b2a4d35d38fd1bba4486041b4356b2d428cc153cf2c245b96cb2dc088e39c487

Analysis

max time kernel
149s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
04/07/2024, 00:34

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

24079e57b07ef97c789259a00c132b11_JaffaCakes118.html
Size

80KB
MD5

24079e57b07ef97c789259a00c132b11
SHA1

f3c79f162d5e6ff15b1addb8632da1d85608b59f
SHA256

b2a4d35d38fd1bba4486041b4356b2d428cc153cf2c245b96cb2dc088e39c487
SHA512

acd17800f093106fa970992bc85f3999f5f01fd8ac4720b947ee7b9174474d9f81b3d665cf52e4abb6e31576674a19146be472d7bbe0ee995206f558e332fe91
SSDEEP

1536:EswCvxAuOjF5TdWdwNu+Zh+vJ275gGV+7+Zy7pwKYHc7KW9sl+E1419UK+qBEFN+:EsjvxAFBIA75gGVw+ZmpTY87KW9sl+Es

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3928	msedge.exe
3928	msedge.exe
3776	msedge.exe
3776	msedge.exe
4740	msedge.exe
4740	msedge.exe
4740	msedge.exe
4740	msedge.exe
2560	identity_helper.exe
2560	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3776 wrote to memory of 4472	3776	msedge.exe	87
PID 3776 wrote to memory of 4472	3776	msedge.exe	87
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 492	3776	msedge.exe	88
PID 3776 wrote to memory of 3928	3776	msedge.exe	89
PID 3776 wrote to memory of 3928	3776	msedge.exe	89
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90
PID 3776 wrote to memory of 2200	3776	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\24079e57b07ef97c789259a00c132b11_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff82b7446f8,0x7ff82b744708,0x7ff82b744718
  2⤵
  PID:4472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8
  2⤵
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:1188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
  2⤵
  PID:3816
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5844 /prefetch:8
  2⤵
  PID:3012
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5844 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
  2⤵
  PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
  2⤵
  PID:1156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,3946235066594609250,16549551349766371665,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3880 /prefetch:1
  2⤵
  PID:1600

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:896

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1692

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c5abc082d9d9307e797b7e89a2f755f4

SHA1
54c442690a8727f1d3453b6452198d3ec4ec13df

SHA256
a055d69c6aba59e97e632d118b7960a5fdfbe35cfdfaa0de14f194fc6f874716

SHA512
ad765cddbf89472988de5356db5e0ee254ca3475491c6034fba1897c373702ab7cfa4bd21662ab862eebb48a757c3eb86b1f8ed58629751f71863822a59cd26c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b4a74bc775caf3de7fc9cde3c30ce482

SHA1
c6ed3161390e5493f71182a6cb98d51c9063775d

SHA256
dfad4e020a946f85523604816a0a9781091ee4669c870db2cabab027f8b6f280

SHA512
55578e254444a645f455ea38480c9e02599ebf9522c32aca50ff37aad33976db30e663d35ebe31ff0ecafb4007362261716f756b3a0d67ac3937ca62ff10e25f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
8e4558650f2ad2c9a57947686d12b599

SHA1
af08ab7740b402f353b44852f152ba8ce242041b

SHA256
bdf9c0b7c8be506a53c8e3cc10289577d3fdb5e7701807373d459735355647fd

SHA512
2f0aec9beb6c75ca0968e05ef5574e6d196df482d34b6fe93b17ca28b81902608e92bbe85ac85fcf1d05eb6e8d86bc63e68f1c1029d1b1c9837f91b398ab294a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
379B

MD5
f25479b2be45ef14813350faf06ed8b1

SHA1
92f6f08415dd8b195f9167c03e58a3e3462dff82

SHA256
b69a606bb4f7ac2b982eae88e2ebc0228a8bf106c5dbd72501827ed040e9d961

SHA512
57c3470354a604771ef26afae7b02b16e341e1459fb99936dc210938569545b644f5f30a1d438726d76490354bd2231b4a0aa5be88d550f02aae6b8cfca93789

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
379B

MD5
301d41fcca0ae0d3ff2977e3630231a4

SHA1
5979a16178f3a9c7c88fffa75ccc87e5e7f56247

SHA256
2cb815bc6f106fead10166e287a7c78bf15252464d3a0f6a8beaa2ffa9af1d93

SHA512
f7f6b1b42c0dcf169e7341f517243d1f7dc4128d088a28328b887acfa4dca0afd1a15691f6d84279d4a294855b5ab7a3234dd0ca900b5aa29465ed0717af3013

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
85f978ce1c93813f387dc55e38f14577

SHA1
0090d50dab61bb7f0f90579918ac01c4b156c6c5

SHA256
680ea5696913ff4186976d15d55ba139435cc41eb8e42a9e7ad6d04a40c8260b

SHA512
2f642ff19a70b134ccd50162a4753eb227550d00ff96963c11edddf7e3a69d974fc43f7aa5df851fdafee5c90fba09d57036dd89e427a521f630eac6d133b2d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6ae621ba9874bd5843acd4c512d0514f

SHA1
4b44625dedb0808ece3693c8253f304451205b19

SHA256
7f98118925aedda5e6212428489cbea885ede84389ed677ff2516cd4288c78f0

SHA512
721e1da6c67a05f32065c4c298a3394e30bf08263ca718756afd8566199af0fa9cc7f56cd6c2edc905e646a0bc831354950d5f2e88da47318c7967ad133ccd24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4c685a3e31e34ccafd1196bf72287f49

SHA1
7e0c89c12096dae2d4063777d62b271a477d14a9

SHA256
91d5aef0358dd5a57a9789b2a714bad6d2f869f0273ce89c819417b3d0dc808d

SHA512
754a9784053fea1c105308bacae41e7bbf7552ff7e1ef4db07c3bbfa4ca150b766ae72e54c942ec03ec0e4d156abdeb449c7c489a58b4b8fe112115648cffbe3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
d7a5b58ad616830c60a9bb7fa92f3b30

SHA1
5d661105a8987b874ac908a4b87cd73bbe63e9d9

SHA256
fa9695a71d8bedc305f886e996970cde59c18c7d94b077764df09b91e670184f

SHA512
511fa4d9e4f6775f3d10d086a02733967fc781ac1188320af2af1a9306f90d7a2e3766d03cbf35ab07764da93534da064c29e424d01b7faa7e23e0e3751b77c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59862e.TMP

Filesize
204B

MD5
6ba4b22e4af45f359347b93b396a13a6

SHA1
e0c453ca6e6594b0ad073c3a97126cac3c7fe008

SHA256
99f3a2bf6bb90b35dbc0dd607a043342b5847388df054ab8a03f72821579d307

SHA512
1c429fc529346f613b8c354281897b7cbd1109a0815c09591763180cf3fc2b10079eef27f5cc07c3d9547457f7a8c7f18b3c6db94391d620a8a5290e537aba10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b37af062a325b0791c3b55c92dbb7b5f

SHA1
f48136e25db0cc65967541f2324b7d8e2b2ae61e

SHA256
35a202adde1aacbcabd975184235f6c49baf4da65578c46a78ac046e6e753c75

SHA512
fdf290f5ccf1fe55284db7d11714626421c155e99ea45ee46a74f61918c3df2e7ee31efd7ee7a3ef397c412b4cd1bc0cc6a76a173c587117f1f036873cca387d

Download Submit