c58300717b549601aadbf715b510223e8d018bbc83f88dae450f3858186b59ff

Analysis

max time kernel
145s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
17/06/2024, 06:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b7361352ab7e9079d83843ae5d7ed7ba_JaffaCakes118.html
Size

30KB
MD5

b7361352ab7e9079d83843ae5d7ed7ba
SHA1

cfb348dc6836f3f02241bb02f75c327071963881
SHA256

c58300717b549601aadbf715b510223e8d018bbc83f88dae450f3858186b59ff
SHA512

f3f4fa590f3576d722bbe6b8bb7b238fd67938535200d27ac2fc025db32c37e391b8311cd3c150412ee8ad131a5200211a7b564230d2de7872abd187f3476cf4
SSDEEP

768:Wnod+0Edi4xs4gA7g2ANzu4N8o+fFfVSFYlv/BcEeQkdvX9:Wni+0Edi4xs4gA7g2ANzu4N8o0tVSFYW

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4564	msedge.exe
4564	msedge.exe
4004	msedge.exe
4004	msedge.exe
4884	identity_helper.exe
4884	identity_helper.exe
620	msedge.exe
620	msedge.exe
620	msedge.exe
620	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe
4004	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4004 wrote to memory of 2032	4004	msedge.exe	82
PID 4004 wrote to memory of 2032	4004	msedge.exe	82
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 1496	4004	msedge.exe	83
PID 4004 wrote to memory of 4564	4004	msedge.exe	84
PID 4004 wrote to memory of 4564	4004	msedge.exe	84
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85
PID 4004 wrote to memory of 3004	4004	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b7361352ab7e9079d83843ae5d7ed7ba_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9acdc46f8,0x7ff9acdc4708,0x7ff9acdc4718
  2⤵
  PID:2032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
  2⤵
  PID:3004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:2376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:3140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:2660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
  2⤵
  PID:212
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 /prefetch:8
  2⤵
  PID:3052
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
  2⤵
  PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
  2⤵
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:2248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,12194193904755442882,3114689226300061390,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5876 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:620

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4512

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2436

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
477462b6ad8eaaf8d38f5e3a4daf17b0

SHA1
86174e670c44767c08a39cc2a53c09c318326201

SHA256
e6bbd4933b9baa1df4bb633319174de07db176ec215e71c8568d27c5c577184d

SHA512
a0acc2ef7fd0fcf413572eeb94d1e38aa6a682195cc03d6eaaaa0bc9e5f4b2c0033da0b835f4617aebc52069d0a10b52fc31ed53c2fe7943a480b55b7481dd4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b704c9ca0493bd4548ac9c69dc4a4f27

SHA1
a3e5e54e630dabe55ca18a798d9f5681e0620ba7

SHA256
2ebd5229b9dc642afba36a27c7ac12d90196b1c50985c37e94f4c17474e15411

SHA512
69c8116fb542b344a8c55e2658078bd3e0d3564b1e4c889b072dbc99d2b070dacbc4394dedbc22a4968a8cf9448e71f69ec71ded018c1bacc0e195b3b3072d32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
a7c9cbb249dc661cdb8c899029b4e41f

SHA1
5d1c97b6d5ab56f354c392801fd041965e45323e

SHA256
54b04ed0a6d64ef48c887c69724b7970bc1fceac7aa4430875a52532fb637345

SHA512
8f565f5b29747bc7ad4758f0f95d3bda92cf082dfb0c9c1aca8ec136cab28acbc40c4a54c39dc132f7e3eea4e59a8721e380182a64346c0b6c6b6c9d62bcdf5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
3699af0d7e71f94a96fa9f4e3b7c3627

SHA1
efcfdce27f4ddc307f39defd5d1b375d03e31001

SHA256
bc9cbe43834f500f7fe7d176bd3781fb21a8b84ce6e5192ca64ed09c9d9713b0

SHA512
95317a1f502726f9fa028aa71d3dac27d776045ba65e65511f25ce69aa19ffa56453e8524e455029aed2305cbe5a7c6c7c383827525239b6e310de9fcbcea9df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
aef522a3f2dd8632c829ad514fcfd2d9

