729ebcfc4024ea9a5d2bfac57df1b2b99eda39e2db5b1e5946d035f9f9eb1390

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
23-07-2024 00:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

657d1485c27aa07b57d79dc5490b1387_JaffaCakes118.html
Size

102KB
MD5

657d1485c27aa07b57d79dc5490b1387
SHA1

682b6fe3d95367356692f2cedcd8b985b9ec835c
SHA256

729ebcfc4024ea9a5d2bfac57df1b2b99eda39e2db5b1e5946d035f9f9eb1390
SHA512

163d5e019e54850d5b4be132ee75206f984eccbf5757cb6456cccd8cd1a7ce8bd53da01cad6a3faf0ec6e8d45f9d3fa9ea2b6da0c11d8751bd621c05cbbc7ace
SSDEEP

3072:tKeP4Fg/UJ2bow1VK9Jy34eMgv3dGHk9rCX7CeYsL8oyWPKtWlbeRtNK:++Tbow15jv3JUck

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3112	msedge.exe
3112	msedge.exe
4628	msedge.exe
4628	msedge.exe
4564	identity_helper.exe
4564	identity_helper.exe
5544	msedge.exe
5544	msedge.exe
5544	msedge.exe
5544	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4628 wrote to memory of 4756	4628	msedge.exe	84
PID 4628 wrote to memory of 4756	4628	msedge.exe	84
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3048	4628	msedge.exe	85
PID 4628 wrote to memory of 3112	4628	msedge.exe	86
PID 4628 wrote to memory of 3112	4628	msedge.exe	86
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87
PID 4628 wrote to memory of 2336	4628	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\657d1485c27aa07b57d79dc5490b1387_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb3e9046f8,0x7ffb3e904708,0x7ffb3e904718
  2⤵
  PID:4756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:3048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8
  2⤵
  PID:2336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:1776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
  2⤵
  PID:5100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:8
  2⤵
  PID:1756
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2632 /prefetch:1
  2⤵
  PID:4492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4040 /prefetch:1
  2⤵
  PID:1508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,1613333611707934583,11302560056324594456,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2924 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5544

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1316

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1156

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bafce9e4c53a0cb85310891b6b21791b

SHA1
5d70027cc137a7cbb38f5801b15fd97b05e89ee2

SHA256
71fb546b5d2210a56e90b448ee10120cd92c518c8f79fb960f01b918f89f2b00

SHA512
c0e4d3eccc0135ac92051539a18f64b8b8628cfe74e5b019d4f8e1dcbb51a9b49c486a1523885fe6be53da7118c013852e753c26a5490538c1e721fd0188836c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a499254d6b5d91f97eb7a86e5f8ca573

SHA1
03dbfebfec8c94a9c06f9b0cd81ebe0a2b8be3d1

SHA256
fb87b758c2b98989df851380293ff6786cb9a5cf2b3a384cec70d9f3eb064499

SHA512
d7adcc76d0470bcd68d7644de3c8d2b6d61df8485979a4752ceea3df4d85bd1c290f72b3d8d5c8d639d5a10afa48d80e457f76b44dd8107ac97eb80fd98c7b0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\61c24f8c-310c-4c6e-8c34-666bda8bce23.tmp

Filesize
8KB

MD5
e23edbdb5663059c2d200b2ff72200f7

SHA1
2e87b4e58c329229ed8cd0c36ea65d06af969929

SHA256
6f65adfbca8a6421c869e364dff37e607eaad166280a6df15aa6ce085e97d738

SHA512
cc870ebc79fea9f24ad6e36f8a91a74bcca012bbe8eb90e212a054932443668a126426967d3a7668c253377ffd41ff0612004713875e42e1d263f50eb11ec9a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
21KB

MD5
842969383c00d89ecc360dbf56ae1fe4

SHA1
8bc07ddd709b367e90b91eb9be5422242f2a1a72

SHA256
d550afde14a7f853f43932fd40d1a586573e507f4b4a7761e8d8abddfb70808a

SHA512
881c5ab66a00071968ec0f781cb3b31e9c7be5404aa70339f1930669f7738307051f10b491988dc55e201e6877cdc9ca626821b8071e22b413683d793dbd4560

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
45KB

MD5
e9d439802e86f4bd21b443d97de8689d

SHA1
43be680996fbf959b86f441f5575251b15bbad3e

SHA256
13d296d36b1cebae0065599048c3a1f181c6dc435d4af2dcbae6d9461ed839cf

SHA512
530f42ee9576c18d8865b5f81b8dca6bc1e657cdc73c3e45cd27588edc201a20a55712ff2c9e92b05e24edc02549ffcc06b3eef1315faa55a1cbecbfac434fd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
9823f8379c855f634c3b0b3ff1fb4a68

