e2be658ebaf2b76792843d44bac1570aa357086ff22dd3f74633f3ee4aa4cfef

Analysis

max time kernel
145s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
14/06/2024, 04:27

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a80241f5792214b0a70f08af3041199d_JaffaCakes118.html
Size

105KB
MD5

a80241f5792214b0a70f08af3041199d
SHA1

66ea094f57e0feacd4349e307a536e62ea246ef0
SHA256

e2be658ebaf2b76792843d44bac1570aa357086ff22dd3f74633f3ee4aa4cfef
SHA512

fe1b1954f40e49c42481938eac45eb118e0bd4e34dcea3d85a77fe42138c65cbc6b707a3ed165f7b69e0721bfd17001ae6d47a3a072a6611c5f23c49c67f9571
SSDEEP

1536://0TOaPwdnYiBUVB8idefXoo98yEEpzsQJxF/6rSEBTn+DtGZe://zY/VtdmX8yfxFy5ItG4

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5068	msedge.exe
5068	msedge.exe
2616	msedge.exe
2616	msedge.exe
4704	identity_helper.exe
4704	identity_helper.exe
1944	msedge.exe
1944	msedge.exe
1944	msedge.exe
1944	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2616 wrote to memory of 3796	2616	msedge.exe	82
PID 2616 wrote to memory of 3796	2616	msedge.exe	82
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 4184	2616	msedge.exe	83
PID 2616 wrote to memory of 5068	2616	msedge.exe	84
PID 2616 wrote to memory of 5068	2616	msedge.exe	84
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85
PID 2616 wrote to memory of 4072	2616	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a80241f5792214b0a70f08af3041199d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff96ea946f8,0x7ff96ea94708,0x7ff96ea94718
  2⤵
  PID:3796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
  2⤵
  PID:4184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8
  2⤵
  PID:4072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5684 /prefetch:8
  2⤵
  PID:1820
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5684 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
  2⤵
  PID:3312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
  2⤵
  PID:3836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:2632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,14112862022793186547,10758590139495896190,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5708 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1944

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2136

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:784

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dabfafd78687947a9de64dd5b776d25f

SHA1
16084c74980dbad713f9d332091985808b436dea

SHA256
c7658f407cbe799282ef202e78319e489ed4e48e23f6d056b505bc0d73e34201

SHA512
dae1de5245cd9b72117c430250aa2029eb8df1b85dc414ac50152d8eba4d100bcf0320ac18446f865dc96949f8b06a5b9e7a0c84f9c1b0eada318e80f99f9d2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c39b3aa574c0c938c80eb263bb450311

SHA1
f4d11275b63f4f906be7a55ec6ca050c62c18c88

SHA256
66f8d413a30451055d4b6fa40e007197a4bb93a66a28ca4112967ec417ffab6c

SHA512
eeca2e21cd4d66835beb9812e26344c8695584253af397b06f378536ca797c3906a670ed239631729c96ebb93acfb16327cf58d517e83fb8923881c5fdb6d232

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
11819690f17a0cef8c7264d9e0a66c62

SHA1
6b92feccfe176fd26db5e997b05580ee2dfce307

SHA256
41acbee2c0270eee232ced37b2341c3c3153e6c50728c4a932da00ac478adb17

SHA512
8db0f9969441a365155515fc760290db33cb8614ee3e3e64baa866f9183de225c180c9ecd941b84e07169e207964b22c32233e62fd2730bfbf4e7c54d919abe2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
297f3e04910b223ffea93792a88d5174

SHA1
056d98d08822f0c5e52bb5bcbbdd4630dbaec83a

SHA256
9768f794f1d44a16bf66dd81e5c0db3b9622f0f91edd194d5a172165baf18f66

SHA512
be0d0f57cb16ca03cf828038d9f9ba585079ab3b51ce032608eb34c9c6c000fce592254790406de4ca48dd56207d78b9329209b5fad6069701c1a4c3ef242b62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4858fd9198dddc50d9537fe3be8dd6bd

SHA1
45bdf1c384e4f6ae29d2f6042b5338cdc1e595bb

SHA256
3ec5c77f07a9561a20f5d98560cb58d77565fa457effa52f2713f00d497bd45b

SHA512
2c911b88d6698da1399845720330383d0f6ad551e626fdf21dd063aba4c80c69c85cebcba88c23df31c213fef776cfb29c54968f1cb7a3bb47ec169b72221d20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0a75552fc63d75b591d4454a5e43a84b

SHA1
8d74542bf94bbbf61404adffb121b3ce0a9c7086

SHA256
aa678d42f528c966f711402d154c8bf9eb15314a346e9475b90914761be7ab2f

SHA512
211ff4b98a5b6fc7b85abd00feac5a1295aa56de350946236b9294af9f0a24d5d08f59c23f0c87e456be57c13f1ecc8ccab9b6a1aeac617c21c7138ff9b87cf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
3145c35d171820baf2550995cf314974

