901fb87690da6c3685a6039404eeb70b3e5e53091136fb394d5fd19c1d835315

Analysis

max time kernel
145s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
11-07-2024 03:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

379effc1f6dc9fab7f2b293703c2e546_JaffaCakes118.html
Size

19KB
MD5

379effc1f6dc9fab7f2b293703c2e546
SHA1

81297ca17f5c5d29e98bdcef859ac614273f47f4
SHA256

901fb87690da6c3685a6039404eeb70b3e5e53091136fb394d5fd19c1d835315
SHA512

47dbcae779db793d282ca5b745fc19112e8bb6f6391ef9f47eb2b5f2f4101435108e09890b8b884832c7de658e5addd6640aad12e215ab4669ee7ab35022a369
SSDEEP

384:HtcO+7LqAgeVkDR6MyFyrKMdcDvVzlyIXKq2V:NcOWWAr8R6MyFyrKMuDJp63

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2324	msedge.exe
2324	msedge.exe
3492	msedge.exe
3492	msedge.exe
3344	identity_helper.exe
3344	identity_helper.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe
2616	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3492 wrote to memory of 5116	3492	msedge.exe	83
PID 3492 wrote to memory of 5116	3492	msedge.exe	83
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 3768	3492	msedge.exe	85
PID 3492 wrote to memory of 2324	3492	msedge.exe	86
PID 3492 wrote to memory of 2324	3492	msedge.exe	86
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87
PID 3492 wrote to memory of 2320	3492	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\379effc1f6dc9fab7f2b293703c2e546_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb47cb46f8,0x7ffb47cb4708,0x7ffb47cb4718
  2⤵
  PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2256 /prefetch:2
  2⤵
  PID:3768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8
  2⤵
  PID:2320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
  2⤵
  PID:1760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3836 /prefetch:1
  2⤵
  PID:4072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1
  2⤵
  PID:3476
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6048 /prefetch:8
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6048 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
  2⤵
  PID:2544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
  2⤵
  PID:5048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2244,2967744164151695230,6014897555988866947,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5180 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2616

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3344

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3536

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1f9d180c0bcf71b48e7bc8302f85c28f

SHA1
ade94a8e51c446383dc0a45edf5aad5fa20edf3c

SHA256
a17d56c41d524453a78e3f06e0d0b0081e79d090a4b75d0b693ddbc39f6f7fdc

SHA512
282863df0e51288049587886ed37ad1cf5b6bfeed86454ea3b9f2bb7f0a1c591f3540c62712ebfcd6f1095e1977446dd5b13b904bb52b6d5c910a1efc208c785

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
60ead4145eb78b972baf6c6270ae6d72

SHA1
e71f4507bea5b518d9ee9fb2d523c5a11adea842

SHA256
b9e99e7387a915275e8fe4ac0b0c0cd330b4632814d5c9c446beb2755f1309a7

SHA512
8cdbafd2783048f5f54f22e13f6ef890936d5b986b0bb3fa86d2420a5bfecf7bedc56f46e6d5f126eae79f492315843c134c441084b912296e269f384a73ccde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
acb74c97b4a7e93857e27b413322aa82

SHA1
55722eccbeb6129010b883ef822396a81c513d76

SHA256
22375203789a1d8e892436ce8771ae0486b1f42e2c9203ee45d6809316038da3

SHA512
86d947db06596ae6e71a7ba55f31de1b425cd9f5a29b4cc4263a65893d20e0c750f067fc8508c595d98d6c287bec5507166af42062aa00be239c6e71e4046156

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
582e035b88307f3127f552933cdada70

SHA1
1232a7c4c1bd997d0f553c7aa40ecd9c5edd10be

SHA256
c489d3d342951270960760c5ed9f5c54ce708f149f0c9d4623f39ad4d3083a4e

SHA512
e75412f6e9d105caebb235b40f8cd8f6bcd735dae7324379e2934f976302fcf68ea8eb468fddd5b6b83d4d37aa25faf399ba0554f0ce1d21bc322752f009a8a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e2e0f8828387732ede1b08fb69d4eb51

SHA1
62c5a08ac464c950046d895d2f068abb02846928

SHA256
b3f3d103faa9ca01e85bc0012804bfeb796990cb6f736f21cdc7fb02fbac89bf

SHA512
2d2d8ca87b5e6272dbd1b2d1fdc965b9c78430876af854c179323fa7dabac6e0fecb380c7687a9d3e01992e156ad8f21f46b17708a886d15c631f6213506a126

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8fe0ab2a1334c7de0ddeafe6ca2e6461

SHA1
aef400807a3869a5b7374b338c211c65b0e0fd11

SHA256
60d3974e2a58210b2a2273964427f60e853b32063f4318c177bc43a7c15741ef

SHA512
13b335827a1322cb01097f98858c45f251db279e128123f487513e3b304172415561596a31f9a4cdfe422b1e549565a43d8e5569465eb57b5858cbceadd307b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
65fc9493fd140775cab8c14618a55e62

SHA1
568dba4ff41e6254f680f1fd25f686d24ea422ca

SHA256
9842a318ede1560c6d0474a2273d086bbc03208c679cb301a7bb46e9a09b673c

SHA512
f7509dd2439573498ec90fa07a2f1603caa9ce91f95c1dc2d27e153b16444462a66de2df9b23b2327f937198e3839e101073691c2ce4b449539ed384956bc7d1

Download Submit