msedge.exe	84
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85
PID 3588 wrote to memory of 4620	3588	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9938892cf97c5a8275a4fd674723723c_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9e5e046f8,0x7ff9e5e04708,0x7ff9e5e04718
  2⤵
  PID:4628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
  2⤵
  PID:2440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:2324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:2796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:2460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6524 /prefetch:8
  2⤵
  PID:1044
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6524 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1
  2⤵
  PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6712 /prefetch:1
  2⤵
  PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
  2⤵
  PID:3456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,12101104403465392413,9740827955912240266,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4876 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4564

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3576

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
29c3e70e1f106843adf444749b669a99

SHA1
a06e9ba198fcf277173c73fcb10a497f0803938d

SHA256
eaaab0c371c30b999d6bc71585bcbc7492c05631b3c13c0572da87b3e9e551a1

SHA512
9bb99b704096874d133f4e6c9fe0afd1cffe0d7d9a4afadb3543c4163801a59fbab3629fa9c013f928872788e24e6133bbce320953f58f74bda08d0c6a9e112f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4b4f91fa1b362ba5341ecb2836438dea

SHA1
9561f5aabed742404d455da735259a2c6781fa07

SHA256
d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c

SHA512
fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eaa3db555ab5bc0cb364826204aad3f0

SHA1
a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca

SHA256
ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b

SHA512
e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\02db4e09-0bf2-40c3-b4d6-9796b351d33b.tmp

Filesize
5KB

MD5
c80cfc950ab3898c434160ad436732a6

SHA1
e8f774f55a285d81243fc58b77c1cdef39f922cc

SHA256
0371b55324e595cf3111ae5a27ab9ffab762235701a47ba44dcb510a370df22f

SHA512
36317a98e16f9f80fee46738ed9c8c84925c26e27cac73f22de3aa1d7764fb7826db802f444d8bc1f95ada8fd5858cfbc4fe7a0719ba95d8b865c567be696531

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
49KB

MD5
ac96b235d2c203170a2231c3d0c697e6

SHA1
1d35166244bf1f8b05cce04a87d0b1521fdbfd21

SHA256
0abee0fb9e910685c622e80641d5b3c4ae52adade46ed23d313c54e22184d62e

SHA512
b33972bc2ffc36f2cc3adadda65ec5da67006130ce226a7dcd36eae428d1e66da6624aa22e7e632b3ab8dd495c6b251248322cb1cc49afd0616e76ddd7a46736

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
20KB

MD5
9a8e538524054f86eb73eeb00e31424a

SHA1
35ab0fff51a81aec3f1c1ca6406dd521c09893f7

SHA256
28a27c07cccf1a8e37658352320891fc286dd15482331d2012cdf5422b5dcd82

SHA512
d8bc2dec1323bf759fc4c3e2a77b64b56d3d80676aa38c7386ffc650a762ebe1633d5a802c5d71c9b485348415ae6c22951b3a5e141a2f203f7faed1620d4136

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
44KB

MD5
23536ccfe05b737ae639fe63ee4cc435

SHA1
6d2e9822835dc3e6117a4d2addfc8f241fbdbc82

SHA256
6ae9edfc411ede03661a3d910fafddab3d6b313d1f4668dc8c5a84c5ab23a3ce

SHA512
f416e36b2322bbebd211fd1ea69c88883f00c7b00f14474a5fcce4a408840c0d1b0304eb8941509a38157d0583485f638959eb7d5b9ae668aa88c1d3eee8dd0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\39ebd60f850622b8_0

Filesize
231B

MD5
bbf797334b0ad4e5c2c4cd5ddc867bb5

SHA1
1cda940ed9d1b1d45fb012fcbaa46866499a33e6

SHA256
5b8cdbeee7a36944962a3a75f928b565eea72dc91d325f0f026c6fe732ddf9e8

SHA512
1bb57cea1cf37e7cb23ef7a8277e9543e5e5159c95c251b4cf3a7d274bd1548115058c9cfc8aadab9045da06e7c45af2c856aa820b1a516c97e4488f1e509ca5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\39ebd60f850622b8_0

Filesize
279B

MD5
0f5a8c7fc34a5e4cdc4d583e5d7c10df

SHA1
92811ac3f85b00eecce75543733cac3917aba52b

SHA256
18724fd81882984b1676f9a918b2ce8b49519306add69f89c99282e1ee96bc5c

SHA512
d0210d2f1d8615c68cd9e3fc3e3e1c423116cf4149a7658c6fa63d7af5e93801b677e5a3efa278f47b56ecb17e89514aea469aa179b26b605705962b8bea6509

