940a34e365e6f33c742c28fbf24b852fb30d2f4063efe9eb2c6f3878dea602f7

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
08/07/2024, 16:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2d0d4cff7384988dcd8102b1c4f13802_JaffaCakes118.html
Size

12KB
MD5

2d0d4cff7384988dcd8102b1c4f13802
SHA1

657c864651e0c23e24eca554f073d78dde3a5b60
SHA256

940a34e365e6f33c742c28fbf24b852fb30d2f4063efe9eb2c6f3878dea602f7
SHA512

8d7c3dd70b0529cc9592fb4d5555bb97a18f76d366b3eed7dc8363ecbde3d51de6ad23e7aa6c9c1598a8c13d1e7fd06418a98ac0a657a77e0154ee4ac12437b7
SSDEEP

384:k16cndGPcF/0gT4WyA1tiozYX7t0z+OfpW6qygFdY8vyhM2V:Lc9LT4K+oMtw7fF8dqht

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3316	msedge.exe
3316	msedge.exe
4616	msedge.exe
4616	msedge.exe
2316	identity_helper.exe
2316	identity_helper.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4616 wrote to memory of 4812	4616	msedge.exe	82
PID 4616 wrote to memory of 4812	4616	msedge.exe	82
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 116	4616	msedge.exe	83
PID 4616 wrote to memory of 3316	4616	msedge.exe	84
PID 4616 wrote to memory of 3316	4616	msedge.exe	84
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85
PID 4616 wrote to memory of 436	4616	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2d0d4cff7384988dcd8102b1c4f13802_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9004a46f8,0x7ff9004a4708,0x7ff9004a4718
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
  2⤵
  PID:436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5864 /prefetch:8
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5864 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
  2⤵
  PID:2948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,6628933637461398879,9438630986513697124,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4656 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4512

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:664

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4144

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fbc957a83b42f65c351e04ce810c1c11

SHA1
78dcdf88beec5a9c112c145f239aefb1203d55ad

SHA256
7bb59b74f42792a15762a77ca69f52bf5cc4506261a67f78cd673a2d398e6128

SHA512
efad54eb0bd521c30bc4a96b9d4cb474c4ca42b4c108e08983a60c880817f61bc19d97538cc09a54b2db95ab9c8996f790672e19fb3851a5d93f174acdfac0ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5b6ff6669a863812dff3a9e76cb311e4

SHA1
355f7587ad1759634a95ae191b48b8dbaa2f1631

SHA256
c7fb7eea8bea4488bd4605df51aa560c0e1b11660e9228863eb4ad1be0a07906

SHA512
d153b1412fadda28c0582984e135b819ba330e01d3299bb4887062ffd6d3303da4f2c4b64a3de277773f4756da361e7bc5885c226ae2a5cfdd16ee60512e2e5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
d5ba6011014659fc16437f47a9a31643

SHA1
e0971535011306a2b4e38053a65455289e42a57f

SHA256
56dbc7260d524fabbdf8835534a23fd0decb7662c928ddbe2b06d52ca632d4ad

SHA512
d94ab5230d9cfef5bd1e67b13addde1b3bdd62ffda5ff9038545fb49e37866984b66e9209b02b7e5b93c854aa6e0bb4e62bbbaf903218deac895de59d3c4cf32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
30ee4332199373bd0fbb83cc4381d5f4

SHA1
217b5e0bad5fae6b517c6f0afb1677b4ccb69961

SHA256
67ef16bcc0a936db3d521654e7f1cfcb8a8d76d4bc6c43d333de38114c8793b0

SHA512
44776e5802666d79423d79afb58b82bc45932f5b0bb63da1a4b5bffd3e47c1e5910acb898cf533202576dabe03807645d55266c863073eeabbdcb502f6517bfb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ac8c6e07c2039d29ec6e764e10240e4d

SHA1
3cf7f8eb1313527137c2cfb75c70c3eedb318f2e

SHA256
a00ae9013f44e54f82db72640532debde20bee7c50c4201d16bdea222beb1f50

SHA512
977c14964eae8645bdc722536d42e5e3fcab17f128351c7ae3f63808ab976c4587db416fc155b2bf160bc2ace1df4b274446a4a2a657716b6b17ea3d080acb12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
06fa0fc80651233c0699b707caee6acd

SHA1
fd8838f8402d235f07d5a53e00a5ba417b1138f5

SHA256
3c34649314c964a971e91a06a110f1b6c7a0a3b1568560c5446175a105b5076f

SHA512
5fae69bd233f2251f91ceda6336a554669037bbdace087a46d23d799aeca7d37e2ce607f4cff1e7efd2baec36024a6518a1e399f8815b878bde4fc7bb253fd7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
cd267b2cfdf86fe53db124a839bd7ee9

SHA1
c0cd580c0efcff626950c66cd8fb3d6fd39b1387

SHA256
21a12c020d1e4071e87f553cb6a464710cffc32d7d428abfd8b405092c73b86c

SHA512
29a065881d836697d37dcc4b110aea054c9e0a8cbc15eaa255e0b8bd18f39cc5fcb250c33cf843574e8a4a6a4283e25479a4242fc0625b4a326be008fddf5c4e

Download Submit