02bebde209d575e5f2215c891a9a2049c894997cd03936d5da83a96fe2207dbe

Analysis

max time kernel
149s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
23-07-2024 10:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

673b805e4cf9352e06ee97547b2cd6e8_JaffaCakes118.html
Size

47KB
MD5

673b805e4cf9352e06ee97547b2cd6e8
SHA1

ba137d77a726ff113e4543441e43815956ff910e
SHA256

02bebde209d575e5f2215c891a9a2049c894997cd03936d5da83a96fe2207dbe
SHA512

20887b7f74f0066378538802dc0250ba0e9c3e1e7f1209bc95b4f295382a1c73728a7a5ce16de25cbe1c887a43a6bccc91c79740debf8b91fe2285586f006f82
SSDEEP

768:HRQET0EipBrt8xuirV+wsRXNJws9CfdYOgwpfUG41RWyAd3ta2BetE:xQETupBrOxu1wspws9C1LfIwPd3tCE

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1104	msedge.exe
1104	msedge.exe
2720	msedge.exe
2720	msedge.exe
2460	identity_helper.exe
2460	identity_helper.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe
2720	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2720 wrote to memory of 3836	2720	msedge.exe	84
PID 2720 wrote to memory of 3836	2720	msedge.exe	84
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 4656	2720	msedge.exe	85
PID 2720 wrote to memory of 1104	2720	msedge.exe	86
PID 2720 wrote to memory of 1104	2720	msedge.exe	86
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87
PID 2720 wrote to memory of 2380	2720	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\673b805e4cf9352e06ee97547b2cd6e8_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9303046f8,0x7ff930304708,0x7ff930304718
  2⤵
  PID:3836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:4656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2704 /prefetch:8
  2⤵
  PID:2380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:5112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
  2⤵
  PID:2840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
  2⤵
  PID:3352
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5392 /prefetch:8
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5392 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1
  2⤵
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
  2⤵
  PID:4228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,4701922028118966474,6199908954169396585,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5112 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3332

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3876

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1980

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2f842025e22e522658c640cfc7edc529

SHA1
4c2b24b02709acdd159f1b9bbeb396e52af27033

SHA256
1191573f2a7c12f0b9b8460e06dc36ca5386305eb8c883ebbbc8eb15f4d8e23e

SHA512
6e4393fd43984722229020ef662fc5981f253de31f13f30fadd6660bbc9ededcbfd163f132f6adaf42d435873322a5d0d3eea60060cf0e7f2e256262632c5d05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
54aadd2d8ec66e446f1edb466b99ba8d

SHA1
a94f02b035dc918d8d9a46e6886413f15be5bff0

SHA256
1971045943002ef01930add9ba1a96a92ddc10d6c581ce29e33c38c2120b130e

SHA512
7e077f903463da60b5587aed4f5352060df400ebda713b602b88c15cb2f91076531ea07546a9352df772656065e0bf27bd285905a60f036a5c5951076d35e994

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
21KB

MD5
05da0ba82e7797f5544acefcb87bf1b2

SHA1
42872e7c218983b293da9b8330c621cdbe1a6267

SHA256
12a685f5bde1a018f98b700782377d1640f7a1ce6a7f5da3900911ec382c787d

SHA512
7cb503efc6ce9b3c0aef5a3542c4a95e7d3bc16cdaec394905ebb8c79ca05c4b7317e668201a1db2b7ebee5d79d57ee28c5e1e3159c3b744f3309b19b84b6a7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
45KB

MD5
e9d439802e86f4bd21b443d97de8689d

SHA1
43be680996fbf959b86f441f5575251b15bbad3e

SHA256
13d296d36b1cebae0065599048c3a1f181c6dc435d4af2dcbae6d9461ed839cf

SHA512
530f42ee9576c18d8865b5f81b8dca6bc1e657cdc73c3e45cd27588edc201a20a55712ff2c9e92b05e24edc02549ffcc06b3eef1315faa55a1cbecbfac434fd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
a5b42baa0ce079ac688c1139cd705af7

SHA1
4239cfaaf33f8828cc9b1fc92e81a4a0742fa786

SHA256
31ddf776b1c3d4ee824ae14b7b45b7b09afcb688856947bf6a5fbf9c5b8a5b4e

SHA512
2a414edcfbaa54952780a9047cce62f8bafbcaebd50ef233ec443e882b689d23319aa73bc22927dfc68662e48a3f21a1452c602d2955b567fccb5ea412c66948

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
dc26b27a7622d740c4e6888f65a92c26

SHA1
e17c83cdbfcedc2ba842c44bb460707b4fbbb4fd

SHA256
148d5e581cf4621fa48fafcece35f50f27b1063d46361840d06c195a4d025064

SHA512
81884cace2d7d71743015869d33bd88a038e69ed3995338c83ae6b8f748d597bd3f804afa288202cf4cbe200de4702f8de2976deeaebbe92fc22b89771a8e53b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b42a14274354152bc16b36fbc4e66385

SHA1
0d0e0164053671ace48cb67c228b6c1af399c5b2

SHA256
ec2f2b5d85fc574f03f172ab3ed25f8489f1618c5477f7dddc62554dd619c0b5

SHA512
9e20c4dd2e861a7f72b41ad059ea72b225b0e83030c7b2bb29f6fbf3020016fe6d712d1aabda4079136248090f903d559d78b6f8f72f956be08b4cf360d45bba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b87648fc26424a4c32fdcc60024f596d

SHA1
6232c706781c350888e1beca63e21691e71484b1

SHA256
89ba2ff2d0e95f581324a1570ffe5a272a8c38537dca54c308a8075ca76c272c

SHA512
987c77568dbe3b1a7903cc169e0c7e19abd35d991a9b4c2530daf43531ef8579704161f73f93b41cda019f967c3f343b35cb26453b8791a13e85129dd3c4792e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
05466e85102c82e59b5c5df8dd5e0b0d

SHA1
a85e2c4f17cba7f423a9ae678af9539e8d249e86

SHA256
fa057eb1084bdb97094f1cb6e649fa12077187996df1934c64a6faafa04ef905

SHA512
4752b7c232744831c72c8bac068eb2ce7132208075e7fc8236b82bd87c95b59b21772c9b82a99c45777e89cbfab0ade6c2681086e052b34d5d2e93af2c6de72c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
888a88493efb21cbe1aa821b2333dd18

SHA1
a2aedac2dd204eb3d00b4c449931db5237cd826b

SHA256
f53cebf5ad8fcd8ee51b916e0930c33062b8f0768aee28371bad0dfe383bb5a4

SHA512
eab87ce81ec53651bbfbdf036a166e44f6b192fa14413cd173015409353f3833fee60c31430b75e63e3dafc6de6d370c8607ddb13f62edd0f291ca2de4b8483c

Download Submit