c0bf09a3e27c1c5b7db738e3118a00e839209054965ee09e5a3a1c7f3d9a1440

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
12/07/2024, 19:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3ea97f4f511fc39ba9be4c549b8baff8_JaffaCakes118.html
Size

16KB
MD5

3ea97f4f511fc39ba9be4c549b8baff8
SHA1

791ae6329d00293d2e67b632b6c156e44c58921d
SHA256

c0bf09a3e27c1c5b7db738e3118a00e839209054965ee09e5a3a1c7f3d9a1440
SHA512

810f9e2eea509f3198c75ec0640f5c8961c18bd4fc714766a664537e4720a5cf8ba49f88699e4ce6cd2840ccdc3c85019b1351e27f259a98ad387b34129f0dd0
SSDEEP

384:PCceG25SbwerSaHbHzutUaXiCzfx4082V:qcej50PHgNT6G

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2208	msedge.exe
2208	msedge.exe
3836	msedge.exe
3836	msedge.exe
1944	identity_helper.exe
1944	identity_helper.exe
1088	msedge.exe
1088	msedge.exe
1088	msedge.exe
1088	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe
3836	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3836 wrote to memory of 4248	3836	msedge.exe	83
PID 3836 wrote to memory of 4248	3836	msedge.exe	83
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 1860	3836	msedge.exe	85
PID 3836 wrote to memory of 2208	3836	msedge.exe	86
PID 3836 wrote to memory of 2208	3836	msedge.exe	86
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87
PID 3836 wrote to memory of 4848	3836	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3ea97f4f511fc39ba9be4c549b8baff8_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb696a46f8,0x7ffb696a4708,0x7ffb696a4718
  2⤵
  PID:4248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
  2⤵
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:3868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1
  2⤵
  PID:2220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5872 /prefetch:8
  2⤵
  PID:1088
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5872 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
  2⤵
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
  2⤵
  PID:4040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
  2⤵
  PID:4804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,1689852790010130850,16111300487814104013,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1048 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1088

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2532

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3156

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1f9d180c0bcf71b48e7bc8302f85c28f

SHA1
ade94a8e51c446383dc0a45edf5aad5fa20edf3c

SHA256
a17d56c41d524453a78e3f06e0d0b0081e79d090a4b75d0b693ddbc39f6f7fdc

SHA512
282863df0e51288049587886ed37ad1cf5b6bfeed86454ea3b9f2bb7f0a1c591f3540c62712ebfcd6f1095e1977446dd5b13b904bb52b6d5c910a1efc208c785

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
60ead4145eb78b972baf6c6270ae6d72

SHA1
e71f4507bea5b518d9ee9fb2d523c5a11adea842

SHA256
b9e99e7387a915275e8fe4ac0b0c0cd330b4632814d5c9c446beb2755f1309a7

SHA512
8cdbafd2783048f5f54f22e13f6ef890936d5b986b0bb3fa86d2420a5bfecf7bedc56f46e6d5f126eae79f492315843c134c441084b912296e269f384a73ccde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
56cebdb327657faa704fb9b93fdb9563

SHA1
3f3cb1a47ca7f5923093ec8172fdd6bc91563eca

SHA256
de58447910f7b6787bcc8f2ebe7e7e7feb7945ccd0a6caf1e9166c2efae899c4

SHA512
a5033b1c8d0512d89405abef33a93b9dade879ba9af1662f117e1daa92b8440065a0432dde9cb6c906095159532ce1b526c0636998f11f1d28b5a701e0f3845e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
9baf83b67b4c4c7dfd186433b7f103fd

SHA1
d1ea93236853bedb97a4cc05eab4cebe7f92ba1b

SHA256
ef9076ab4dd734fb871338f39e371fb3aca50a3c401b1abd2ed95c628dc3b94e

SHA512
285d659d1d190118187ae036a96a24ea82878b764aef181d1bc1174633fa50cdb4b80912a18f287c2cfda2dc6ca3d80db84e3743e37233e22dfc090cb9732256

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1629c4548248b96ee0f926156305bd0b

SHA1
83fe29d76688cae84ced631b02ddee809852deb0

SHA256
eef3b0f73711b0e3e4e6049be9f02af6d1ed1724f3dcf095054b7612edddcbe1

SHA512
8c0ec2e45db309435394ffa15baedd09afa3fbed61903fd9432afbabef598fce6f1392eb6a1e7be6af9cb2358f23f3dae0d65569abe27b1dd6f1c576375b4d02

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
32b4751c21da0b9baf3b8de5d92f3c7b

SHA1
e8c1b9858ade1d8785493469279f8640a95fd4b8

SHA256
1d1bb263ea6171116df037a585c90c5b421ccee2f562db9b24f40d5a12796e4e

SHA512
6dbbf2a6ad19cc9bbc9a429d37e412b9ec2b796016ea7fc7f911cc17ece242714c33311882be1ebe2137822209e202cedeb4af860c75272e7f313190abd3a8c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b06f637ffec8a0584eaacb7ec03b866c

SHA1
016a6b6c6eb2868a7d3c2380c5065bc29dadaec0

SHA256
7c62882c50bca22de1b2e89457cdbf8584f1d1e5972d2b9d9e5480a7a944e515

SHA512
6daedd87f3a71b4add05e39b806a9b06c754148bd55c0382abb5885e0b576cfd69f9fe4e1cad010bc568a016b8230ca4ffab324ef21cf2076184a44cee504cb5

Download Submit