3fcdcdd7633a62eab9b5c80eac5ab4844ec78588ad2b1234ce4f4b83b5007243

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
26/07/2024, 19:20

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

755f4a70827039876d242eb670f1e628_JaffaCakes118.html
Size

5KB
MD5

755f4a70827039876d242eb670f1e628
SHA1

93dbf4c7f16ab5371a94e9f4695b3e4cd06e5a0e
SHA256

3fcdcdd7633a62eab9b5c80eac5ab4844ec78588ad2b1234ce4f4b83b5007243
SHA512

ac17f0e71b60af6a6204809a4c94d081da50d16aac81c197b89b23486082bcd2e28207c8101aa9822615aa7fa938007880632c638bd890fc267af45178cfb504
SSDEEP

96:xFDZaQPGIAk4QmiH3tP/xDD3ivPwBCWf12la20aHXy0q3toOYPT4puQ4q7aAZ470:RaQX4OXB/xDDq3g20ui3tJRoTs

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1320	msedge.exe
1320	msedge.exe
760	msedge.exe
760	msedge.exe
2608	identity_helper.exe
2608	identity_helper.exe
4344	msedge.exe
4344	msedge.exe
4344	msedge.exe
4344	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe
760	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 760 wrote to memory of 3416	760	msedge.exe	84
PID 760 wrote to memory of 3416	760	msedge.exe	84
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 4668	760	msedge.exe	85
PID 760 wrote to memory of 1320	760	msedge.exe	86
PID 760 wrote to memory of 1320	760	msedge.exe	86
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87
PID 760 wrote to memory of 4596	760	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\755f4a70827039876d242eb670f1e628_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8470446f8,0x7ff847044708,0x7ff847044718
  2⤵
  PID:3416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2192 /prefetch:2
  2⤵
  PID:4668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2960 /prefetch:8
  2⤵
  PID:4596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:3676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:1848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1
  2⤵
  PID:2044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:1252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:4468
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5764 /prefetch:8
  2⤵
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5764 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,16607514791401819476,10398995509583863881,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4344

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2956

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3128

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1776

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
04b60a51907d399f3685e03094b603cb

SHA1
228d18888782f4e66ca207c1a073560e0a4cc6e7

SHA256
87a9d9f1bd99313295b2ce703580b9d37c3a68b9b33026fdda4c2530f562e6a3

SHA512
2a8e3da94eaf0a6c4a2f29da6fec2796ba6a13cad6425bb650349a60eb3204643fc2fd1ab425f0251610cb9cce65e7dba459388b4e00c12ba3434a1798855c91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9622e603d436ca747f3a4407a6ca952e

SHA1
297d9aed5337a8a7290ea436b61458c372b1d497

SHA256
ace0e47e358fba0831b508cd23949a503ae0e6a5c857859e720d1b6479ff2261

SHA512
f774c5c44f0fcdfb45847626f6808076dccabfbcb8a37d00329ec792e2901dc59636ef15c95d84d0080272571542d43b473ce11c2209ac251bee13bd611b200a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
cefe7d813b55fa80e337c6e7bb3d21c4

SHA1
3e45f812c960c32a30cf3103b9d77ca708143f0a

SHA256
f5ac6eaac581eda3bc52dba819edad663357ef951d83434213f5cd91de31109a

SHA512
677c27b55689c23c913d1a9c3abedeaf15d5c56af1f5f8befbe3144e2188348216312a703a36e0fa78a9c18f6d5f43550639407376142b15df1e6a7804027bd7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index

Filesize
72B

MD5
36ed58ddbad3e6e08a62b8316d7e90ac

SHA1
67a71903aa854b0314aecf2024e76e4a98428e20

SHA256
3c5d26a2dff8ca61a7b8dad1b15351c165afb0e1b2e1d2c27191632e82738810

SHA512
ca1e73c469bfd9fe0a629f3eb868ec2408c87228d0b64f1c1efc9b24793c7d3b79cb3ab76c735308cee432298be191be674235c5237d8343248297e6a7ce9b15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
06b044e89a4710069140c84d763564cc

SHA1
d779ab9d6d2360a6457ba4005673ad98500d0697

SHA256
edb18f9a28f1e4e31701af9db4c56a6251098045dd008b1f18feeb8905288c0c

SHA512
68a0c26eb8751c69e7471ef56f6abdfd660645b7c0beb10f64998705c2629341c9815df153ae41cc4e771ee07a5b2a9c409b0c0668a515bf0fc731ffd40dc146

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
5339e835abdc804db8b0f90f416a8cc2

SHA1
a6c881340df8615681c5b34a2db8c6997dc3d6d6

SHA256
365067b1f8e2e57bc56edaf1ee465d88eab0dc01a7d5b9713c4bfa5bdf97391e

SHA512
f3ef3e6938c477ec8235d003b1c06a056f0e3e9b0d1acad246b5993a7d73ec564d439161cd12e5d7aee618e78c4d75583b209df6ac9604313b001bb9d43c5398

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
88e8135ed2c512491b9b45c3f4995a27

SHA1
2c95edda33028579ecc4355c464752c01bc1b455

SHA256
e1622c14d91a0c9357308e51d1a6ec566fef945efd5b2b30fa638879d51da641

SHA512
81a5a8624bec1d89b1c488dcbd6bcdd29b9b1fed51d54955dd7208294e3c93bd0c98cf28a973fc7bd562cdc0ab4bbd70562cea1c3e3d319a9f20c98ac240bc1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
1e0e5d59acfe665334fa5fb67497d9f1

SHA1
923cf45df596891cf86eab6b2abd729110e320b6

SHA256
31fbedff448386a45d25e35dcc6b4d901303d822af802f16d72fc8821ac92e31

SHA512
1d98980902f815a7ad63b086f31d3ec7caafaa077b5f79b3b38d6fb16be2842c31354a7487ae44a149514608bc03d9aad88fc84839e7e09182f02a782fa17a32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
475195d0c7c7b62e71056ff12fe98917

SHA1
8dd1655446cfb48f82fe6a32f5124cd6082988fc

SHA256
51c343867b10562cfe99b4092f8de05218ab3a3c2ab4565fa6dc8038996385ac

SHA512
d381cc313e9e43ffb37377cf643569c2012d573c1b7cd59190648c99453fc2801371b874f9df8a9ff7cea19942673c377c1f4404f8e1eed45959efa14bc7d124

Download Submit