0191c41a06ea749f07e85a5082bbf5a55f2a47cd98f85c4acf99406c78fcc6bf

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
27/06/2024, 10:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

15971011a9a88e679104ae737ec58441_JaffaCakes118.html
Size

60KB
MD5

15971011a9a88e679104ae737ec58441
SHA1

00e8839eedd0c7c183179a43fc59b00d287de1a4
SHA256

0191c41a06ea749f07e85a5082bbf5a55f2a47cd98f85c4acf99406c78fcc6bf
SHA512

7af32ca28022724997b0513f8c1728613a95966008a14210484c02340b3a598e45f14a38e4b6b0971c6fdb7e290f678046aa91b08a93a923dde2d8616a79bf59
SSDEEP

768:jF6PdtsSJPMpjFgG48YyJsHp4og13f6565NYsoXUOzeXIEhp6QYxe/Z+smnPehu1:JWzMpjF2XyJy/2Vqeh+PmeD+HNAhLtPR

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2280	msedge.exe
2280	msedge.exe
2232	msedge.exe
2232	msedge.exe
4340	identity_helper.exe
4340	identity_helper.exe
648	msedge.exe
648	msedge.exe
648	msedge.exe
648	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe
2232	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2232 wrote to memory of 4856	2232	msedge.exe	82
PID 2232 wrote to memory of 4856	2232	msedge.exe	82
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2920	2232	msedge.exe	85
PID 2232 wrote to memory of 2280	2232	msedge.exe	86
PID 2232 wrote to memory of 2280	2232	msedge.exe	86
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87
PID 2232 wrote to memory of 1008	2232	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\15971011a9a88e679104ae737ec58441_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeea1f46f8,0x7ffeea1f4708,0x7ffeea1f4718
  2⤵
  PID:4856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
  2⤵
  PID:2920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
  2⤵
  PID:1008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:4068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2000 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1292 /prefetch:1
  2⤵
  PID:1312
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6496 /prefetch:8
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6496 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
  2⤵
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,3060373036561564052,13368494547443656829,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5540 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:648

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:812

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4300

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
81e892ca5c5683efdf9135fe0f2adb15

SHA1
39159b30226d98a465ece1da28dc87088b20ecad

SHA256
830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17

SHA512
c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56067634f68231081c4bd5bdbfcc202f

SHA1
5582776da6ffc75bb0973840fc3d15598bc09eb1

SHA256
8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4

SHA512
c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
21KB

MD5
ff707dbea4d040f3d79c697ba0daf3f9

SHA1
bd1a0f4af57137c44f8cd57896ec47a7028e1418

SHA256
15ba736f7df870aed03896ec1d459b8413bf06e76620633042529d1edaa8cbe5

SHA512
2eb4ab6877cbe224aaeaa6ba84471134ceb7a6066a59150e5fb60d4e58a60753e3334f803338e831e2ad12c361f9f593bc0f1c38b7777f5601d961929647e48a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
45KB

MD5
94019c00785285cd78d6da8a1bdeaf80

SHA1
33ba11bbe8c91eca17a84c3dcae4667638a61b57

SHA256
2ea5a487d117c082ab04c8b2d979adc04c18f496af90ef2caf9910d9902ef8a9

SHA512
b58d23d9333290e203ee3191cbcca4686ae1f9b4c135ee8a8e0f014e7db4efdcffe6aa82b502b2d8e63bde705895a04726d799a4c6b0e22783b6925b4d297d70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
6d77b764d71c7d8af29b55626e3d9a9d

SHA1
0da6eaad835647ba9a5e9f4a5cc5b36d3df08b74

SHA256
ae771d130075b08056cae9a24b8d178c09e0c524c05c983809847c8b453a32f7

SHA512
4dcd47e0059135cf355a8619133c5bca73a4410d7216177f6267b076b0e63d700b2a48273bde32165db56b8198fe3c71f9e302739f6aba29f41756538191fef6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
cbbf090328ada6015966e78054bd3b1a

SHA1
8652db2ccfa7947933bad85919ff434f3f924d72

SHA256
72670a466c666d13b19f692dc05d97590e27c41edcd91971d143b23eed9eab45

SHA512
4be098be06767e2938eea0247c5221a024299053a03f4eff9ba4f3914ef5b8bcdc9b50827b7a5db60758d00ab1999e03b35c5667bff813337f1c7d5b0f2b8089

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
edc7f364c69717edf23b1848c66046ed

SHA1
e2a03c924e48567b7d5739e12ff7aaea9e41e221

SHA256
8682cd7db47cc2329eb3b46c671c32d3411bd550ab0dbabc7099dbbdd433d19c

SHA512
36d2aabec3da5788e8f5bf0d71e80105d66d3977bcb160420f387061ed72e7fc268b7a0d181455d54dad7ec032df756f77dddc22d440e75c53ec07d9e3fb159b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
13156a8ecc9754f994ddd35f11d63b03

SHA1
4b6b6a93c054da2a946ba76522456d86ee5b3e09

SHA256
f53cb52ff25cb40943b660ea45165e86b8856e9d0e540cd52c0c07c6fff3d984

SHA512
faf39e2ce1546b1b9dde4510356687f387ef177adf0a3c60f578b16488bab9d0c6f453d6d7328ee9472ce808371c75004bc98e4f114c07db6b1fbb5f41e00a43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
25b69463b20c3df71261783de6358cda

SHA1
222548ede8961cdf531bbcd07b0ae773d989cb98

SHA256
02bd2a56a3a5ef038ef449f5357308d5621e9d396f56434af37a2536ccf996c3

SHA512
709c02d760d8fbc17d1c3a62c53d90b25fb6aa60638e193016f9f364de664063e276c597c8458463fd6e9a7dc954193f00f9caccd2ecfc5fab020feee2a28898

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
04fd90a3926bafa4aeb86e86cade9328

SHA1
9b7defb4260d84d4114688c8dc9febf446811517

SHA256
2e7994fc9c752f2021cc3ed3d3974d4d3098f143e05f737f912cbc10bfadc9ad

SHA512
fd8f26f091ea6e79d5ac39e4a46b7fde6101b9793bfa19dc863354ab2fa498e0560e5e2e78042f61b15de39d70766655ad254b256c636e2c0603f9fd99aa7600

Download Submit