c5771cfec971c58076dd50951e913e775cdcdc74429c07695711ec8b7d000be9

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
23/07/2024, 05:45

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

665b35784e67977f0b2b9a0de2f9c415_JaffaCakes118.html
Size

54KB
MD5

665b35784e67977f0b2b9a0de2f9c415
SHA1

0329723f51168eee7b5329662560c0482a969384
SHA256

c5771cfec971c58076dd50951e913e775cdcdc74429c07695711ec8b7d000be9
SHA512

cfae92391203ad0e39aa5d61b30286866f1f3e01c5cfb2d431c2afd3f48e3d32e261b8fed9657e6d5c8c29901ab04a165162fc7c1b480932043a2eb10606ab9a
SSDEEP

768:/76T0EipBHqcu1IaChWRUPJRvZMLfaFT7BbMIhElzYRyB8t4:/uTupBHqcu1IalRUPPvZMLy7xelR

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4852	msedge.exe
4852	msedge.exe
1980	msedge.exe
1980	msedge.exe
540	identity_helper.exe
540	identity_helper.exe
1732	msedge.exe
1732	msedge.exe
1732	msedge.exe
1732	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe
1980	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1980 wrote to memory of 668	1980	msedge.exe	84
PID 1980 wrote to memory of 668	1980	msedge.exe	84
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4848	1980	msedge.exe	85
PID 1980 wrote to memory of 4852	1980	msedge.exe	86
PID 1980 wrote to memory of 4852	1980	msedge.exe	86
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87
PID 1980 wrote to memory of 1628	1980	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\665b35784e67977f0b2b9a0de2f9c415_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff8af246f8,0x7fff8af24708,0x7fff8af24718
  2⤵
  PID:668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
  2⤵
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
  2⤵
  PID:1628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:2064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:4596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:756
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5772 /prefetch:8
  2⤵
  PID:672
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5772 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:2776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,5725389453893535563,4971210419777467381,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5236 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1732

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4812

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4716

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
8af80e5457bb4d5866c008c57eeebb90

SHA1
2e7d9081cc67f46f5b356e1104bade5001c49f6e

SHA256
e2a7a829b8532b18962dedfea6df9abfee14052f2591a732728ae089c1b30e73

SHA512
63ffbd436f8b3cfe9f3e5f7f18b7a17e90c4edf7e08c42637af65b808a458c65a1553e1840251f8b4796e7e945ba9ff8d731f0f57ca4cbad9abcac396220b294

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
328B

MD5
305cfff194310fc7bc491c789bc248ea

SHA1
f302b38e9dcac14e8fad3b91c1fc1c268bca014d

SHA256
a5d1820031487ef5b9d628ba9149802a067d65847ba26e2e37efe26edefb1ebd

SHA512
88a73e7ba59d35638908816c0ad932ad0cbcca74c56accf15881efb0478a7afb70222568a461111c6ea5c292c58ea1179b314989f1e594a583c7783a9b7bfbaa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
328B

MD5
a1fb44dbe0fefedf67bb3359b60e2a87

SHA1
c6f9fa75cb38cfbc65d1a5e99a6456725c3dd831

SHA256
867dafd87e19d82b9cb37d11415eca426e72c815953ff4e1d365c77153201dca

SHA512
d43b32775c1c3439e6c0a6501195593f17f29ef459fa8d7e30b98e89ec329a40912e70590e66581980025a5b6d5d5e5cf912970fff6d2fd2717528bd85be1eac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
328B

MD5
0911c34dc086b77938e09bb7e599d8dd

SHA1
608389c12283c4e11a8ba29272a2eeeea063076a

SHA256
6f3189201ef841ba575464a3b23db08c2b874444181653e375099f297fba0948

SHA512
9b435d163bf38e71d38a576f78189576f4dd33e25e284beb7e07d3e9f4290964fbff7b52b2df3f1e3f5817e3483ece1c5913b31756c8ebfbd0bb2c0882f786fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6c86c838cf1dc704d2be375f04e1e6c6

SHA1
ad2911a13a3addc86cc46d4329b2b1621cbe7e35

SHA256
dff0886331bb45ec7711af92ab10be76291fde729dff23ca3270c86fb6e606bb

SHA512
a120248263919c687f09615fed56c7cac825c8c93c104488632cebc1abfa338c39ebdc191e5f0c45ff30f054f08d4c02d12b013de6322490197606ce0c0b4f37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27f3335bf37563e4537db3624ee378da

