4351c1cf28229c3a49c2226f50ee6684e95345944d1af849069d354cb851d7e3

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240729-en
resource tags

arch:x64arch:x86image:win10v2004-20240729-enlocale:en-usos:windows10-2004-x64system
submitted
27-07-2024 07:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7764b6f9dbc53028306f4d0c55d2cb2d_JaffaCakes118.html
Size

69KB
MD5

7764b6f9dbc53028306f4d0c55d2cb2d
SHA1

7c8bc9ea170669d21412aaf43aac6aa18494b6a4
SHA256

4351c1cf28229c3a49c2226f50ee6684e95345944d1af849069d354cb851d7e3
SHA512

3ff310a7fa23f129bf6d6c7a15cc223e20ff5cc918e67f756c24f9ac929fbe919b4974301a4debd084b405dda12f1345123e260733a21c737958ee800a9fc597
SSDEEP

768:DzkJZspD3gGYydo6H9Rd9JJvLc6hvLc68w2sBtuFG2uqrh2SYewp:DEspD3SydoGJJvLHhvLHsdk7qr0

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2316	msedge.exe
2316	msedge.exe
2280	msedge.exe
2280	msedge.exe
620	identity_helper.exe
620	identity_helper.exe
5028	msedge.exe
5028	msedge.exe
5028	msedge.exe
5028	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe
2280	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2280 wrote to memory of 4972	2280	msedge.exe	81
PID 2280 wrote to memory of 4972	2280	msedge.exe	81
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 964	2280	msedge.exe	82
PID 2280 wrote to memory of 2316	2280	msedge.exe	83
PID 2280 wrote to memory of 2316	2280	msedge.exe	83
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84
PID 2280 wrote to memory of 664	2280	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7764b6f9dbc53028306f4d0c55d2cb2d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5f3146f8,0x7ffc5f314708,0x7ffc5f314718
  2⤵
  PID:4972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
  2⤵
  PID:964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
  2⤵
  PID:664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2696 /prefetch:8
  2⤵
  PID:1664
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2696 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
  2⤵
  PID:3264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:2524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
  2⤵
  PID:1084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,2597639381352630092,3627216681243207839,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5668 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5028

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1340

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8004d5759305b326cebfa4d67dee5f25

SHA1
36b9a94959977f79dd0a14380ba0516d09f8fcaa

SHA256
21f35e2ac53a817389d7027e99018450993fc66e37f916e454bff9eed95562d7

SHA512
7afba827395c1a5438091bd2762a097f6ea098fcbf3db99f90f9bc442afee7a7841a6e0e83f9cbf017cda0e52d35da93f8efd60cec73638baea5eaf1c85b7089

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
368c244e384ff4d49f8c2e7b8bea96d2

SHA1
69ce5a9daeaf1e26bba509f9569dc68b9a455c51

SHA256
6f8cb8fe96a0e80be05e02f0f504e40d20e7f5db23fd0edee0e56bcffa1059a3

SHA512
ac460f1b35bcdefa89104e26379fc5639499607be6559353665a73ee8dd41822699d767532d48cffc67c755b75042294c29e93062d4eab22ca6bcbe054108a5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
21KB

MD5
05da0ba82e7797f5544acefcb87bf1b2

SHA1
42872e7c218983b293da9b8330c621cdbe1a6267

SHA256
12a685f5bde1a018f98b700782377d1640f7a1ce6a7f5da3900911ec382c787d

SHA512
7cb503efc6ce9b3c0aef5a3542c4a95e7d3bc16cdaec394905ebb8c79ca05c4b7317e668201a1db2b7ebee5d79d57ee28c5e1e3159c3b744f3309b19b84b6a7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
135KB

MD5
cb98a2420cd89f7b7b25807f75543061

SHA1
b9bc2a7430debbe52bce03aa3c7916bedfd12e44

SHA256
bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

SHA512
49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
6d9428354542bb7574d63e0b89737d11

SHA1
2847b5900c1772a12a82467763ba21ea2a2208cc

SHA256
41267594073f87c5fbb6e89b587455c40d5e0b8671861a5de9db40f2040a42bb

SHA512
14ec95b1d61e46d4c669c4ff496779484bd5e5bc7a737d43bf8a781b7e500296ed8a83f192976b91ac8a8fabe797cf21d276283c558cc521324dad44f1f6a0b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
6a3db05d4c6d1c836f82aded2ccbadef

SHA1
f6f9cf3d5f5f11e0d16eeaa5a351e55de1da3b98

SHA256
183f99638b4f03103330590f2e8c5fcdcc6ed2086adcd717200d01dc0dc720cf

SHA512
71fba7cc6f56d66f291c91ef5f81f757d270f59c91039d6d45258684de288ca5b267e763392470804e03d9bb2f2458589db756a9629a01c28911309570267137

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
92eb728148e4229757781fc8d7483de4

SHA1
c341680aee5e31d6b8ca8e91e118d841c7f71be1

SHA256
3e63838229e6eca03405e2fa15fccb22bba9b48d4657b2552f3b40fb813579f6

SHA512
32a4014dfb3c08ed7d0f1855911a29c5a297b092855c4c96b3429614f4e059136111b7cdde59479a39db74e03f4233e11d534c2ab6b96c5ee3663006b7a0b787

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5010cbacb7d92563dd9c6dcc8c9190e5

SHA1
fdaa3f7a1ebc9891a236ef925ecbf8d87ec97364

SHA256
650ee42a371049ca534c12658401bc6b264f5b8168be762bf47c341d7e423b32

SHA512
4b0bc04bcc511c54a77382f3dbf0f546380f805cc268bbcc7aa6019108b4ab4fe511758f548f3e16fac67d700a46b1908e81ae9ddaec758406730150ee3569ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
42593088a4f5320bf3743173efbaf4ef

SHA1
c470a3f226df156c9b136d138aff4b259605980d

SHA256
369e7d32711ba3cb3bfb03b38010c5886e05cbb2f731fbed42063b357f719e96

SHA512
2ca029059100b6a0c03cff59d178eca05417d5241adf6d3500dab05cf2bfa7055707eb15b885c5123a9a40ac01fd5a33930e1f9495c67547a1b6e0eddaab20b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f188d910852f8bb7f09b41d1e502ee2f

SHA1
60ddf37f3fda78ba102628d2e235b5d92e6f09f7

SHA256
226486d717c2b1d2b8b15b7e406f0c503839552997b98a8dede36465d251d517

SHA512
64066f007f895116619e0036378cc288e86a64fe37b1e3c6e6552b0d6f3cc2ccd4feda17ead015cadac8f39ccdcff400c1fdc3a4d940d01bb7dc77cc486cf422

Download Submit