13cddb11a9570a2db5e1b6d09398bfe69ab3f21eb0d2ae91619fe3e01b1097cc

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
12/07/2024, 12:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3d63ed7e809342b4cb11774cc29f7cfd_JaffaCakes118.html
Size

57KB
MD5

3d63ed7e809342b4cb11774cc29f7cfd
SHA1

56973dffbc7c60c74259e8f1b112eaf7423f4868
SHA256

13cddb11a9570a2db5e1b6d09398bfe69ab3f21eb0d2ae91619fe3e01b1097cc
SHA512

9fce92224500cf643e803cbe7f10b6a9105e06a687e33409105a78aac6cfaeb5d053d29b66af15aa3d69818d9cb1d4453928ad2dfbbe7403cb7c07c015df1749
SSDEEP

1536:ijEQvK8OPHdsA1o2vgyHJv0owbd6zKD6CDK2RVroxZwpDK2RVy:ijnOPHdsR2vgyHJutDK2RVroxZwpDK2m

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4324	msedge.exe
4324	msedge.exe
3248	msedge.exe
3248	msedge.exe
4248	identity_helper.exe
4248	identity_helper.exe
2520	msedge.exe
2520	msedge.exe
2520	msedge.exe
2520	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3248 wrote to memory of 1128	3248	msedge.exe	83
PID 3248 wrote to memory of 1128	3248	msedge.exe	83
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 2572	3248	msedge.exe	85
PID 3248 wrote to memory of 4324	3248	msedge.exe	86
PID 3248 wrote to memory of 4324	3248	msedge.exe	86
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87
PID 3248 wrote to memory of 3412	3248	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3d63ed7e809342b4cb11774cc29f7cfd_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdccaf46f8,0x7ffdccaf4708,0x7ffdccaf4718
  2⤵
  PID:1128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:2572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2956 /prefetch:8
  2⤵
  PID:3412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:2052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:1560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4172 /prefetch:1
  2⤵
  PID:1848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:3676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6128 /prefetch:8
  2⤵
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6128 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2372 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,8068255167390416897,1326084374596343908,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2264 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2520

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:244

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:456

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d406f3135e11b0a0829109c1090a41dc

SHA1
810f00e803c17274f9af074fc6c47849ad6e873e

SHA256
91f57909a10174b06c862089a9c1f3b3aeafea74a70ee1942ce11bb80d9eace4

SHA512
2b9f0f94b1e8a1b62ab38af8df2add0ec9e4c6dfa94d9c84cc24fe86d2d57d4fc0d9ec8a9775cf42a859ddfd130260128185a0e2588992bca8fd4ebf5ee6d409

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7f37f119665df6beaa925337bbff0e84

SHA1
c2601d11f8aa77e12ab3508479cbf20c27cbd865

SHA256
1073dbff3ec315ac85361c35c8ba791cc4198149b097c7b287dda1d791925027

SHA512
8e180e41dd27c51e81788564b19b8ff411028890da506fbf767d394b1e73ec53e046c8d07235b2ec7c1c593c976bbf74ed9b7d442d68b526a0a77a9b5b0ab817

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
0d910c316fc9c39da75b8f017f5a44ee

SHA1
351f7e4e700d6492f14476ba283267689220ef7b

SHA256
a395908c44e0e20e036971ebafdfc2278ae40666a10d60cb02636190fab07133

SHA512
e86300c0dda5d12a60e26e4873623e75214c51bf08934fbdc7c3b91226ec4772ee62e2dc54a140d4cff5132c2a840565ce150494f14984e15dc8e0d370eb2758

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
ead54be06bc71ba7fff46fe28d9f0274

SHA1
45097c4ee7bf06d5ad1b92381aaf122e16babe0e

SHA256
64e982a2cd1701ea97330470d3313fea1e50bd51d306649b53b9f0b0f34ed9a1

SHA512
47b62f2ca42a538b1884c78ea4d28e0a2f81dd37d741743189c735bea92daefe57ce48ae435bc3f9693a6b6b5b60bfef77220a696218e336f0b09b173767f952

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7dc2fca2ba161b49a2d76fd8675050b2

SHA1
f3b02d39d56f23ed4d04fa6d8fd20fb8cb5bb65b

SHA256
0fa4afbee09febca31cf8a1df1d54976134c68bd50c8723f0842ed01990983d5

SHA512
24f33a74da1794f952a431fa38ce066453bf9911ff513c171890b066135e4e9eb9210a9a77e72fbe44d60b1085040ac32c37cd554b4b85ed660d92b510889b2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
89e04fd75c613400a892faa1123016a8

SHA1
4100d45e4f32c677f16e386be3bd8949e85364b9

SHA256
3b96da1360afc35f422b40fa30a6d7397ad047728c501ea63778d61094b44c4d

SHA512
c870423ff09f905f708539cb2d27571948bcc25e7be25570907a2ef81c7c4c3a2ac65c59072d9d512353a6b6c8dec01aab45218b9dfa2ecb22f32b05e836c198

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
cb3f3d043753bfe2114c24dd501e27f9

SHA1
6683830969068503630455a2293d2857bd79665f

SHA256
8fdfe427e21aff1b0eaba37d8fad174105edd41df6e045b2852a12b97cc596e3

SHA512
3500a35cbb8a4bf75aef65cf8ad8602b025311748d834493ee4b95f6d4aeb5e9667630457741153b2591bf230200c59386bf676369cca5af9526953f6153cdae

Download Submit