96a302f70757cb6b3ebb8af39961126d9bfcf1a40b751446a8a42f8027c72421

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
14-07-2024 04:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4455809a6e51017ed3e5de83b37df055_JaffaCakes118.html
Size

56KB
MD5

4455809a6e51017ed3e5de83b37df055
SHA1

8e04ba00f6b5cd75995095ef867af1364c4c3723
SHA256

96a302f70757cb6b3ebb8af39961126d9bfcf1a40b751446a8a42f8027c72421
SHA512

1b20e98968d1439985d5c8d8c96d65b5ac9b61fa451bb419b11112d5757a4c78053ad5fbc3baf80688c10fa8bd070a1beadad8e23dd7012082e5d8386317f0b3
SSDEEP

768:Zcd9QZBC7mOdMIrpC5I9nC4D0obKVi/HUMpPd:gQZBCCOdP0IxC01x/lpPd

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4712	msedge.exe
4712	msedge.exe
2908	msedge.exe
2908	msedge.exe
5000	identity_helper.exe
5000	identity_helper.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe
2908	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2908 wrote to memory of 232	2908	msedge.exe	83
PID 2908 wrote to memory of 232	2908	msedge.exe	83
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 2740	2908	msedge.exe	85
PID 2908 wrote to memory of 4712	2908	msedge.exe	86
PID 2908 wrote to memory of 4712	2908	msedge.exe	86
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87
PID 2908 wrote to memory of 2268	2908	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4455809a6e51017ed3e5de83b37df055_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbbb6d46f8,0x7ffbbb6d4708,0x7ffbbb6d4718
  2⤵
  PID:232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:2268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:1088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4004 /prefetch:1
  2⤵
  PID:1824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6228 /prefetch:8
  2⤵
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6228 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
  2⤵
  PID:4048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
  2⤵
  PID:1076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
  2⤵
  PID:2920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,13862889286767563359,8688752027566018453,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4560 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3248

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3124

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4124

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
04b60a51907d399f3685e03094b603cb

SHA1
228d18888782f4e66ca207c1a073560e0a4cc6e7

SHA256
87a9d9f1bd99313295b2ce703580b9d37c3a68b9b33026fdda4c2530f562e6a3

SHA512
2a8e3da94eaf0a6c4a2f29da6fec2796ba6a13cad6425bb650349a60eb3204643fc2fd1ab425f0251610cb9cce65e7dba459388b4e00c12ba3434a1798855c91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9622e603d436ca747f3a4407a6ca952e

SHA1
297d9aed5337a8a7290ea436b61458c372b1d497

SHA256
ace0e47e358fba0831b508cd23949a503ae0e6a5c857859e720d1b6479ff2261

SHA512
f774c5c44f0fcdfb45847626f6808076dccabfbcb8a37d00329ec792e2901dc59636ef15c95d84d0080272571542d43b473ce11c2209ac251bee13bd611b200a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
dad354d140a0b451927a0955c2b71431

SHA1
2d22212f94af6e55c238d7b8b7dfa8775d73aca1

SHA256
02b95ecae772a7ca58cc908fe2ef463f5882debc2b81098050e108832e782426

SHA512
74fcafeae3ed7f69bfc961df90204e1f8e088b48059c5e76dd0d9c5e398512680e5f61639262e56be6f7db8da3a1bcb29f0496d69256a8ab7dedf8e826eb73b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
91527ff6ffde73834ce818845f71083c

SHA1
b94ba9dbeb2ff34c6defccc4bb92ddb36d62f287

SHA256
af977ba9a26d0e4d89a7a091d7168962dc5f8567441a47add5e4045211a0d8a9

SHA512
51408c43d33ebbb246179b39c87ab3b451bb2e2ecf458a6722434faa6a3e77b1ca5835e68c66d9384200d75dd6b950b4594c4462222a402ae385d4f52f61c88e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
69f3bcc550c8b5e148f030742389905d

SHA1
634e76a0b60209be4fcb444233761b65c832d699

SHA256
00d226fb77d4df00e3412ef3918491749d257972eef514d090e3d1b1564f872a

SHA512
f2c69f0f37812e911c4c6e2132b08c9957faae1491a2eb55be3ca06280a2a8bdb9f9ed51ca87d497e8317c56b9c5745355e9c6387a2d67ade7edeea08921436a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
26b1f7344ea06122872f31914a5f5639

SHA1
d1852655bc2e3302eeaa3923adee27f3d38013f1

SHA256
3cfb83f126fbbfdaf98ce1c74ca9066144f8576b4cd8d11ac0720d1b2e9711a5

SHA512
d54ce1c39ae8176e05c7587830fe626358786f3493bb78c87746c4267fb45330a73d12766683227a50ca16e04980027f6d53d339f495c1f2acd7eb2c82fc9628

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
3aac823c202e28c1a9dcc2547a690186

SHA1
2208513b9860295de907f7084d9e1d3e81ad5043

SHA256
74ceba6a6987d375a79a578723e0663e880101d40d3ed7d7091f9468aad50429

SHA512
983f1d191a62b49d770aedbbf59270887c68da24fbba8dc975b8bab7ec684fbf62e9c471c7005ce8bb2dad375ae6b9e820a1c5bef260ea6587ee0d370650ca4f

Download Submit