c9d25837f3a38bb436d5a711d06750ba9c57bc97664a5b1e3664c9c27e2925b5

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
11/07/2024, 20:39

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

3aa2bd535cf5bcdad11b6bf29d09949d_JaffaCakes118.html
Size

56KB
MD5

3aa2bd535cf5bcdad11b6bf29d09949d
SHA1

76926316915f068bd3cbcca2aaa7c5b16c5ada7f
SHA256

c9d25837f3a38bb436d5a711d06750ba9c57bc97664a5b1e3664c9c27e2925b5
SHA512

e439d5d9e732a83626ae84aa48c817565b476c64e42986074561269de6888fee6f48da071be42328d9be5fc682ab822e777cada011d620067e26824461c1d8b2
SSDEEP

1536:gQZBCCOdXDyKmn1PTfzrtqrwjKerM1frHC0IxCy2V3oQr0VV9Uf7CqXrwJgyR59Z:gk2pDyKmn1PTfzrtqrwjKerM1frHC0I3

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4768	msedge.exe
4768	msedge.exe
3944	msedge.exe
3944	msedge.exe
1472	identity_helper.exe
1472	identity_helper.exe
2016	msedge.exe
2016	msedge.exe
2016	msedge.exe
2016	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3944 wrote to memory of 2396	3944	msedge.exe	85
PID 3944 wrote to memory of 2396	3944	msedge.exe	85
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 3388	3944	msedge.exe	87
PID 3944 wrote to memory of 4768	3944	msedge.exe	88
PID 3944 wrote to memory of 4768	3944	msedge.exe	88
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89
PID 3944 wrote to memory of 4572	3944	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3aa2bd535cf5bcdad11b6bf29d09949d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcd0d146f8,0x7ffcd0d14708,0x7ffcd0d14718
  2⤵
  PID:2396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2020 /prefetch:2
  2⤵
  PID:3388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2568 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
  2⤵
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:4492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:2568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4224 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
  2⤵
  PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2812 /prefetch:1
  2⤵
  PID:2820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
  2⤵
  PID:2544
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5968 /prefetch:8
  2⤵
  PID:2752
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5968 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:5108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6252 /prefetch:1
  2⤵
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,9479100262833856324,3774713772379305083,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2016

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2412

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4416

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1f9d180c0bcf71b48e7bc8302f85c28f

SHA1
ade94a8e51c446383dc0a45edf5aad5fa20edf3c

SHA256
a17d56c41d524453a78e3f06e0d0b0081e79d090a4b75d0b693ddbc39f6f7fdc

SHA512
282863df0e51288049587886ed37ad1cf5b6bfeed86454ea3b9f2bb7f0a1c591f3540c62712ebfcd6f1095e1977446dd5b13b904bb52b6d5c910a1efc208c785

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
60ead4145eb78b972baf6c6270ae6d72

SHA1
e71f4507bea5b518d9ee9fb2d523c5a11adea842

SHA256
b9e99e7387a915275e8fe4ac0b0c0cd330b4632814d5c9c446beb2755f1309a7

SHA512
8cdbafd2783048f5f54f22e13f6ef890936d5b986b0bb3fa86d2420a5bfecf7bedc56f46e6d5f126eae79f492315843c134c441084b912296e269f384a73ccde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7adda48c-5f6a-4b91-96c7-ef12d561bead.tmp

Filesize
6KB

MD5
fc9741b094a3afad46d4a823faba35d6

SHA1
2df11c9838f0bd22e0e873cb3d00d57e34fe0d79

SHA256
0aba786bbade0ba63d1337e0c34c7fed1e3854b7ffd2f08aa28973ce86b36218

SHA512
066d74dc1fb1a7b2a2428ea6bd2996a401fcf0b9e77a3bf35112b97817c06e10eff8340b477b641c71f1a5042200352fa4ef2691a243056df577ef29e6a2683b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
c2b5d373cacede16c6dfd19150a27926

SHA1
41af92ea589bff84f9e123a1f9d25762ea13bc6d

SHA256
a79a430f23a346669d5624a1d10fbd15f16efeb61c432d502c6e535b66ee0994

SHA512
8a00c0abc068bfbddc780fa6898a7d08111e0a2fedfd5767e851ae57c87b14b398b36f5909d8fc89ac0252b84ac58b54643257f6c4c5d81756337d653e7f4e97

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e024a555b9a70e50dd9cac7567389d20

SHA1
0dc9c56f38b9631f02e06e7f2019250012bd101b

SHA256
3d615f978a6c95e1325065fa933463e233c02a7968d2eeb7d16cbed65f9e4e0e

SHA512
f4ba7b12fbfab4ce3c3cf64d6c6f685b5bf554a3a07e08d1c23d6802e9644e86682bd66032154ec4e8c2ac0e9f15ba0705973dcb87a4523896e51a91e8cf3511

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f3656cf549832cbacd496bd9940ece26

SHA1
ded23c46a38eca81f678b7557ffba411c38dbc9c

SHA256
317b9b13d741c4dfe594eb075d692dde942e037996c9230a56d23826c78705bb

SHA512
658875257ffe59645463594e2b3d84c50412544010f32ec533ff89ad38953ff14bc32c9c22f432fbd7ac9829b3b1ca16103842dc69d324171c8d6343f4a8f293

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ac03afa72fa2e73ec7ba0e05e954eaa9

SHA1
f0f2c5bfae3db0805939311a89018fe9f829cb92

SHA256
f171dba9e32003b33ecdee70dfcf1ed13ed3e240f4b705583ce70aa6955fad70

SHA512
750afd747eaf697fc01e97bff0b793be12a5e23495b7c977eb459bbf40fd4e81d92b61c18106d722ec2deb180fc214f68447b90dff23d1501703e190b52e9bed

Download Submit