489a0398819064f5a3dc760dbd18ca7c8c96cb876aca43f3708a3b4f817fb93a

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 02:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

47eccb3246da7381da9e60052cf1730a_JaffaCakes118.html
Size

35KB
MD5

47eccb3246da7381da9e60052cf1730a
SHA1

4633df084362bfcc788bced19361494a81e14981
SHA256

489a0398819064f5a3dc760dbd18ca7c8c96cb876aca43f3708a3b4f817fb93a
SHA512

3a163426b3f1b57a5c2270d53cc526a5b247490b136762db7b0ed206f69e5351923dc44a07df64f9b1ebb4a5ec27801ecfef636c130309d11772cb8ae209316d
SSDEEP

768:56rtJ9wznY6MXpWj1AgkPvnrYEkKTfCFN3+Q9:wtJ9wznY6MXpWj1AgkHnr5kKTfCF1+q

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3788	msedge.exe
3788	msedge.exe
4408	msedge.exe
4408	msedge.exe
3108	identity_helper.exe
3108	identity_helper.exe
1636	msedge.exe
1636	msedge.exe
1636	msedge.exe
1636	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe
4408	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4408 wrote to memory of 3548	4408	msedge.exe	86
PID 4408 wrote to memory of 3548	4408	msedge.exe	86
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 4796	4408	msedge.exe	87
PID 4408 wrote to memory of 3788	4408	msedge.exe	88
PID 4408 wrote to memory of 3788	4408	msedge.exe	88
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89
PID 4408 wrote to memory of 4800	4408	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\47eccb3246da7381da9e60052cf1730a_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcd0d146f8,0x7ffcd0d14708,0x7ffcd0d14718
  2⤵
  PID:3548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:4796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2728 /prefetch:8
  2⤵
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:2568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:4176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:3888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 /prefetch:8
  2⤵
  PID:628
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:2284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
  2⤵
  PID:3984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13587319696296942060,17710391601228306130,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1636

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2412

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4892

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1f9d180c0bcf71b48e7bc8302f85c28f

SHA1
ade94a8e51c446383dc0a45edf5aad5fa20edf3c

SHA256
a17d56c41d524453a78e3f06e0d0b0081e79d090a4b75d0b693ddbc39f6f7fdc

SHA512
282863df0e51288049587886ed37ad1cf5b6bfeed86454ea3b9f2bb7f0a1c591f3540c62712ebfcd6f1095e1977446dd5b13b904bb52b6d5c910a1efc208c785

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
60ead4145eb78b972baf6c6270ae6d72

SHA1
e71f4507bea5b518d9ee9fb2d523c5a11adea842

SHA256
b9e99e7387a915275e8fe4ac0b0c0cd330b4632814d5c9c446beb2755f1309a7

SHA512
8cdbafd2783048f5f54f22e13f6ef890936d5b986b0bb3fa86d2420a5bfecf7bedc56f46e6d5f126eae79f492315843c134c441084b912296e269f384a73ccde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\15165ebf-07c5-4e04-9f65-cfa243ee88fa.tmp

Filesize
7KB

MD5
4929927c586622a3064e3a5b12033c03

SHA1
8f6b35c9cbc505758221693de00e5655d31f213e

SHA256
33299f4eb2698faa6004701b11785509eab3452d5e8325525cbf175d190a0e66

SHA512
581f4027e3f49ba24697a81d2201d3aac5baf85140c621810f630033ef37e75d1fd911a3235582ea5331039d5f2dd972b21bc779d4c6ebd73a357ac11808b8c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
fbbeac0f722382dd49d75843e6e6152f

SHA1
d5cdbdc99b531be0630a316faf13a524ec246d93

SHA256
d3c8aa59335afebb3ac322d9ebf5c3f4b7000a98cb5e3560475a7f76327c01f2

SHA512
9fe9e0a3ff07ade7f688daecc80cfb6cc9dda8d2bfd0c3828287b2f6503059878044f6838ea90bccc002096f91268d9941465e1a4a19cdab01f3d60e263bb7ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
33333668fdce1150200fe8fd919fea43

SHA1
cfca2f301584cc0f4bd10c3f9ac9fb28955a9b1c

SHA256
4b21ea7792f6e559c0049f107439793989911151db56cf88dbd49ea6e4334afa

SHA512
358f8064861f09e456fe7b084bfcbd6f78a6d03ec8279816a777a95f6030b90b1c48521dbd62c4ab8884e183ae76c34d2785332fd83849be6e14dba1e483835b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
bfd1bb8da6a6eb39cb6a1ecc464bcd3c

SHA1
339472779b35f2e869f229181361384d5b95f6d7

SHA256
858949a9099455e753d332c3f339eab9f73a36265e160912a380f6e2c2418001

SHA512
2e2aef2d07f69e501d5703b6b5837e74e44952a39c13e16ef5ee48a5ff216e7a47c304958a13b66bc348ece5ad121736ae0836c7522ee89c1b2ed58c10e9aa9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e778b63989bb64bfdbe596f965502592

SHA1
b9fe1071b77419cb3952119e0f51ab2b3a28f0af

SHA256
f3d0f22e16243f8fb0c0a920f4638f2928070aa689621def7627d79108f9bb23

SHA512
f8a1b308f8fd2057d273dfa58c80cc9bce04f3f8358618ffec2821212466a4047093de626cdc53c14476d232f79ff8b68f3941127f43f9ff911f47c78cbc2d2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
14a3a91a48076f2cd1541a5960e635f8

SHA1
f20838aef821a440fa7337a17031dca997679a38

SHA256
43c5878b0284ee4c5dc6245f3bd7f3ae568aef241ac6171d7ab1a9c72a799d7c

SHA512
509bffb9cd17ce18ce302e7f48d3b935129053c73a6b3a669e828fec18d315e4508d1e9323aee2180f24b79230da215817474f9f8056d949da386af3ad499966

Download Submit