850cfcb1939f30b3055da90c37e1ccad39927e0aa94479b0e63f7305bbf217a8

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
26/07/2024, 04:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

729570486164726c1a57409fb2d2121b_JaffaCakes118.html
Size

91KB
MD5

729570486164726c1a57409fb2d2121b
SHA1

6d658f30cb07247f42da60d6aa20e9c1e149b07c
SHA256

850cfcb1939f30b3055da90c37e1ccad39927e0aa94479b0e63f7305bbf217a8
SHA512

b9bef7166e70b0950a6bd72adab35ab3b0e39d322a5d9f5896d33fb2227bafe2b10a1cc9b187600e5a3d0ba9072f529e62a71f4c0add05da3b3ecb6e04d4b537
SSDEEP

1536:Hlr1qh3fVyYpepihsEJOiwJ+IMYslmsmlIXiQCGGv4bWVZ9/1liL9CAYIMNAmC9M:+AYxOTXs+rmwEMNdC91B8

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3300	msedge.exe
3300	msedge.exe
2560	msedge.exe
2560	msedge.exe
2284	identity_helper.exe
2284	identity_helper.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2560 wrote to memory of 1216	2560	msedge.exe	84
PID 2560 wrote to memory of 1216	2560	msedge.exe	84
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3292	2560	msedge.exe	85
PID 2560 wrote to memory of 3300	2560	msedge.exe	86
PID 2560 wrote to memory of 3300	2560	msedge.exe	86
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87
PID 2560 wrote to memory of 3544	2560	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\729570486164726c1a57409fb2d2121b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff946d546f8,0x7ff946d54708,0x7ff946d54718
  2⤵
  PID:1216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
  2⤵
  PID:3292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2220 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
  2⤵
  PID:3136
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 /prefetch:8
  2⤵
  PID:3020
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1
  2⤵
  PID:912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,96327316226113255,1402084373414206681,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=212 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1152

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2400

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2f842025e22e522658c640cfc7edc529

SHA1
4c2b24b02709acdd159f1b9bbeb396e52af27033

SHA256
1191573f2a7c12f0b9b8460e06dc36ca5386305eb8c883ebbbc8eb15f4d8e23e

SHA512
6e4393fd43984722229020ef662fc5981f253de31f13f30fadd6660bbc9ededcbfd163f132f6adaf42d435873322a5d0d3eea60060cf0e7f2e256262632c5d05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
54aadd2d8ec66e446f1edb466b99ba8d

SHA1
a94f02b035dc918d8d9a46e6886413f15be5bff0

SHA256
1971045943002ef01930add9ba1a96a92ddc10d6c581ce29e33c38c2120b130e

SHA512
7e077f903463da60b5587aed4f5352060df400ebda713b602b88c15cb2f91076531ea07546a9352df772656065e0bf27bd285905a60f036a5c5951076d35e994

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
4eac82a7d6ee7c2ab5e7983ac99bfe31

SHA1
02e3aa13e924e5df66b2cd14c3c174f26895a0f8

SHA256
2f7f2927d51b121b5fd9f7fec0c36a3329a5dbbcd652be4abf5676eef9954d2f

SHA512
307093f5017da8f217579f14d6170d13f5a14c6226ffbdb7e3a40bfc017d11519381453401e831c9676db273a52d843886ff7cccba32fa9334309fb4e73845f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
815B

MD5
ea798f4e4e8b24453c8c6012b2e9826b

SHA1
eec9f2a3cce2eed364bbdfee9ec45c4f9d0f8921

SHA256
c536b3466e4c6bde982139e843e5ebc0a09b310bd76363d0d378990514304744

SHA512
aec5510498089f2252c05229ebc8d448aeac488619f49244f9d12ee1c8a1e41f76e0936ba8d707b721a1b633164a4379fe3ac6cae4dfbab2694117fd1615350d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3d160c21a7f618d3a37c9a0d9838cbf5

SHA1
1f2ac2f14728b92b9b94acadb94a55aaccc7ecc4

SHA256
0f993a59414160c3a4132ebfb3c3c1fa7467fbcaefa6b31094f77b1ea0b0ae30

SHA512
34e1958f58dbae10074e40e8320ade02ee9b454cda79d5214c5123b3188800cb9b6e97a6871e6d9f28e104fdd7a595a8b672be869ca5a970a7492d791743ec01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
34bf464288a05e62394060d268e2d32e

SHA1
e35438e1252eedf2991298ad5adc759fa2d79482

SHA256
6e4b0a05daf25208c7a24a0166fd579040948ac171a9859409cb94c6a1e270e1

SHA512
3e26f407f7d9f56c8f8f04c20077dc36ae7b3dd5791fee12b7d652a29d91bae084b72265b0c5372bc5e75720168c0206f9830ea5ab3a43b61fa51e4cf1ee381b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2ee5702167541163e96b47e421f61264

SHA1
6cfaf1c9baa02d2e83cb63eef1940be4dd268490

SHA256
fb8bf20a7735e65f1ff7ad86c22d0b8c30b5338376e32339c4840fa06ed0fc01

SHA512
8b5a4ed2352609dc236365f9972b6715034ba2a6d2f0748d69342732493727d0eee3f97796ebab39d40a16bb7de6290a67f0fa032ecf79cca1dcba78a06067e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
fa1cccf570fc7dea9c3e75af28bfb79c

SHA1
180894ce6cf28384dd33934ff50647763f58aa7e

SHA256
bcdf7424b5e323f53dbdcea1e66c8e962c6c9c2eaa99a3440c20f0e179b4be72

SHA512
d6382a8496c7852ac8a44b65797bcd17e8df6fae1cf738866599e89e1c0213e04d60af5fe8c92b4c28a331eef508342457be4ffbc1ae07cd7769b2dfa374b543

Download Submit