8e3dc9d0d51d9872a7d0e761470f3ba537f6351a880b2c3d27af08e18f6a03d0

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240730-en
resource tags

arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system
submitted
02-08-2024 00:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

82698daf234976ef2d246a25cb87b4fe_JaffaCakes118.html
Size

71KB
MD5

82698daf234976ef2d246a25cb87b4fe
SHA1

df06a11b1abd93e1b8f027569c18703f57fb5cba
SHA256

8e3dc9d0d51d9872a7d0e761470f3ba537f6351a880b2c3d27af08e18f6a03d0
SHA512

5e4a392709aafbe08e2cd9f07cdce0a42a33e3722fa8e4dc343445201abaacab0ad149ca83685d1dde15a6d572fc5516bbbc8a085a5da72917f94b7df4a3345b
SSDEEP

768:EIsSJPMpjFgG49yJsHp/jo1j45F5RV5DA2g42tPa2bd:EIzMpjF29yJyU45/RVxAh42tP/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5080	msedge.exe
5080	msedge.exe
964	msedge.exe
964	msedge.exe
3224	identity_helper.exe
3224	identity_helper.exe
4412	msedge.exe
4412	msedge.exe
4412	msedge.exe
4412	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe
964	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 964 wrote to memory of 5044	964	msedge.exe	83
PID 964 wrote to memory of 5044	964	msedge.exe	83
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 3244	964	msedge.exe	85
PID 964 wrote to memory of 5080	964	msedge.exe	86
PID 964 wrote to memory of 5080	964	msedge.exe	86
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87
PID 964 wrote to memory of 4240	964	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\82698daf234976ef2d246a25cb87b4fe_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd632a46f8,0x7ffd632a4708,0x7ffd632a4718
  2⤵
  PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
  2⤵
  PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
  2⤵
  PID:4240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:4012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:1896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2600 /prefetch:8
  2⤵
  PID:3908
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2600 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
  2⤵
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
  2⤵
  PID:3268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
  2⤵
  PID:2448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,3539474691848219505,3306057471853200952,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5956 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4412

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4944

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4588

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ea9ef805116c4ab90b5800c7cd94ab71

SHA1
eb9c7b8922c8ef79eef1009ab7f530bb57fbbbea

SHA256
bff3e3629de76b8b8dd001c3d8fb986e841c392dfe1982081751b92f5bd567b0

SHA512
8c907d2616ce16cfe08ddeb632f93402e765c5d9430a46e90ab5ea32d4df0a854c6007b19f9b0168254ab7aadf720fed8c68d1a055704db09c1b36c201a9b3b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
347755403306a2694773b0c232d3ab2c

SHA1
94d908aa90533fcaef3f1eb5aa93fee183d5f6ac

SHA256
d43f2dd4ac5b6ba779100eb8b84bc92fc8700bedcd339a801c5260b1bb3ce3bf

SHA512
98f1fb18bc34dfc224132dfa2a2e6a131b280b25fcb516fac3bb66da2a47c7a7061124881de6fa5f65602663dc0ea71357b171a3346bb1514176943438322253

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
21KB

MD5
c3a1bf5fbff5530f55ad9f9fa464f25c

SHA1
449a621b775cbe1d3ab69c54a0e18c0ccf6d6caa

SHA256
4ea6b3a39d794db93d1084770cc340272f8e5ffd5cd8d0c05c1f5841e5dc13e0

SHA512
75aa617b33be2eabe9f67166d14939d58abdb2396b9911dc7ba612130d2ba9adfc90a3cc9b6de4dd6cf8731c90f2ca74b7f9cfaf4a9d0bcbf90d03c907e45a54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
45KB

MD5
e9d439802e86f4bd21b443d97de8689d

SHA1
43be680996fbf959b86f441f5575251b15bbad3e

SHA256
13d296d36b1cebae0065599048c3a1f181c6dc435d4af2dcbae6d9461ed839cf

SHA512
530f42ee9576c18d8865b5f81b8dca6bc1e657cdc73c3e45cd27588edc201a20a55712ff2c9e92b05e24edc02549ffcc06b3eef1315faa55a1cbecbfac434fd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
0d12b95ea5f2f29b56b2f280afa91128

SHA1
2b29522a18052961d6b612b18c42e03b5054c529

SHA256
f51048f9417161d8216d1b02986778d3122f1b9dbe5bc24c10813938e7615f2a

SHA512
e72667bc09a8bff73ea78eb3470634ec4089a416db2e13cb5972b60b834f260c3287f44eb43ddc298d9e312a18f5a521e125b05ef58819183a5200b91c677ddb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
cdb8d6d0525edecbc8e44194e96b2212

SHA1
faa755e270cf7e478824b24da4a2e600736c3e8c

SHA256
e131bcc7f6f8b982d44020010c590c25de50da2b4320e5485146c1ed5f70b771

SHA512
e8d131224233637d9e608183b543c26b85c009473e03ee286633e9e452b0b0b7055d18a022405065d9d1dbff472e6893409a9ca99a9443591b6f518054249281

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1b323fa6e173bb4e9fdfb15904a5c75f

SHA1
419bc2290511eb0f4476a5d92fb2e47f1228887a

SHA256
590ff020cbe5b8078b6d6d6cb48f488f1c33cd9e119a4e6547b14e8a1bce8e92

SHA512
9bd2c43be993947764b62dcf1910db208a9a52b3655ea48a4e72d340415dbf7b2fd94dce74de75b00a7d0e5b97b5dec79861e4dae47570ede09113f4819fb6bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4d85ce4fe9bfaf52a36acb66aea0d857

SHA1
f4e4586ebcee0da566f5f1617d1db9c55cf0321a

SHA256
0549fc3a5260f149f560e628af0016bf5d1d1a479d8351aaaad859b2bc76a1c3

SHA512
b448e20ce689e276a618a97a92ab40fc3bd803eaa2d4194d170cfe72dd78f70d06bc20ed4c274827b4dd1dbb01bb7799c417f99500f49ed77fb53a17282dadcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
84467043a1983d16b2d5f691fdabdced

SHA1
b25e983ade22a83724370f1f41499cacc6ed55eb

SHA256
132d9d57b11577a17b4e5e5f5658ae37297e28e1dd502017db6defc6bae4021b

SHA512
cca37e254f316e2f1e96f47bef21bc11718b0c98ee6b616e5c7db9cdd33a85969ffdaa94cfaf9330fe8428ab9bce96a33ec64ad3b293b8a2e4b50ebd1133fff3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ae9e71a42f3c0d697472f0d9478f5339

SHA1
4a71111d66c6532bc0c6d4f8935283c623939c88

SHA256
1b18634272514049d590ce5b920e1b82c83862bca917bcac06cab3e123f1ae7b

SHA512
29cd2f30103e654a02bfa295af0057159e7f5fa30b74b0f548936575a633e707757c9aff3d9b48a87d708c73e3251e6283fadee29f1f258fa1e773b1c8476e6c

Download Submit