330975b28d634e3b2fa146d577386239470af7ae245578629ebe3950fa9e5c96

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
16/06/2024, 02:07

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b1419471b041026529a7766be1b9939f_JaffaCakes118.html
Size

175KB
MD5

b1419471b041026529a7766be1b9939f
SHA1

801ad7583b26053e2b2e2a0d643bc294705fbcb1
SHA256

330975b28d634e3b2fa146d577386239470af7ae245578629ebe3950fa9e5c96
SHA512

e3b12cd0f2c134d75b8ab2bab2b4e74e3ec5eaf9d483b60bfac9829f84ecd76b42f845d1dc3cc270fbbaa1af04df6bdcc8e7d3d3ca5646daff5dc93c213d077e
SSDEEP

1536:Sqt58gd8Wu8pI8Cd8hd8dQgbH//WoS3/GNkFOYfBCJiZv+aeTH+WK/Lf1/hpnVSV:SHCT3//FnBCJiWB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4544	msedge.exe
4544	msedge.exe
3812	msedge.exe
3812	msedge.exe
4916	identity_helper.exe
4916	identity_helper.exe
3476	msedge.exe
3476	msedge.exe
3476	msedge.exe
3476	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3812 wrote to memory of 3428	3812	msedge.exe	84
PID 3812 wrote to memory of 3428	3812	msedge.exe	84
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 1500	3812	msedge.exe	85
PID 3812 wrote to memory of 4544	3812	msedge.exe	86
PID 3812 wrote to memory of 4544	3812	msedge.exe	86
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87
PID 3812 wrote to memory of 1700	3812	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b1419471b041026529a7766be1b9939f_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa025546f8,0x7ffa02554708,0x7ffa02554718
  2⤵
  PID:3428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:1500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1480 /prefetch:8
  2⤵
  PID:1700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:3488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
  2⤵
  PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
  2⤵
  PID:1220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:996
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5040 /prefetch:8
  2⤵
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5040 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
  2⤵
  PID:2052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:1728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
  2⤵
  PID:380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,14317103507800556768,4851360589395574781,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3476

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1608

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2808

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:648

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c5abc082d9d9307e797b7e89a2f755f4

SHA1
54c442690a8727f1d3453b6452198d3ec4ec13df

SHA256
a055d69c6aba59e97e632d118b7960a5fdfbe35cfdfaa0de14f194fc6f874716

SHA512
ad765cddbf89472988de5356db5e0ee254ca3475491c6034fba1897c373702ab7cfa4bd21662ab862eebb48a757c3eb86b1f8ed58629751f71863822a59cd26c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b4a74bc775caf3de7fc9cde3c30ce482

SHA1
c6ed3161390e5493f71182a6cb98d51c9063775d

SHA256
dfad4e020a946f85523604816a0a9781091ee4669c870db2cabab027f8b6f280

SHA512
55578e254444a645f455ea38480c9e02599ebf9522c32aca50ff37aad33976db30e663d35ebe31ff0ecafb4007362261716f756b3a0d67ac3937ca62ff10e25f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
37757e4acb8221235919ed9d635eae01

SHA1
e7df9a4c67cd7969304d68c287f22a24f38156d9

SHA256
223ade9b09843e0b9a3184ed09bfc52c68064122537fdcafe40109c6ebf55ef2

SHA512
798b9038feeb23597f48d84c0215ceeb21898308e595ee2b53ebc5d26c937493aaeb0f6177dac668ace2e318aeefaf7f887800c1420921cccdbd8795fe1f9682

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
164952f7b4c08d227ffa426544bc09e9

SHA1
1e2ec5091c60a823d4b1c60bbab98b3f4b9beaa2

SHA256
441992fba94f9bd88f8cac03a0e4efee69ac1cc168cdadbce68d6aebef98d253

SHA512
2e961a89c9ca6c2f5c6496f8eeb0ce1b1517a5b56944a56d342a5ca7eba201fae733ea101680c6e5ece3a874a545106b291431b44e850526ccbc70d1279b26e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
4f3e04cc32f976833b496dadae8ec269

SHA1
2762c4d5f70806ac295de1db76f6dfae15ff6794

SHA256
af19c7f9170b7ef951932de02e422c10e1f070a22c419344f21a93364f4a6614

SHA512
38bc914f88a2c48a7b6877b3e697dfe63fdcb8999f8a5e64045277b4497406f9b54b839079d8438844ebfcb368403386bb48666c7cc2ed485564e28d8d09cd8f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3e9ab9089f97a860de26b0ac36bba41b

SHA1
e27f36204b5c0122d9d59c774635edc6b35cde3b

SHA256
3658d9f156da9228a93731eac3a20a8a53ce278f1ce59cb95742a2ef267d4465

SHA512
54ea5141578e4318f843225d2fc917338336b5929d3801c4b7af765b97ed591506387649eb487dd6428dc0428b103ee67b8aa50840312045ddca00702855231a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
aa3cd8e6fdd6960a8ba7b145ec81fa43

SHA1
738ffdd10b1c4156333cb845c9209c786a2df4aa

SHA256
40f158ab709abf898e51de63751a72d8ecb0ba9eef43a4165ad89b2de029ee51

SHA512
7cf83d60a216762fb12a588da5f8c3e1a5c7861aa155d487446340c6b8d19dc0d92a3ba369afc75cccb7a309270f5c5f4d36d8f83545ccfe170622655c6894e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a3a7688e9257cdecf81d9fd54f30624a

SHA1
c35c2559c4e8ba5036cbf16ca9fcd3475e74749b

SHA256
5f819d371d04061573be9eb984eb812392c9b7a8d545095dd2dcbe2eeb11c10a

SHA512
5a2bb9089e1bc1f18ac4b1e1279cf311ca89c00d5816357957a8b0fd29c972d59295de91a3d4aca94030e71037c60d387a3af48680e841a6f7da9c6abc051859

Download Submit