6258331f15d73c27801976c69480f2396fe1f7c0bc388238a0742d57e7ae149d

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
27/06/2024, 16:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

16a8313490aaaac5be9f0bbcaa5ca3e3_JaffaCakes118.html
Size

61KB
MD5

16a8313490aaaac5be9f0bbcaa5ca3e3
SHA1

428df0b61bf0ddccdfe04432c356daae7a8cb164
SHA256

6258331f15d73c27801976c69480f2396fe1f7c0bc388238a0742d57e7ae149d
SHA512

746df4e9d9510a376314a4b9ee2ed01cb8229dc153a1836b534fc7f5c33de3bfa55ecc14fee7f5642707918956044f574033134f6d77e4673fd40d399817754c
SSDEEP

1536:L/+lApJM/gMTb4v4ChUgVKxSREBk1m61fOp9n1Bw:L/+lApJM/gMTb4v4ChUgVKxSKBk1m61t

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3296	msedge.exe
3296	msedge.exe
4664	msedge.exe
4664	msedge.exe
3068	identity_helper.exe
3068	identity_helper.exe
4496	msedge.exe
4496	msedge.exe
4496	msedge.exe
4496	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe
4664	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4664 wrote to memory of 4556	4664	msedge.exe	83
PID 4664 wrote to memory of 4556	4664	msedge.exe	83
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 2396	4664	msedge.exe	86
PID 4664 wrote to memory of 3296	4664	msedge.exe	87
PID 4664 wrote to memory of 3296	4664	msedge.exe	87
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88
PID 4664 wrote to memory of 3612	4664	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\16a8313490aaaac5be9f0bbcaa5ca3e3_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd894146f8,0x7ffd89414708,0x7ffd89414718
  2⤵
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
  2⤵
  PID:2396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2644 /prefetch:8
  2⤵
  PID:3612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:3348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:3980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8
  2⤵
  PID:1120
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
  2⤵
  PID:2212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:2288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4272 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,4504349233052624760,18160025726052673526,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4496

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2332

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1568

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
257c0005d0c4d0bb282cb470925e4376

SHA1
f9b8efb511ed64292568977c9f2ec255509e8f7d

SHA256
8185c36aaacfc71e42f94fad8e198fe7fb2d868398ceabb89261cae94341cb22

SHA512
2f3e8f352ed3ef88e8c28650390f93f98c92174d268330b886f3ebd1ba0163999051298ee12a054606b4986005452a241c6864cd292e69492d79c37d500556f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4819fbc4513c82d92618f50a379ee232

SHA1
ab618827ff269655283bf771fc957c8798ab51ee

SHA256
05e479e8ec96b7505e01e5ec757ccfe35cb73cd46b27ff4746dce90d43d9237c

SHA512
bc24fb972d04b55505101300e268f91b11e5833f1a18e925b5ded7e758b5e3e08bee1aa8f3a0b65514d6df981d0cbfa8798344db7f2a3675307df8de12ae475b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
b1fea6d7c56bcbd34aad280c5455cfd0

SHA1
e9742b85f7d527a263f01ca87eed28c8fb024c3c

SHA256
3f0dc6e19440e6f970738668dcb6abda55f981ac666fc259de7db657038a94f1

SHA512
dfd91c5e6d92a1764637b365202cd1a6a98d3530f3b206cc1a095f7946daaddae61943cd3a768ad71d57cf2611132ac523a3c92c9478979c4285ac621db9cbdb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
a6c1534b0fff13e6331a6e517e0aa14b

SHA1
54cbb597a4ca3d4ffc8d386326d4ff554963c220

SHA256
61b08f4aecd956d98df90dd0409c73bfa8ff68807a23769abe11dc727d5140d7

SHA512
09fa2054227dd8a8d1668967cf02f397543b01d45ee5918d10f499e20b907243fdddce7c28b478dc8884bc8ab8e22d2b782780379e8e5e1d7517af76040ea233

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e837a4f7d413903390d87b8aa8e4ae8a

SHA1
c3ccd4919a612161f70c522b5c00187a9d51f64e

SHA256
6a0df1fe7d72513037eefd550cdfea31e8838994c6847c174cb6b81b283e276a

SHA512
6a2f60dc1821f26b93f18b4a095353da2b6ccb8f985ff3ecbb6d90d172902f4e3102dc2020592398dc7f11b2a13fe8085c69b98f9ffaae35c951ddd1e2eb101f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a0002bf3c8804e0d81eb659d824b9045

SHA1
bc6cae1b89b547ab8132d6e4d6a4d889516d095d

SHA256
74be77a601e5e33996a8ac9f095ed35afe74d6bba8b0af219ed5a4ec4178c8f2

SHA512
07098438a618ed6abcc17d8397d84739e7c0a6ec6eef7fef120fa468f3d498690ee154eaf190748c031ae6fcd5efa9e6f529dc605a15966927efac6efb5b523a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
52abeca360a3e0af5204ad37f39ade9a

SHA1
5f6a48548ed74a34d590916d799d04cef095418c

SHA256
bc64332ec49463e3870b56801e7cf4473f73b72357b4b65562349f24fd2ad3dc

SHA512
30fe47c5d6d351142b52b37163b9467720eeca0e7d87b4a7eaadbb67c0da5b86cd4bf71a8478f98c2b8a74d7cad45b4aa47e4069cbf13e3fc458b18c0e1c6fe2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
95cd1581c30a5c26f698a8210bcab430

SHA1
5e8e551a47dd682ec51a7d6808fe8e0f2af39e86

SHA256
d58162c5ae5e18fc06604c285e024c01686093d70994dc93b4ae9d85b4c3f7b9

SHA512
e49403df10177053634c431203a91d26df5dfb23cbbb88847459ecdf4b6107040d0944a3e84ee6bb26cb4e8017a35c8c31b658387cd1b6938ba4cb9f59606ece

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
da7d38e3859e9fb1498f99601fb83a67

SHA1
8d1e483bceffa09e63207b2a403a239610dd7fa3

SHA256
7b235648a6dc380785ef421e3b18b485eeba50474d7d300c6c2e62fbce91b48c

SHA512
b278ea03b18e782c6c3eb78c34413444aea8eda579fd5fd05cd0c098e2f8539eeac868ca6d969338edbe371cfa69c6be029c61038e33db0fa583e9cf36a15e86

Download Submit