d5ffe3e4e297c24628bf2a82c1c4bd8d407596df81a97be66b2a3d94ad9c49ee

Analysis

max time kernel
149s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
26-07-2024 15:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

748ed4936b390badb003ac147b3d5f55_JaffaCakes118.html
Size

57KB
MD5

748ed4936b390badb003ac147b3d5f55
SHA1

daeb0224cb9ab813761e4ac91acd5436594ca2ba
SHA256

d5ffe3e4e297c24628bf2a82c1c4bd8d407596df81a97be66b2a3d94ad9c49ee
SHA512

1cc8c8b833d0171f51eafd59e4599a730ddfb9d09720e7a653e23bf9b4b89591b8888ff616cfa3dfb6a5eb65918031cbd338b59dbeab328f2950f1b325bcc71d
SSDEEP

1536:ijEQvK8OPHdygRo2vgyHJv0owbd6zKD6CDK2RVro5ewpDK2RVy:ijnOPHdyb2vgyHJutDK2RVro5ewpDK2m

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4352	msedge.exe
4352	msedge.exe
1044	msedge.exe
1044	msedge.exe
5096	identity_helper.exe
5096	identity_helper.exe
6136	msedge.exe
6136	msedge.exe
6136	msedge.exe
6136	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe
1044	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1044 wrote to memory of 4896	1044	msedge.exe	84
PID 1044 wrote to memory of 4896	1044	msedge.exe	84
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4644	1044	msedge.exe	85
PID 1044 wrote to memory of 4352	1044	msedge.exe	86
PID 1044 wrote to memory of 4352	1044	msedge.exe	86
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87
PID 1044 wrote to memory of 2760	1044	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\748ed4936b390badb003ac147b3d5f55_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe1a3346f8,0x7ffe1a334708,0x7ffe1a334718
  2⤵
  PID:4896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1952 /prefetch:2
  2⤵
  PID:4644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:3264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
  2⤵
  PID:2860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:2304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3784 /prefetch:1
  2⤵
  PID:4232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:3988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:884
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6152 /prefetch:8
  2⤵
  PID:2708
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6152 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
  2⤵
  PID:2768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  PID:4000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
  2⤵
  PID:5236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1
  2⤵
  PID:5244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,8683856881422844801,11124804277263903194,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3796 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6136

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5116

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2412

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1f9d180c0bcf71b48e7bc8302f85c28f

SHA1
ade94a8e51c446383dc0a45edf5aad5fa20edf3c

SHA256
a17d56c41d524453a78e3f06e0d0b0081e79d090a4b75d0b693ddbc39f6f7fdc

SHA512
282863df0e51288049587886ed37ad1cf5b6bfeed86454ea3b9f2bb7f0a1c591f3540c62712ebfcd6f1095e1977446dd5b13b904bb52b6d5c910a1efc208c785

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
60ead4145eb78b972baf6c6270ae6d72

SHA1
e71f4507bea5b518d9ee9fb2d523c5a11adea842

SHA256
b9e99e7387a915275e8fe4ac0b0c0cd330b4632814d5c9c446beb2755f1309a7

SHA512
8cdbafd2783048f5f54f22e13f6ef890936d5b986b0bb3fa86d2420a5bfecf7bedc56f46e6d5f126eae79f492315843c134c441084b912296e269f384a73ccde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
792B

MD5
7d5a7b4ea82ae61f3dd6e19a15b9be00

SHA1
bfb011dff67183884db871d77c3fe2cc2ab99ead

SHA256
35dedaf8c64f4066367666c930dd4c29cc79d608d061c2a00b36940581b37fd7

SHA512
ca852a765f2cea0985fba89e1e5dd9f0697b14d3058759485cc19caa616648bcc3ab340c513d4a299b4569dd9c85039b00d52dbe5c10759f04b7f92f24860977

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
d89881dcdd453b905db2e8e3e6560bdb

SHA1
7d6c50c489e67fb544157e102d9ec59476160b5d

SHA256
86c9364267a3e4ac739df423085dc0b3cdfe022e01b2b5ffa788076ba0bde193

SHA512
3274522a19dbcd6c03e054f7d86a5932e2f0abfb4d3b177a81395dea0bac30003b902d05c3d432cfca6eb381be3c20ff7defaa2d39831880be5727716b49a8ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b6c9c63574e6164577ba918f9ab82eff

SHA1
6e07d784ffd78d12128255f06ba7c099084e5dae

SHA256
8e4bf9e437f40c7d06f213dd91d2936668b76a15669fd212c82eac520e744df6

SHA512
07e35a386c47d91afa6811addf2bc92b04f8ea5521b5c1bce7c55b18f1ce61ed5ee7e2b7558a2a28ca3eecce66c037b2296b38dc721308fa4361f64444269857

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
db06f5e9734e8dd97f9f5cd2e5a476fb

SHA1
9d9d4012edd51351d5262971fe76fcc3d31d8dec

SHA256
33eef536aece2bf57f98dc393512ee1eedb8da70d026ac60a2b9bed0a736225d

SHA512
402f997fa3b7552fe19ce9027d7f663f9d30d736805f00e63a9244866a706281b4d806a47ae0507a5d3c9950f4fb73b77394694dff37b8985eb248b8ed46b5bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
5c38a63ff3a86d16314a8fda090b7b50

SHA1
51586fd9c6044fa373c61baf04582cd9d3749eff

SHA256
6ebc4cd4583df45b29571537d89fa57ddd1a348c42600a62b25c59bfd766b5df

SHA512
c1944ccdf3804dfbdd3ae461e50a0108322b093841a87bfd48e6248647b57f9ca66f5a779a435678747282f939ffeaa980c6da7a1347ebd9fe03d304650b4268

Download Submit