SHA1
ec17775d981278ae0bf97c312dbf3d1f09341071

SHA256
487fa5cd55e352314a0673966a574b8561418b05dc32429fb7db6b7de89e244a

SHA512
a05897ecbfec3b6bc2e9b03f2534bef2edac3d17f2537c967dc2803f8de07a83ef62e154817edf504ea93986665431dd38c4ab13a834c68311bd3c69977bbfec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
7458f8dc728a85f327ff2bda4ef1b306

SHA1
61091c287fed311c0ccbf145c9bf24efa17b1223

SHA256
88eb1243b7af839af749be770067012635881c672743ccc42721c87ba6ce50a4

SHA512
f11c0f53e1af20f9f70f3e095e87d7954617007b6e384223b3c5bf32d81d71c8c809fd99ff75449f729d4e92e4eecd6d4bbfd01c3302f1e90eb6c6bf56eca660

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
56ffaea6242193efc9a52c301f73ffd3

SHA1
9424f30e2c8e61d69bd825ddec5fca0bbfd21b08

SHA256
e5c5c4b43b1d330d7685459c938dc3c7279b71d02e4e6cc4ac0ecb45daacc5cf

SHA512
8758464e65b19c247d0d0bb2d665553143bde4561220a74fa710f876573035d7a380772cf2b34cafe26a33880527f5ef90d737b0387c8ea0a25de36ea5581a03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
712b630ef822f1bc98b74130679aa66e

SHA1
5e5db0a1cc64136c9f11e62935ac6d04355220da

SHA256
7f6eaceb9c89015c74685a31cac35e485796be6660bb8124d0add30314ab73a0

SHA512
33d1582421bfd30f266e0bbbd5873325e0587a0d1d9e57525ac7a391c13e6acf44a46a5687746113aaafb9d6308358ee731e41af5a24ec5f276673db33980fed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
46e10cd2e37a611d6fb283edac6781c7

SHA1
0cae5e59251cdcfe30c780c5d29635c8124d7783

SHA256
b9215d45c686bf2076f1c754392e79dc915794a90e983d63ad63c22822eee646

SHA512
5b8f8b503e07062d853876c2e44d0e7f66b3633554eb09420f9af679fbc2c858505b45f71e07fb278bdd7c3c604d2cc65c8f23f8b6122e9c4fe90aa912ac6a65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
95ca4f4b9108cb7b4c87326fa395c267

SHA1
2f708c32fe7e624f39d1641fe90afe03b0cdf023

SHA256
b20b1f7b349c4b1a849f9762f47dfc95533aa11d91b55703aab12e66e15e8f4a

SHA512
9124477227dcbbe4313e57fa95a4eb6890955fa2de09bc0416ea2d12d374e7a15555f30620293ed746d7a1833ddb9f03914b5052e1b18caac2288007ba23c5ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
158e0d3350b1f3386356ab4cb58666f6

SHA1
9d96ac6ec749762263da1408223041918426768d

SHA256
82cfa824da564d6aa1f1a9e0151ac55ac1cb40179e701f10936d0fdad66bcd8f

SHA512
ac32720eb5ef247d64a8162725eb45c8fceb8505736d966489485b0b9c3964790889842ac94e30bf9f015bf985db5e2848aca851e547fefbb5137074a53c136a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
5038b2f1669901fce1f392daaaa5b30d

SHA1
b8e843c66c885d4a5a3ba55c60b32dcd30f8e556

SHA256
c2353b886a8afd1d023ce0086a62c4a9cab19ac329ae3460b29b5548c7cfde16

SHA512
3e82ec559cbc2c27056910e0420e09a5b86e89aecefa95b038b908954c3d61ed20fd521ac7bed1b9564e03eea7da9ca692d537ba26380bb1ff604c4ed525a39e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b68e.TMP

Filesize
539B

MD5
94404e4261d776696d59acc6e8e40fa3

SHA1
07c413ab5d90f11cefa5d54feb3dead6c5630d8e

SHA256
4f9f7af2a1158d9941cbd43cbbbef591ac533bc3255262282f7387d19c4a6c6e

SHA512
85ca33df6ad453682ea8dcb91babf71608e97c6e65b3b9760d363e84d756fc5e363e6da34ca2d31d0b5321695310c31c1457fe8f16ab83d0b7207fb4ffca768a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
fdf2f81cc6a9088aa43d7b99dee13dc8

SHA1
c7fc858523b6cb5e25fb761a57291938b9a46392

SHA256
df8d499bfba2100072e2ab24d948969d692cc5d1ef80f81053593b0939ab20bf

SHA512
04e8025319f1b24a5dafb3194c73bb524ecf71b6b06643bb5c74d7d177d3eb0cee7c20a567c3c64b1f6193bdb114e478b21109a331e30c2d7f884c00f234a637

Download Submit