1afef39061caa50d73bcde72855a6aa2ebd6b917d0d97aed503fff5a6ceb8ad3

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
26/07/2024, 02:12

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

723487f3e0c3433834c590c109995c5f_JaffaCakes118.html
Size

28KB
MD5

723487f3e0c3433834c590c109995c5f
SHA1

45aeb7348677ef8fceeb9096ea8e5729c04275ff
SHA256

1afef39061caa50d73bcde72855a6aa2ebd6b917d0d97aed503fff5a6ceb8ad3
SHA512

7e5d46429ee9752130a00782249396284e3c98a4e356a994a08f07ad541346a97065f5b93a1fcf072c846ff32ff35bc27b75ce666244cc5a7b81f6f1fa03d04f
SSDEEP

768:Zcd9QZBC7mOdMILpC5I9nC4kwAwXwAGPd:gQZBCCOdT0IxChwAwXwAGPd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2740	msedge.exe
2740	msedge.exe
2968	msedge.exe
2968	msedge.exe
2580	identity_helper.exe
2580	identity_helper.exe
6032	msedge.exe
6032	msedge.exe
6032	msedge.exe
6032	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2968 wrote to memory of 2424	2968	msedge.exe	84
PID 2968 wrote to memory of 2424	2968	msedge.exe	84
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 1084	2968	msedge.exe	85
PID 2968 wrote to memory of 2740	2968	msedge.exe	86
PID 2968 wrote to memory of 2740	2968	msedge.exe	86
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87
PID 2968 wrote to memory of 3136	2968	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\723487f3e0c3433834c590c109995c5f_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd462746f8,0x7ffd46274708,0x7ffd46274718
  2⤵
  PID:2424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:1084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
  2⤵
  PID:3136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:1356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4132 /prefetch:1
  2⤵
  PID:2412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:4404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 /prefetch:8
  2⤵
  PID:3764
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:1
  2⤵
  PID:5196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1
  2⤵
  PID:5204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,9087038397506703949,16296361300317271924,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6032

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3128

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d406f3135e11b0a0829109c1090a41dc

SHA1
810f00e803c17274f9af074fc6c47849ad6e873e

SHA256
91f57909a10174b06c862089a9c1f3b3aeafea74a70ee1942ce11bb80d9eace4

SHA512
2b9f0f94b1e8a1b62ab38af8df2add0ec9e4c6dfa94d9c84cc24fe86d2d57d4fc0d9ec8a9775cf42a859ddfd130260128185a0e2588992bca8fd4ebf5ee6d409

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7f37f119665df6beaa925337bbff0e84

SHA1
c2601d11f8aa77e12ab3508479cbf20c27cbd865

SHA256
1073dbff3ec315ac85361c35c8ba791cc4198149b097c7b287dda1d791925027

SHA512
8e180e41dd27c51e81788564b19b8ff411028890da506fbf767d394b1e73ec53e046c8d07235b2ec7c1c593c976bbf74ed9b7d442d68b526a0a77a9b5b0ab817

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
a29070d4345d02d18228b69ed354b17d

SHA1
c5a852e4aa1af4c9d1b2d338883de8cb59e62b82

SHA256
fb1d590489ff02fc03a4333a0ddfb8a4dcf1770d1529aecdd12d61cfb41d6df1

SHA512
bcf0e31381b85df2037c43cc45195daaa1dc654a73050a1ba43ba7a2c2aac9365c6851458551dfd152673d87487810b2cf68d1e32d589e161229f261164fb2f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
11acbe497bc49b018d2b7e7d638d5e3c

SHA1
fee528696eb00cd11dcc95e1fed4d8376bac2b11

SHA256
94da4c613d50e6663a902d56ce8078b66252b1fc784213ae02199e48ccf722c2

SHA512
4072005f982bacb9bf0d7f7fcdab27efc414662d7d69ae74db5bff9ea626098ee6679eb5ccd44ba8bfe66111fa8bf89e8c60ddd8ab05e95a54afd88d7694c2a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e81bd00c45bb965999a630c4eefba066

SHA1
c4f9e43d2b2bdcda7d9ef127fab3aaac47adf742

SHA256
86869bd806a3382640889c87144c0a633615805658add3a7102ab8804505eca7

SHA512
f26c85467b03adc2f1ae7df14f5efb81a9825f027929de967d84b0c6c3c656a9d202549f3172186d9c491c78de90250f3c824961cb235fc3d8e8262d81789b94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e60362542227da19164db8592e16debe

SHA1
e10e40a808f27b6378325297660ad6ec5a6bcca9

SHA256
086d52820b20c0ad5faa0b65df6455cffc6739237ef07bcb5689d7758f47d2ec

SHA512
aefd662b7aa72830146004cbc8925895355693c1427bbb3b73074e4be189a34c635df846aae959d19b626e55cdca579a3296457306031c596ba297d69cd6423b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ca19714b0921e7c507939e33969eb54d

SHA1
0e56388937c6ba8f75de3711986fb7e32ed177fc

SHA256
e445f884b2f989d0c41783b2a79ca945a9b399395a3e5954289c6e2af3248f62

SHA512
2f47babedca3871f2f156e1a1a2e8ac568bca529c866b19254c86e9a00a84596e3910a4e450c414c14dfba52d0da63199023fab2e3af170a70b343217c583697

Download Submit