cd074eb2f6263fa9872b8b9be2fc7f67b552375d27a5445eef0b38f24b130bbe

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
16-06-2024 14:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b4049af2cc2c7036e11f1a263e598bb0_JaffaCakes118.html
Size

122KB
MD5

b4049af2cc2c7036e11f1a263e598bb0
SHA1

4449bd3d730d14ff4677e80d14a8139e80d0214c
SHA256

cd074eb2f6263fa9872b8b9be2fc7f67b552375d27a5445eef0b38f24b130bbe
SHA512

b59201d5f8702f2303047aa2f0a2dba85c35aa59003ffaec67a7d6e2fe6380bc7335602c3bda09a41317d40fa8f216b0eb823645cbe48c5fc68fc9e740b4ab76
SSDEEP

3072:cEa+DKnhVF5UfcfT3dT0OFPnbQCAy+Ekz8qv9MHDtZ8:cEa+DqfrPnTAy+EkZ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
956	msedge.exe
956	msedge.exe
3000	msedge.exe
3000	msedge.exe
1600	identity_helper.exe
1600	identity_helper.exe
4724	msedge.exe
4724	msedge.exe
4724	msedge.exe
4724	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe
3000	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3000 wrote to memory of 660	3000	msedge.exe	81
PID 3000 wrote to memory of 660	3000	msedge.exe	81
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 2876	3000	msedge.exe	82
PID 3000 wrote to memory of 956	3000	msedge.exe	83
PID 3000 wrote to memory of 956	3000	msedge.exe	83
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84
PID 3000 wrote to memory of 3944	3000	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b4049af2cc2c7036e11f1a263e598bb0_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffb7be46f8,0x7fffb7be4708,0x7fffb7be4718
  2⤵
  PID:660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
  2⤵
  PID:2876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:8
  2⤵
  PID:3944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2628 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3084 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3904 /prefetch:1
  2⤵
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
  2⤵
  PID:640
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6884 /prefetch:8
  2⤵
  PID:3212
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6884 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
  2⤵
  PID:1456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6188 /prefetch:1
  2⤵
  PID:2668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,8194838569308372229,4436786930780169557,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2016 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4724

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5056

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3208

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
477462b6ad8eaaf8d38f5e3a4daf17b0

SHA1
86174e670c44767c08a39cc2a53c09c318326201

SHA256
e6bbd4933b9baa1df4bb633319174de07db176ec215e71c8568d27c5c577184d

SHA512
a0acc2ef7fd0fcf413572eeb94d1e38aa6a682195cc03d6eaaaa0bc9e5f4b2c0033da0b835f4617aebc52069d0a10b52fc31ed53c2fe7943a480b55b7481dd4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b704c9ca0493bd4548ac9c69dc4a4f27

SHA1
a3e5e54e630dabe55ca18a798d9f5681e0620ba7

SHA256
2ebd5229b9dc642afba36a27c7ac12d90196b1c50985c37e94f4c17474e15411

SHA512
69c8116fb542b344a8c55e2658078bd3e0d3564b1e4c889b072dbc99d2b070dacbc4394dedbc22a4968a8cf9448e71f69ec71ded018c1bacc0e195b3b3072d32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
23KB

MD5
e1c71f7c04be834f5587230db2ad24b3

SHA1
f3bab9cb99d9f343bf7ed3981aaa7450515d2424

SHA256
9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899

SHA512
205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
3f13834fc6f11002dedb27bb3e2ada23

SHA1
724bdd609dca7d01d00bc70f8eda4cefe6056c1e

SHA256
dccd105d838a2c3fb4bce2d8a131130363b173c9b447f85077ae7eaf731207fa

SHA512
a8c7c1cd602f999d517a2807e56bbc2ca6cece7e7c36d75a94c3ea79cf39f4b038c1baee088ded264db650279fd12a9f5ce998b6991c751cd41161cbc08f3b13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
7667f11da3fc66da5b0fab7d11a6a3f9

SHA1
05b0c95312e8c5d412f004415c1656a22495c7cd

SHA256
14a1fa1d9ec80a5350749df68706cb3430db6ca83dea4768d172388b0856a91e

SHA512
39fb16f30bfdf774a743e9f04df817601e1e5c9c06bfedddcb12f1c88b0750f3548ea441eb86ad7e68e0d272bca76fa34d7a881406b671615d0c8a2b7e3ac0d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
1ae4a72e9a8eb465e2dda7af47ef9d61

