5a090a142012e80257220591fb7a99b759fa54283f8f11f1e125631597c83cd6

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
06-07-2024 15:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

28b6d425827baeab5675aecb317eb572_JaffaCakes118.html
Size

58KB
MD5

28b6d425827baeab5675aecb317eb572
SHA1

25c17e10f297b95b59fdb4e1fcf89bf4dfde93f0
SHA256

5a090a142012e80257220591fb7a99b759fa54283f8f11f1e125631597c83cd6
SHA512

ecde2f3fca2ab44c39c6ef6cb3cf7f288bf017e821558d92eb4a0c2ca0be912d33046d0e1e6e9fd9043f473571b72e73979304ee6f4a2c9a1412830a283de9a4
SSDEEP

1536:gQZBCCOdO0IxCERxAf8fQfOfeDfHfDfTfXsfyf+fTfWfafCfAfWYfLfbftfOfBfQ:gk2A0IxwUoW0fb7kKWreyKoeYDjFGZF2

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3224	msedge.exe
3224	msedge.exe
1804	msedge.exe
1804	msedge.exe
2716	identity_helper.exe
2716	identity_helper.exe
2216	msedge.exe
2216	msedge.exe
2216	msedge.exe
2216	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe
1804	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1804 wrote to memory of 1368	1804	msedge.exe	82
PID 1804 wrote to memory of 1368	1804	msedge.exe	82
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 4180	1804	msedge.exe	83
PID 1804 wrote to memory of 3224	1804	msedge.exe	84
PID 1804 wrote to memory of 3224	1804	msedge.exe	84
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85
PID 1804 wrote to memory of 2952	1804	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\28b6d425827baeab5675aecb317eb572_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8582b46f8,0x7ff8582b4708,0x7ff8582b4718
  2⤵
  PID:1368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:4180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8
  2⤵
  PID:2952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
  2⤵
  PID:2544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
  2⤵
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5952 /prefetch:8
  2⤵
  PID:2336
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5952 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
  2⤵
  PID:2800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4060 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
  2⤵
  PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,10584977120029039429,11446904908018923026,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3176 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2216

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3616

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a27d8876d0de41d0d8ddfdc4f6fd4b15

SHA1
11f126f8b8bb7b63217f3525c20080f9e969eff3

SHA256
d32983bba248ff7a82cc936342414b06686608013d84ec5c75614e06a9685cfe

SHA512
8298c2435729f5f34bba5b82f31777c07f830076dd7087f07aab4337e679251dc2cfe276aa89a0131755fe946f05e6061ef9080e0fbe120e6c88cf9f3265689c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f060e9a30a0dde4f5e3e80ae94cc7e8e

SHA1
3c0cc8c3a62c00d7210bb2c8f3748aec89009d17

SHA256
c0e69c9f7453ef905de11f65d69b66cf8a5a2d8e42b7f296fa8dfde5c25abc79

SHA512
af97b8775922a2689d391d75defff3afe92842b8ab0bba5ddaa66351f633da83f160522aa39f6c243cb5e8ea543000f06939318bc52cb535103afc6c33e16bc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
1a478bd437ae8a1ae792d91348888928

SHA1
b4077d805e6cec4322a3ad433344528b660b3dd5

SHA256
864d92e1acee43e44743642329d9d2c3bb940e524c2299f48c5a30c65bc0a90a

SHA512
c2f48e4cbf12bd0f4ef3b38d42801d85e76818e70d88f588de1bae34ee05ca7496ae2731f88e22776105cee727a4c82eacff7d0290d97b2df1f708918b0cdb31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
851bfaa0c8f50d4ab4d8bc1168614c35

SHA1
7dfbe2fa97cad62e3c0267811797b176a5169ea2

SHA256
3ee53cee1e0153d4b6653b3a5eab94628e9157e389ab36fb8698aae701484108

SHA512
13ef070515c85773a61b6ccb009897b0222ecb28a197a7b46c39d0cc0f1d56b6ab5beca98a9088ee344b7c64cafa62d61ac510b1d59fedd94cc1a34054c4b827

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
337611f71f2dc86cdcdf192a4a9a12bf

SHA1
378b0c2815e24005718f1c0c27d06691333a2902

SHA256
f95f14de9a14ba4075b550e9cf5fb8db4d599ff09e28b457d58f7dc766043598

SHA512
90b8eae0fcc40161855f3852bbe994fbf4426c9d5dd10217ee1e006e2358741fd6a77ef90ef30ad9219d9871f3fc6f4a76092ded07be8c2e4793d334c2e6d87c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
be59a7cd2099ae87099a50c8b247c338

SHA1
51fffecf32b46c6fceaccfeac7565055c94ec990

SHA256
db4080d5290b744281958828cda7104caec16028a8ca1b6b416213c75c1f94a4

SHA512
add04599723f9c7663ad37564073f5b8d1780326e2f4d862595737d1674e984d44d5e3fbcf3d3cc09f04789f7b96f4be564fe25b713a5e6f782a6af4dc2a4b41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
8c2842e903113315f4e7740f7397e53c

SHA1
f52fb0a1c0d5a406d0e479d2081b210569d3276f

SHA256
2f65c7227453603e9747f3a3ef349c4d387be65f50058879b2cc968f1ae73bf5

SHA512
d7a2a9e6cff87b2d17d53bb53eea514c9b7cbf0ff04096a5c89395054c083e4cc39c147a5fb0ed21578dc43cd75bdefefedac979d6ad03d0e2b6fd931f596bbf

Download Submit