SHA1
889d7f1ec56535b75f29b39db19a258a60fd87a8

SHA256
b5b9b09acec30a796b95186f9c09af1f8c9c60c8c1b96e5698928f2ec560b886

SHA512
1acd5c7543da5736f0569d8c2c3ad802c07df2ddfe8e135b0c7c847d6e3230c3b1bac7ceb28c1404eb177d16cecf3ed934e3e131d38620bcca3712c06db581cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d3dabee244685dc089420c6269ef38df

SHA1
5e717abe58f01d2f824654e855ec9cbcab5aa0e1

SHA256
162604813d0847c5ff313ddb9898d8dcafe6f7d848fa7cf6e44cceb5771d378c

SHA512
286892449c981ef3dc132dbdf9615dd347670574676f38592568cb7a9fd8cdd8499dde47af6fae12d68c1fa8f1e5a2f86795e49f95f0a2891ed7f68b2efcb04a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
c4ed619f9defa8afc8a913b14ef9b9eb

SHA1
82eba53c3b143de1016e5cb72a7cfb4d8a9d1c7f

SHA256
d3bb420f63f542be4df094f05923a5819442be60234496a451e11ac7dd9e39b2

SHA512
b86fe42725c975457c1fa6defb5602f80d6e3eb6ea0f88dd7f7f58785e12cca8c4b03a5856618a7bd4fdd319fc8bd1d5414fc5fb9ae9e5da3afaa6dae3e0ab1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d8ab63d76d33b113069368fb3fa996e1

SHA1
09385cef1697547dd51d585dcc95be34827d3318

SHA256
bfd28d83f9b30190bbc4c2ffb5c2e88310459c2c284355142086498b1918a6b3

SHA512
477e7ef580a7037f17489aca6db6784d1726b08c9299774353ca164add230a030a4dbf4c94b3f29966e51e3c3cdbd4e8e66dfc1de689d5a74e17c3ab08a9052f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
219d9ee8678786d9df4d8065e7a194fc

SHA1
e6687ea64b48c60c6223087f42b76c5d735c7fce

SHA256
5709655267a390f553d678979f559f7d5a731999cb6ee2962c28a0e6aebf0485

SHA512
711f0925f2b916c9ba6e04d18f9f19b345eac74464f643bec3a9a79a013b5f14caa1905e7e3ea7ca5daa3bbd67b514d4b763f940ea87c286a3d1eb192c2c1993

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
9052ad5129f57e88c4453c39767b7a92

SHA1
16a29784cba5bbff02313b2b66d47b3ac5e96b9f

SHA256
770c3d3c6a76cecbad77a192f407a875d28391fbfba214b664112f970a3a184b

SHA512
25e758ed3cebff06d1d3a0c13c8a045b27bc21cea8ed92f9bc693a30c2800599e23dddf8e48c2cfc1ff85ba2be48f60a8c907c99bcd1accec3770cf3211a030b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\b440dfe3-9e14-4b3f-a986-1f2fd6fb6243.tmp

Filesize
1KB

MD5
2079fd47a98a1f672438967734269490

SHA1
3d3abf5faefc2d4a4a4e75119b222e3c71b78483

SHA256
b375e197b947ffe143f46302a9c7a96b1a3867937b6090f997b7469ba31ba5d0

SHA512
6861232107144de596e3d3cbefdd702efd6651454c290bca7297fb1b40dd86de0ca67e38c6deea4b387048607e40de27529b4494ffccf8859abb0b667fead0a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a145b5b6a63a8713666b363803399e95

SHA1
7615a7d662e89fc5c5129798e2aaf62d78bfb675

SHA256
2d7421456a6618aa7080e667279518df95587c09724116c44fa70f66c86ca503

SHA512
a02a7bd63d9737a40cf8a8a4541763d6d272dd1ae11386eabae045a40128840954794e0a8627963fd0529df7b815f7049baba3ced404eb6c58dae86bb8c5b848

Download Submit