SHA1
57543abc3d97c2a2b251b446820894f4b0111aeb

SHA256
494425284ba12ee2fb07890e268be7890b258e1b1e5ecfa4a4dbc3411ab93b1a

SHA512
2bef861f9d2d916272f6014110fdee84afced515710c9d69b3c310f6bf41728d1b2d41fee3c86441ff96c08c7d474f9326e992b9164b9a3f13627f7d24d0c485

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
21KB

MD5
05da0ba82e7797f5544acefcb87bf1b2

SHA1
42872e7c218983b293da9b8330c621cdbe1a6267

SHA256
12a685f5bde1a018f98b700782377d1640f7a1ce6a7f5da3900911ec382c787d

SHA512
7cb503efc6ce9b3c0aef5a3542c4a95e7d3bc16cdaec394905ebb8c79ca05c4b7317e668201a1db2b7ebee5d79d57ee28c5e1e3159c3b744f3309b19b84b6a7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
45KB

MD5
e9d439802e86f4bd21b443d97de8689d

SHA1
43be680996fbf959b86f441f5575251b15bbad3e

SHA256
13d296d36b1cebae0065599048c3a1f181c6dc435d4af2dcbae6d9461ed839cf

SHA512
530f42ee9576c18d8865b5f81b8dca6bc1e657cdc73c3e45cd27588edc201a20a55712ff2c9e92b05e24edc02549ffcc06b3eef1315faa55a1cbecbfac434fd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
0c2868735525e5aa5f0d18c9aee9ef2b

SHA1
91f050829f0041bae0eeea564167061355c30c04

SHA256
b2bf9361b4e99a3282670a66333e9f11e63bc9f2a57864eb04785a7388048596

SHA512
94a723b121c8378287e26e3a351d5532cb810322dfb77a97c2494601558200260c83c3bd48a23f14d5b63baca62f6d0e6626cb518a8aa7358e1d9cb0fcc6d6e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
f54ad4c682f45d4f656bd9c7cd3786ac

SHA1
3ea8477893e4de1962a638a4cae949cfc272008b

SHA256
3d405eedabdaf03550efc86134e8dad7abd462588fffef5b05da8c77d5d508c6

SHA512
7da5ed7e29c88658b785397ba1ab9134444bcb8b67bd594b07da1b97d5776e7f13e7ad389607f4f5b63f8e419df01e589c2d5067846f5f3cca5fd7fb1daf4182

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
35b1f53177d777d6b262a2932dc4d9e6

SHA1
e7e99e35c106f99011cadbf3ebed4fddbfa99028

SHA256
2b391d09da0bf85c10ac2fd667f3470c1f72a96143e1886c94d53dd5f5dc49d0

SHA512
d8df9f86a4b7a2c103afb767fdebef39a44f2982a78eff9591017f46d82251492da4256724467eb86f76432d8ebf08d9d0fb320c5b6486c60f1f2c8d7cec63df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
1fc88f777a8f48249bcbb1d4dbfe539a

SHA1
24e8a51f768cab23a1fee7a782f47c40b797e491

SHA256
71b09552bf0f04758e45dda7dc3dc825af02c30316c7b81e7ec4718c5d726a13

SHA512
d3679e5b152a00b3a87f1d9c45fbda34bdcea493bb9f9d7546670b4ded5808d820de5cddd6acf9e2f44fb9f1ee49dedb39440c76a3957af6e6c2ac6e68870e32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6d8374989a9fd68d6671ff6496f8f6df

SHA1
3a422949d0a1774469b33e0bd7424a4ca75423c8

SHA256
410011ea7b3d9dbeed8e0154a0aa5bb7aaf79aa47ea6fb1a3a5030e2e9f1c271

SHA512
483828554250e547a6e50fadae247007b94f869eab901cca3870316f30c2574954e3108f6928ba0f51ac67c90a6ed8b5d631d705a1d2f09953eab8ea9760a35c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
574cdf805db89ff76d27846354eb945f

SHA1
c484e156718631d79b213e5abda758f741a0a8cc

SHA256
8922e280a9ad6e8d824092187ffb89327bdc9f5dffdf1e0cffe873dd09158d6b

SHA512
3c96a7053ce02cbe3f10e3bfd2e4a7c0bce6d0b7a45e23b640a2a967a461550022d7c13bbadd3856e8fda0f9c5c06b7cb7cdd53115309a5a13254d6e54a2025d

Download Submit