ac0d8a03f67de0f0fb955fc3c8ce76face196a880eadbd68c2374947c13699c6

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
10/06/2024, 20:11

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

9bc89f4ec32f11b0d48273ab3bb346c5_JaffaCakes118.html
Size

99KB
MD5

9bc89f4ec32f11b0d48273ab3bb346c5
SHA1

f458a42ed0124afe6d9aae647fce30af0e3b1244
SHA256

ac0d8a03f67de0f0fb955fc3c8ce76face196a880eadbd68c2374947c13699c6
SHA512

cd24fe74488bc4c660a3b028ebb4e06908223cfc318a1de632022aba1e8252bb4c27b7488c2cbbe2fb2c80d43183198a833efc115175f87ab006bfbc47a63ebb
SSDEEP

1536:7bI33HdU8v9xuBhc+YUUHTQyIQGEI+UzSFO+V+xHe:7bInHdU8v9xChcHUS7IRAFWHe

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1968	msedge.exe
1968	msedge.exe
1704	msedge.exe
1704	msedge.exe
4932	identity_helper.exe
4932	identity_helper.exe
4076	msedge.exe
4076	msedge.exe
4076	msedge.exe
4076	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1704 wrote to memory of 3080	1704	msedge.exe	82
PID 1704 wrote to memory of 3080	1704	msedge.exe	82
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 2500	1704	msedge.exe	83
PID 1704 wrote to memory of 1968	1704	msedge.exe	84
PID 1704 wrote to memory of 1968	1704	msedge.exe	84
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85
PID 1704 wrote to memory of 4008	1704	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9bc89f4ec32f11b0d48273ab3bb346c5_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc0ddf46f8,0x7ffc0ddf4708,0x7ffc0ddf4718
  2⤵
  PID:3080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:2500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
  2⤵
  PID:440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1332 /prefetch:1
  2⤵
  PID:2144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
  2⤵
  PID:3800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
  2⤵
  PID:3500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2832 /prefetch:1
  2⤵
  PID:4184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
  2⤵
  PID:2080
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6944 /prefetch:8
  2⤵
  PID:4316
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6944 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6740 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6572 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13273727663289308518,9376982599995598382,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7112 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4076

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2312

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4796

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3416

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ae54e9db2e89f2c54da8cc0bfcbd26bd

SHA1
a88af6c673609ecbc51a1a60dfbc8577830d2b5d

SHA256
5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

SHA512
e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f53207a5ca2ef5c7e976cbb3cb26d870

SHA1
49a8cc44f53da77bb3dfb36fc7676ed54675db43

SHA256
19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

SHA512
be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
23KB

MD5
e1c71f7c04be834f5587230db2ad24b3

SHA1
f3bab9cb99d9f343bf7ed3981aaa7450515d2424

SHA256
9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899

SHA512
205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
1c0cd644182dfe4b57cb561b5d0e7504

SHA1
bd7e984b7cabe221a521b3e1706da42bdeff8914

SHA256
1548e0eaac6bac8475c92447962e61c49230abb2c474b54b85c0824f0a8d0a6f

SHA512
657efd83c71ff84eea17a8fb06fc0158ad200510f19d55c66fb8691af2bc3a40cd3be7b1287cc654929e085e9772f543946576cf8bc428d5474e73f3572d4c8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
5fac526f456649435375c511f36e25c9

SHA1
5da64b948cd8577ecb59f6531f023f150c2066b8

SHA256
78a89360df13d644eaacab92d9b8e9b2f4f0ec3e98bd5fa5725da8a25a907bad

SHA512
7ba6e182b91c396481cc47352ff0226b1c204352c3b6ea894c3d2597c8f1a26943139794575d3ef2db16383b5dbdf86a6a6060edc6a6432e0f7c1f431011f39e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
509b755ef82bb59a50468662ea297422

SHA1
62d958209096c74331480c24d11732c71e3e13bf

SHA256
c299071ce90a495fe8d6b736b6ac5f645ef47ab86589f5decff46fabdf469891

SHA512
dba3112c45b7ba470c9c8c8487cd739f2f468b8529bed464eebedd727559e5210d331b984009543fbef83da24c4fdc5a687e11eceb2c509147541b3e3e5ecb0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
44e5fc5d4107d1ceb534211723c54e6b

SHA1
1f4dd0b793e5b7d15a35d07b8f66ad2dd4146603

SHA256
cfb64634f9aaa24bb25597fe992e093292a6aff48f5379a9b1628cd8cb684c84

SHA512
252dddc25b73fa436d0bfa03c4776df7e30ba796725e13790c97dcec950a97635df9e7c6f5b31525866a83686a397433cc01d5b04c5fa4e42ef4b7f6494c81bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
522b56075ee8c0290bd18ff71cbcac0e