SHA1
6ea2ee7eeed9c3fe716258cc8fb74fd4aaa95fec

SHA256
745a598598dee3d52b641ec82d862903ab42a77ef690e3e643c1f9d82b0886f9

SHA512
9519c426f08b6a4b42e3cd189c0bf5d6c1f269eae7a54a82d38c25e3dcbb4239ef1eeb85dae8af23bc1fb0fe593e80dcba26709bdea6c597af4f97a8dcb5a427

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
df45f76fb509e11d329f734b7a5bcce5

SHA1
ddd23961e9b7aa87157b5922f09854eca771194d

SHA256
7805321c0b1055dfbb17b4f75875c3792f9490c2bd3f1c4ec87ee9efecb1ffdb

SHA512
c3842587b30f4145841b47cf628bd48b16db632e7c4d0f3fa4739ea730249c48690006c8d229491ed6276d3ac18ccf5d01e16eeed1279f228dd01e663a714444

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
bc65d8f307516b021590c67e4462847c

SHA1
cea6ba1268e544ac16e26a93f31afdab89716ebf

SHA256
78615f911bff4c4ec3de152d56aeab221091ca06c15a836ae39d30519be859ab

SHA512
e3607c1ce175269a83bfa5ba3b6bb6230a1c0c4bce912a1ac380ec6731fe6b44444e1ed6c05559c6059310fb65b0abebdfe63ee0721d45742100b113ce2a6ae1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
8af928f3f6ca91cbfacfae33b1016400

SHA1
325f79221cb52e637d4739e93cb9998ce4d01684

SHA256
06086c572223a77007a685858ca0cb03d15caf9c6db971a2141abfd332ea78eb

SHA512
402dc92f7a57516557da1915a3bae91bade47605f5b5845667b66dbc959199d62cbfed460af18a29665607e9019b1485fc3c11cf819183fcc4d7da632d2f3f90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a76ee9107038a10ea71ef2b147f0dff4

SHA1
818b940adc2b9703093b77a7c433ed8c505aad59

SHA256
aa9eb7da69006b826e0d256f83d41054846b88a51eea7f45cfafc3728263d7fd

SHA512
1af368b9a73a171d0581b3ed42d2d47a1ac6144bb6800a3d5515150afdaf09a852a4227d64862f1df59b9abcfdb3cbcb83642cc5c3ad1f49a811ab8055af3553

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8e8f493d6d69df10a8ceaa7a59126835

SHA1
f48a50f53d7ef04330c6d48a186bca4f24975983

SHA256
95002332948cad71be45a080d348460bbdbfbebcb3f5cb0a18549672fd5d4b52

SHA512
abec3e07eb8e9d44a7f7b546f21bfaccf5d5c5606cf715fabf6a42416674fcc31d2cca60440d6de833e72160d2ebe7621fb2e274cab59a2c99eb2526094e4076

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
c05abeaa33bc9d451f531e8ba8daa565

SHA1
2dc585eed3441236e66cab561976d3546a65b52c

SHA256
b4936e689d321549ab8ca6021b409474303e1643beffee42200bd1c058138ee0

SHA512
9678e93cde10e37dbbbb048c83dbd46668c977aeb820927c6f7ed2e86ce14a804ed7fe46f523b793c85db05f451ec3e6e82113d23a9d9ad2256c11d08e43dbf0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
df90db8ac6a9d6a8bfa4d9bab7e7f1b1

SHA1
ea7f08dfbc554c6917536eb5aab1967eb9118f61

SHA256
401429070cb8c985be822e72efcf64826e3881ec488dfd4dc93809f23ad548e3

SHA512
12cdec2a7b57ea7f202e13f7819547c7786ecc7de48684f56f89bff8ae160630d90b509cbfd0de00d6e8b2f20a0867d5ced103f26abdaf52df5a6a2354da3cb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4f2543bf182be7caf659d319fb9b87ff

SHA1
873fdfffc3b2a782c89bb82192faa8dbe8b13b18

SHA256
b1dcccb731a8797fdaee86a343fbcf246fb4b7c80ed8628fbd1b1bae7deb606c

SHA512
d25b847cb5d01585dc8f6444233b6fcb272d1c5ee0e35c36219a89493014f8ef41bebc28b018ca5af01ea40562724fb9229b993b94b6db116619d19ab39a8d39

Download Submit