4426a021c34bc3514ab8c525d13ee656988c7f7945561e008a6b69963640a1c6

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240730-en
resource tags

arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system
submitted
01/08/2024, 23:53

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

823b02056147468a2c3089a7ea473eb6_JaffaCakes118.html
Size

17KB
MD5

823b02056147468a2c3089a7ea473eb6
SHA1

fb8e2e36d836ff20d62b45a793447b894bda9f34
SHA256

4426a021c34bc3514ab8c525d13ee656988c7f7945561e008a6b69963640a1c6
SHA512

6d1fd6c8ae554c72ce40520563f9a3de1836c380c51fa9d1cadf17799db8b108fda03d763179ed7bacfe2d4e44732fd47745e460835b2b7e3aa2bb7aeea9d3ea
SSDEEP

192:j8ehV5jchVKWn9pRNLXffmj0WhM/YBLumaUMjUXnOnD+dDXnAjxdYuMFPYwVVCKw:jfJcbj2CUXn7EjLYuBqK/Q4SHNx0S2V

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4236	msedge.exe
4236	msedge.exe
2812	msedge.exe
2812	msedge.exe
2120	identity_helper.exe
2120	identity_helper.exe
4720	msedge.exe
4720	msedge.exe
4720	msedge.exe
4720	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe
2812	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2812 wrote to memory of 4872	2812	msedge.exe	83
PID 2812 wrote to memory of 4872	2812	msedge.exe	83
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 184	2812	msedge.exe	84
PID 2812 wrote to memory of 4236	2812	msedge.exe	85
PID 2812 wrote to memory of 4236	2812	msedge.exe	85
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86
PID 2812 wrote to memory of 2424	2812	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\823b02056147468a2c3089a7ea473eb6_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff5a1646f8,0x7fff5a164708,0x7fff5a164718
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
  2⤵
  PID:184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8
  2⤵
  PID:2424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4252 /prefetch:1
  2⤵
  PID:3948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
  2⤵
  PID:3008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
  2⤵
  PID:2212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:1404
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8
  2⤵
  PID:2680
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
  2⤵
  PID:4144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
  2⤵
  PID:1264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
  2⤵
  PID:1392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,9758756976003609054,4603957153882768485,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1352 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4720

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1388

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3236

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
16d2cc2d8a8347e405d36323b4e6ea99

SHA1
ea695aa245d20b1e1141f4c18ee5e56f810614b4

SHA256
5455c3741232efafea8e3b155a0fecb660800e2e0f19cd2d720281f7cdcbbc23

SHA512
85d9d1319d4b4f8442e2fbd22951d7a2836f6456f18062508a5d22031d829a23a1a4453283f2194312ec444eef57fe09ca393c5c1536efabb7495fd301433343

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ee3b30a1359db628dcaf6b053a049740

SHA1
35bb7a4d99bce5d4ff9e080b6078dd8d9ca9cb1d

SHA256
3d145dcba409bab26909c6090fe80bb55a0c030d226f26bb4e04b1bd495f5212

SHA512
6825eef8c8fc940d1e21c31e8643f969386fc5c5f467b6ae4a6709dd09f35632bfa2b87f3bc828a8dc6d70533dc7fbfcef6772e2b73586286680f4b567d92c7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
4f26e4289561a059d85861eb00b0e5cc

SHA1
16850908022452e91188cce27374e4420fda93ae

SHA256
56cf8f19c1938a631b75b9891f4119b81a7109d9dfec7989d5f278f16c23f434

SHA512
5e598ba451294dfcb57938f5e869ad4a40a4e2d37ec165fefbd02c32e71a49fe95e2389048f06803b79eafbc26a61409225adcd47558f77f4df44a76a7429865

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
69ead49fd02619f26f268b120019b25b

SHA1
070e1a3aed449cfce2f2a6e146b95dc32793f236

SHA256
00cbaa8f52e1c02fd72f34305259420c30cccdfb3a4dd34fe605bb5507d16f3e

SHA512
e6b808b2a8f05c0ab2173e13fcc89d84a732ab0856f1d002c1179068595b145b4370957910c5ab590e18b3c240b9f30255b63dba6fce7cdc60b95a9d9ef4ad44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d1e3f4e149302b26cea72e8b83b43fbb

SHA1
bb7627fbe645789c67c73c974458b3ac31d65f14

SHA256
278ac226f3f173f533122eae430d444759af4098b1db33cdaf6deb1057da0b25

SHA512
f5b8dd63ac01e38836f1bb7c73d24acc141cb67e7421bee5cb7e680826d10498dc1a5b1318d1bd813ac735fbc04f716a68a3e31aa48d060a4a11aaf8cd01055c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
598148bc05abb4f8ea26273097007432

SHA1
3124d2f57aef93a82a31e817d1a3c97c544d3e58

SHA256
fab13e4a2142ff660ed4fbe0c891fbf2cb8d047d5c4d592ebfcd68e76c9000a8

SHA512
65920227fb992e4ec6adf8aafc45588a32bb693e688e516a155607ee102ad6806b0cb3ea81a62c76c048e4c9d92948a96457f315c3cdeaa60128e71a1abcc85c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ae95dcf6a8c119526bbf5b13380c22d0

SHA1
60543f86526b0e06ed2ebc6109c6a54a10c85424

SHA256
c81cdcac54c59627adcbdddc8bdcec735b02dc9eaa3e404ba1e2fbd08cfc4986

SHA512
2ef6a8fd2b06b51a182ebcdec2d3781174fbdb5156a796062fcf57a5bf1190421bb9242083aaf988ab64128d8761108da5146ad58ac563e8a39ecc3ac643675a

Download Submit