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\62804105c177c2db_0

Filesize
207B

MD5
c0a066bc999192dfcfa05cb64636e431

SHA1
a26ef2c933a0573f1ace5c20040d1ab7abc31fb9

SHA256
ec37273df16a74a721e506a2f5fff912113eae41e7e22205fab48c292bb8dea0

SHA512
a21afc3cb135086682436c5a063f82c9a46eb6917c4b5a51a0351b5baa865d2b0bd8ff605127618aedb9b8f3235aad8acb917ceaf587188182390c9dd0adcd2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\62804105c177c2db_0

Filesize
207B

MD5
6c7612131ec5e11aeccae979495749c3

SHA1
b2190103ec0468a387feee51680305c28259513c

SHA256
1e4e027d6592d6cb497ab770f69a3233a86b6343d8418b0bde1e28f88939d53f

SHA512
110aea9d5f4857dfd880a22fa518bdc35638fdf6f513cb3948a0d8733b7aef70d130ca03dd038f55dc5a83160f02a7580c0a1d0626904965210058a659ccdaba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\62804105c177c2db_0

Filesize
61KB

MD5
8e84f9390d3736cf6ea43981ddfb49cd

SHA1
5a365f70574503d7b621d908a359af6f3bf1c419

SHA256
66131824397bcb2af602f62df8cffd01b75680161a9f5c786171e1fe3d584de3

SHA512
0cdd78ceaa43f18046d034794c521e21e80c51d2e160f17675192589fc851451ee0b43f5e22696da46e1ac81bc0abc7de7181278b3a20f1bee1428d78f415e42

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d4c4dd3ef674775_0

Filesize
140KB

MD5
35958abd419d734ca6e872ef4f660dfb

SHA1
f1dba7e46b624d2c249ef0a459d5c70689334827

SHA256
f40608cd1594a8e04a3ba794435062655d2e24f4d62c96ba300f4bfc21669b15

SHA512
03348782fe428b32b2b368dd3920c3371045ed6dc8705d34d0a11b1c3e236b6571fa5516401d221a55d184e293f8814ab27ae9127be9520c7d67368b251d9dd7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
eeaf23b17229009b0e5a1105b404038c

SHA1
a6684b6936ac27954c51b6a1892ae055e19fcf3d

SHA256
572b5bb5ff40341367436c9a2939d5c1eaed88d0a0a47ff7734e4f8192524c4a

SHA512
87eb1a23ea8be9bc99aa21426be9ff3f35e056700433c9f5a6f44f7b609d7c62892373b9feda46732d6fadf903712e2ba20162110a95cbe94a5480b76296cd72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
db5c359976d4c0dc89c070af9b4443fc

SHA1
e7a844c9d16066c15b292f967b4d68eac5b16b96

SHA256
7b1093f03c86fb97afe0682ac9dc7f015bfd741453957931de4b23b35f015319

SHA512
80a529ff29cd55ed7fee696833eeeb7505b1199c838ef222bea0bf477d4972f538c76996b26dd5ff7359406517f498e63c4693e931bafc6d1382a18b74d1d26e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
827dd6fb7c516c274b115608e0db53ff

SHA1
cb3cad22378af185ef5d8215d8d0cc38185f922f

SHA256
67329713f54685f6aafb23345ec0ff72d2462e018799ff09356b4fea3c662ca1

SHA512
8820c3b7f5eae1f1a0da2ea5d774356e5580c6ce4cd0695645c7b8aa1ba0a4b6db64fc1c01c6baeb12da91f3f72883a0063096acc77eb1fb52b65d3bc9e48b2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
cb76c77494571b509bcae08117b78b73

SHA1
d6e232a6fc0129275e59eec2fbee342fb719530e

SHA256
781ecddfb1265319839a9ac4a262ccdb2f3944bbee4cae7d30377ef3ca29a90d

SHA512
05c37349a216f0b94ce2cd1d96aab0dea498344f300d85ec0c19a2a8aaab021620004e191a87217628766af3c2abc2f33cb063dfde97f6760bd84d06866a0670

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4ae1c7a1a7742a1cea443a89a3cc85be

SHA1
adea8c441d6cda2d266c325964f26e020fe708c8

SHA256
e4e506a6989d5613a91b842205d4df3c15513df286bc4fe0a525fac6246a3ebb

SHA512
1cc844c5e86d1a725914f6d920325a971906be1c68b96c2ce6eb66e9dea72a6b175fbe8f3bb6f9c04388430a5ebe0a2a045f0611d3b034c3f17306d8a2bcfa75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
59338000841bb51b70821d871b468318

SHA1
55d4697296bbc86f86578600a4a778f56b3540c2

SHA256
ef7a729fc49f788052a60049f4fa9960e7e22bc717e0fea1c4ccd7c38ed0590b

SHA512
b3e38122b33dc974205b163279e20dce4616b8b9c34dfc58567c093ca978a6069dbc34b5150471c176b1a08fc41583641f454fc56aaaaa2bc42e4aa950b29e94

Download Submit