SHA1
ad94e125c1a4ac3f9b7a2fb9e3281800e1a7baa9

SHA256
f197a1abeff8b4d88e003639934aab49ced7a9a4254c51cce60085b550d5f92a

SHA512
281adf0e142af2088274f79ae86fc2c594c2244f927b4a420b9ce35d5a9dab7c4f3aded4618d717f6c6a8cd2d570b70d018a1c5b35b0bd31cc0078cbee536f6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6e4380c71383b5ed065600c20063d41c

SHA1
c8000a96b84ab455594edf06810f91ffe801a350

SHA256
308ce1640c5e2178a4767cf6912dfb0bc2cf7286bab40d22dea5c20d9409cab8

SHA512
a907ea93cb76fb8427ddaf7b1446947a2900e18d62a50c0b891959488239ff69d92aee1bbbd5637113c1325daca7df65d2bccc1343087ead8196d3b37c5d34ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
878d10e4fbfa7896d6d511523467cd9c

SHA1
9c1a5d2e49c1f1fc6a17cb53781b01a1416a97c4

SHA256
b27b6fb4489b01e8ca6fcb058144ed5e4b0597553311110cdb4700424c92102a

SHA512
d07c0e629dbfb83f3d648fa838788a8e4bf9fbaf18ae0bea1c74f5da7adbfc9dccea250afe105a5e0c76aa12d1fabf794062b446303aaa1e32257f4db1b327b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
aa0b72857daf02624ebfdb07cf74b8e6

SHA1
d9c898b5dc2bba78eb745a62e11642fc0da1f45a

SHA256
40ff9731f2e91bd81ba61431e46feee3edb8abfcf9ca59bfe43598e132ba140a

SHA512
e204f378c783dbe6fec33daf95edd1cdac21a7ca734637af4fff7a3647073b2bb3d1d1d98446004bf7ec449244801ea4690c9ab99767ed0815345083467020fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
af6be2310079e2d8691282bc0a0e63d1

SHA1
f2f7a614a508feea2470998f5a85068d17746782

SHA256
8bb8a8704e85b491ec355f2d83bd46671b173d409ec042aef3f6ff9c2f330c12

SHA512
ba997efa50a7fbb5da0640a56105106ee81d21e5a824fd83681bde718827e92f3190cf96827d2805a4509f2ef431b5003a5b967dd3d7691b04c17daf3e982b78

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4ea7aaea9397489fe753edde4e16847e

SHA1
11d55626328466e57692e9d6052331f6228dcaa8

SHA256
59f93975e8ed059cf0f39778a6fded0d15d2dda5842e15aa56ef1ef2a7202b7b

SHA512
01b604b2ed24c47461b6f4db71d8e4daad7dab9c05e9b3483fe5e5a9951172d47a0b6f5a7322f83c28aa653f713d6ee9b1673fb9a1d4e78415c23261864241f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
707B

MD5
f7db7f049606e184af1fdffcf1538194

SHA1
2f4b75195acc98ae4f6827f3c7c19f0a4acde62f

SHA256
c263da3b181bab596ca59cbe69d00ca49d56577a5992b70645e473ecfd472f3d

SHA512
bb5be1138c7b920bb0121b06be575fb96bb1b24f6edacc2c45fc719d4b1e7bfcbf5617b35ae3cb5dc12935c4f1ec389355b0cfb51258cbc9bd438fa02cc62eab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581681.TMP

Filesize
204B

MD5
33350ec31632d7338e8317e618c7844a

SHA1
60194cc680005a2bc9830c3e99d2cb90f26f4bbd

SHA256
4f186bdedfa063416bd41eebd44ee3d99635e35be0b1e3b15f26bf71f2d145dc

SHA512
67051ef41df09d0364f1df3f76f957dac70b9b78f6f53a472ee16ff24903213a9056fb2823b9e599643436643474a132e72f66bad2ee30c407323a30729d01ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
cd507e06fa3ecd765a0de66f0ba493c6

SHA1
4d336e7341315d8d7bbbe40814ccb86774efb9f2

SHA256
fa3ce0d350f3db149c3c8e749edfe7d68b6df63db6e35a8684f941184fa6dbbf

SHA512
0e56817c86c8a90d796590d6836125474f923df8b33c9e2fd2c3ba2a558a05553ad023ef7512892548f4c5fccf60c91f3e6ed0867936ada10adeec8f333dfeb1

Download Submit