7c4e5d775eab6841f9b37a0274bdcbd0d491248602e05693abebd78e07944e5b

Analysis

max time kernel
145s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10/08/2024, 14:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

86824b9465864765add14383f98c871e_JaffaCakes118.html
Size

63KB
MD5

86824b9465864765add14383f98c871e
SHA1

755b0d9eff5f546094883ac221aab2ea2e800860
SHA256

7c4e5d775eab6841f9b37a0274bdcbd0d491248602e05693abebd78e07944e5b
SHA512

9090daffcdbf26dc2641444d5b1e94a489aba17e6764a0c556cc29c4ea82e877a1771bbac4709b73eea8a3db9ef3837900fd000ba11d60ed4b380c07b38fdcc2
SSDEEP

1536:G3qZ2ll2TFnKRaG1+RmS+zwkXyUGcnIRkbzmciGkKlhd9ecw/FvV/cHQGWBkQPNm:9ZU4nKRP1+Rmw+yBimciGkKlhd9ecw/m

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4516	msedge.exe
4516	msedge.exe
3936	msedge.exe
3936	msedge.exe
4060	identity_helper.exe
4060	identity_helper.exe
5360	msedge.exe
5360	msedge.exe
5360	msedge.exe
5360	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe
3936	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3936 wrote to memory of 1300	3936	msedge.exe	84
PID 3936 wrote to memory of 1300	3936	msedge.exe	84
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 5064	3936	msedge.exe	85
PID 3936 wrote to memory of 4516	3936	msedge.exe	86
PID 3936 wrote to memory of 4516	3936	msedge.exe	86
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87
PID 3936 wrote to memory of 2352	3936	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\86824b9465864765add14383f98c871e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff807f246f8,0x7ff807f24708,0x7ff807f24718
  2⤵
  PID:1300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2488 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:4080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
  2⤵
  PID:3968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
  2⤵
  PID:3620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
  2⤵
  PID:3100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
  2⤵
  PID:1456
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5624 /prefetch:8
  2⤵
  PID:1436
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5624 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
  2⤵
  PID:3376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,5553795220152831430,4570377904016185478,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6832 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5360

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3444

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1332

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
53bc70ecb115bdbabe67620c416fe9b3

SHA1
af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

SHA256
b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

SHA512
cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e765f3d75e6b0e4a7119c8b14d47d8da

SHA1
cc9f7c7826c2e1a129e7d98884926076c3714fc0

SHA256
986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

SHA512
a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\82032cf8-b8f9-4695-9a53-b3126823e16e.tmp

Filesize
6KB

MD5
e5c6587251a79fa4d06f9b2512c07da9

SHA1
0355e8ba78f5fdde860d472bad29ea569c0ad89b

SHA256
513ccde6b755bd00e57b90d1f88658972a6ba6ae43716b834f611a0006dac8a8

SHA512
43de07d9442167e3cd5b79a53925509cb17442bdbe58010f74a5d06166cfe84a10f34a7f89d2a4a22ce4a64d2fb69831ced6577a247a6831706bae6f958bc7e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
21KB

MD5
dc52475756e1c2cd28a642483362cfea

SHA1
f3ac327ef03dcde06f67e14c832fc8192720c5ea

SHA256
101e409217ecf85114a73cb222e256680fed2c01985839796fd7ee33abba9f2c

SHA512
51d10255550361a1d3bcb0ddda3402e7479c7babfe109982d6fd0143df08699ddcf6119c09b6f3ba357419a6d2828815c750a362c67a7e10b3159df8702af4a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
135KB

MD5
cb98a2420cd89f7b7b25807f75543061

SHA1
b9bc2a7430debbe52bce03aa3c7916bedfd12e44

SHA256
bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

SHA512
49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
63f157358d5008278f4bc834225db64c

SHA1
e01aacbbdf197fe5f0f8a82f7aaaf4207d220bd7

SHA256
fb94ff3edef54b6652e45b216b3313103a24d58bd7cc8a79c0e69bacaf61312f

SHA512
1d14b72fc905c4d7d003203cf4a75892f145fcbc9a161089b9c272202d323255a66bb10505fdd848757bc2d41a51929a1bd16807eb3584734ea13177e249f39a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
461dacdb3582f2919ad57418426ce02e

SHA1
4450df96925692271b87644b07fd736cb525795a

SHA256
b3890d27738e9d015118f3d26720961863af614388141f5dd84129e7e9cae7f3

SHA512
3eccfb879afa6d7a75cad17df5d3151bf8969959eaba4026fe69c069cabf21a034924d3b6515147ea0aff73ceaa561cf9217a1a27c9961b280d13dfe8c0ca79d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
af33605051830dc4ac127c9f8c1acd35

SHA1
bfd8699df2d54190af6615585c32de5f528b5ae4

SHA256
aac2891d3bebbc184d252e1021c96c5cea208bf88a75caaa73bc5a26f3644513

SHA512
cc3a859564dfaa8ad82ed6a6419caa36cf0a5997c4596f4c80bcd5324665297f8a51e561fa8052aa6db89523930b1a4d49f3fa7548ae1606b212dd408c52963c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
05ad527454ad640d83de9c2de7b39247

SHA1
885cf45f7414e801a0aff3f64a7a5664cf0fd265

SHA256
6bfc247f920a2a8b8dd1c53b35631333fce0126a6b0f374ca23241d1b605b88c

SHA512
a7e7293f444b7d0a107c649f9ba403a7622d924fb751959cf01d790c64851d0cc771c0b04bf61e1c0c174d48f6cc05ffb956644ee8ac89ff72559d09f12fabdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
01a710bd6f63246fadd4c2beea2b1814

SHA1
5645f4e6fd37dc0373d5a5a73acbdf5e8efa208b

SHA256
1964cf34713a2555d94b06f39ab60dd19305ba0d4a86a5bd7051b5a73aa72259

SHA512
179add2792f562e90c3db4983d4b63ec82abe809dc8e2bd955d8112b4cf127dd2764d9dd9c54a2e2fc2ab4ecc21244b478de3b3abe696114223b35759dc4ba2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e4e472f60379048ad0df66bf195640c9

SHA1
bd240fd0f674dedd7291bafce053502cd711bde6

SHA256
ccc90e7e2917104c2ae20073a7aec5ecefb3b39228577dc08716c5c72e843545

SHA512
624208719fa86778f165f46cf8bffb0a0c7b57ff1d2c70a6fce4d84f66cc4b3ae81a56a8d9ae91203ca89275ca03dfe0b32b37450a27d551df3304c27f62edfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
9c6951c14b9b9a358f46d256a9ce0d6a

SHA1
7da68cb8f119438c957b04949aee62f8c84708c9

SHA256
a0540fa7c3333dfc7ee663a4b75407dfb1f71ea99e0e81d6464a2957d94e2dc6

SHA512
9f9ea5efc1ab63d4dba47737747dd3a8182a8abeb3bf67a34ac61bbbb3a527b53d211ae31d2d1eabbdede421125dfef4f372cdbc8093a30efae9851d6cfc98b4

Download Submit