SHA1
7b6e49f3c4083192e953d5db47e0930414b5bf52

SHA256
507e09e51d0da476dec53f0e0c4a14cc596083029e75d5b03a78146460449e9b

SHA512
4ec12f82e0409f7b4c849c40d89cbf4b8520f6768f5e6b1dfc651ea35dd09338b73a736fc94af5400eb0c52cc6697e6dd5034e99d926bbb3ced3e2af2ac6e6c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
1ad7131dd0c9fa03c1477f2948223fd8

SHA1
6eb59701697fcdb212a9ee76bf5de742edb2f1ef

SHA256
e07a87ff608923d904d2f4224d5be27c8f49afbd1153799c571513d63d4bc06c

SHA512
fe3f9c8f49531e8be23f76407ba7108187191a1362591fe298e917078a027bc941a3b6f38a895b39fd9830cb53ce58a4df48ca678cdd63fabecaf48d03854361

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
16922c8054a8463276345faf2a403829

SHA1
2ed383bde970651cf3818b2f2c87945b7deaf7e4

SHA256
35539bfc0d65208157b1db519b3553a949694b2ecc9c4c38da4715cb2014264e

SHA512
41e0ab7ae466b4b6cf5fbb229aae3bd896d14245334c113120aee8483441035ca6c19f94d23b71a4a1d23542f33d6c9a5b7655f4551596768da7a68cef33a078

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a6219053791b9cc04765933d596e21b7

SHA1
eb4e6b7946589d227013199e006d482fd8330235

SHA256
4f52e32c169506cc9ed4132469f7ffa65994162ede23db4c4ced2388e3267f32

SHA512
191bb474e804358e2bccb2ea9a6cd5dd725d36f6ee98f423c081afad3f72a74b96a58411207b8eaddcdb635cd40ef5bbaa675b9740657411a6d53223e8b05434

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
bd7996e68d794fa300afe2903e72a920

SHA1
2639e48e7ab867eb6ef21d57769efd3e5c1834ed

SHA256
4927ffe157a0116c2dbd92f633fc589d0463f6d14f0644b0ef0334d32905f98f

SHA512
c721e64e109c543d3c4ac850f5ae262fe669d92eae6de6335ed4977ba81bba54562fb39cf5a89ea55e70a55ef2d1fe0a14e7ff6c130e7f53e537f623f411c7b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
84b88e805b72494ab1c132fd611e5a8c

SHA1
987e895ef09b5c6193a35a9564ff12f9964b226b

SHA256
2fab94d004ab1ae4f39a87c01b3b51606a174e7b776d47b884a80a5ea538f31a

SHA512
955d934497a0a6d2744fe6731f46d941d08cdef63b4fccae23a0272e89e1681f9566819fee1d908f929e0e7b83fa9714d2d4833a738ecc765cffe29f757436e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1df98ef48a3ad4e9ca42861706dc1e86

SHA1
a3db9500000df0e2695d00049795a442de4d61bf

SHA256
977e27ac7e547e732d0250b754ae0673dd81464c287aefb7253d832838c18707

SHA512
e70c88ca1d4b3dcb8200b2f291b4dbda11699472e71b5c07584bfcf4fd8dd32b066df37c898eea2ddadc4b9430494554aa784fc051d8a02c65c8070bde7ff906

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
0e2cf0f45f19a1eb9993115ff591cad8

SHA1
e9d9f6c5ef1b453310d3005a0338e7f560cbaec2

SHA256
7f4c5c97d3b8ff6ddae8077e4c12a38d5ff47e701bb9a39deba9484b0f28c89d

SHA512
7d318843f5f28f7f12ea2375060a3fef072ccf881df859a3541fe144d3627d38656a8fb89decb94742d80ada0eca6e3313e2f033aa651bceece4705721e6606d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58020e.TMP

Filesize
538B

MD5
646b236bc1c0451917e81a991c3f15b9

SHA1
3eae98c1d59ff0a20abd1dc540ddae4953952476

SHA256
59d6beb4fe46d6ab2470389df5061c1aa07aadcd4cf053cbde79a5d5bdd30448

SHA512
28601a9480d16a1bf26a64a799c802b3f48d6aec774dea0c5faecf378ecf6d5d1a953e4f8f2fe4a52b905ec4af9f24def5cab97e92970a9b3509000b7b3e14fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e228eb4bfae60a18b1c11fa6aca89fda

SHA1
29f8223a815aaeff5b8b6a401f9ab3df34bb277f

SHA256
615f6522ee60f4e19f14602d86089e8ecd84950881ea217bf6b3c0b2df053fb6

SHA512
33fd01ba17e0dac526613a6e987053cf06fd37e7c8b0279ec671f1e1794100e5a5341c53a148c5580e55346fb35e595e5315453d444995990ad597d52d02ec3c

Download Submit