ed5164b671aad3f423b997111c0b5e860e0c9e9a4788a21a206d4862215e87ae

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
14/08/2024, 10:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

95b7dfa75972fdc6a7609354b0a0cf08_JaffaCakes118.html
Size

35KB
MD5

95b7dfa75972fdc6a7609354b0a0cf08
SHA1

31789c5c5e286e371fd3fbf3e7c20823706eec9d
SHA256

ed5164b671aad3f423b997111c0b5e860e0c9e9a4788a21a206d4862215e87ae
SHA512

e3395e1dd0898426d97f93f657287012f9b33ae8d20fe5cef65cb8fde2c36a0a6c2494741488822794764a5ae5609ea8bfe1a9d6cf7a7217dfb7a0f8e25ee26f
SSDEEP

768:PDMEEJ1KIrjIMZjwd1+vSG4zqA6GXHJGZ1rgfAG20JG/r1JGKu6GIBCuJGGN6Gbl:PAEaIIrjIMZs1+vSG4zqA6GXHJGZ1rgC

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 9 IoCs

pid	Process
1952	msedge.exe
1952	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1028	msedge.exe
1028	msedge.exe
1028	msedge.exe
1028	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1976	msedge.exe
1976	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1976 wrote to memory of 3348	1976	msedge.exe	84
PID 1976 wrote to memory of 3348	1976	msedge.exe	84
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 3528	1976	msedge.exe	85
PID 1976 wrote to memory of 1952	1976	msedge.exe	86
PID 1976 wrote to memory of 1952	1976	msedge.exe	86
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87
PID 1976 wrote to memory of 4916	1976	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\95b7dfa75972fdc6a7609354b0a0cf08_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbb50146f8,0x7ffbb5014708,0x7ffbb5014718
  2⤵
  PID:3348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,12682363030559465512,524270729143495761,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:3528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,12682363030559465512,524270729143495761,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,12682363030559465512,524270729143495761,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,12682363030559465512,524270729143495761,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:4052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,12682363030559465512,524270729143495761,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,12682363030559465512,524270729143495761,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1028

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2352

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4412

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9b008261dda31857d68792b46af6dd6d

SHA1
e82dc88e2d1da2df7cb19d79a0346b9bb90d52b3

SHA256
9ac598d4f8170f7e475d84103aead9e3c23d5f2d292741a7f56a17bde8b6f7da

SHA512
78853091403a06beeec4998e2e3a4342111895ffd485f7f7cd367741a4883f7a25864cba00a6c86f27dc0c9ce9d04f08011ecc40c8ae9383d33274739ac39f10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0446fcdd21b016db1f468971fb82a488

SHA1
726b91562bb75f80981f381e3c69d7d832c87c9d

SHA256
62c5dc18b25e758f3508582a7c58bb46b734a774d97fc0e8a20614235caa8222

SHA512
1df7c085042266959f1fe0aedc5f6d40ceba485b54159f51f0c38f17bb250b79ea941b735e1b6faf219f23fe8ab65ac4557f545519d52d5416b89ad0f9047a31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
82KB

MD5
4cc4b8c2967abcad56d9754eccba2f95

SHA1
32ca28c03423102ab5332befb6cfc7e77150528a

SHA256
fda9892310cc0f27b5d8c8371474fda90bdbfefb5ce9bce57915c8f0c69696ba

SHA512
a125f5221308db943a2ed4bcd9442ff44d14782f6ec7dba2a09329037e38fe03f3b538f7f59d13648db005d0be8f9aa1b42b425a2324d98675465e4a5d526639

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
90KB

MD5
3a728460147fb9af7faf0e587b9fbf42

SHA1
f3a55f44fb81cf8ee908a3872841f70d6548f8c1

SHA256
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

SHA512
c6326be84aed0d20ae924246119b19ce4fd705f967d46c6c9dd89b1180984163f0708b9e0e8917f319304bf617f3c35d83657fcbfae1340bc34e689f0961c6a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
24KB

MD5
8493ee074a0bcb45cb5822ee02daed4a

SHA1
c6b1d52ba585eedd35916537ca029c7dce95fada

SHA256
5c9d4bff76d7a3d067e8ae6d53285b4cffcc0b989b16b848688509e760d19878

SHA512
434415ac09c439b3d93d57002fe0c76b9e47d3ef23067a49ea544dd4a76f3961448b59a512b8c558dc2706ec2fdf2f1778aa0640654d673af65ac700dcab9c09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
71KB

MD5
a21608a9d4a3e68f806391288984ab28

SHA1
aa62d817903977e2e4df1c2bc2605b0627d12557

SHA256
fc674f1d2c55c90a409d061573c3eee3bc6e3171468616094e1ec58ff94645dd

SHA512
742e551ec290dfd7aca35be77c9f394b8a312a9696b74c96b619d601c19a3a7faf126ae6f9de52c10298c507f95a2b6e08658ecbe29b8fbabe063d485a210923

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
18KB

MD5
217e0d04a2ae57bc2e3356dd8265fb23

SHA1
8a8ae26ccefaced169ea73830ba81127bb98e99e

SHA256
6df09b6d223b38ac33b57182f2d8aa817c4c346d3278b58090c3334b0c4df643

SHA512
13f56acf5165d2d68590f23a0067f855a74ea9c3e1b65f16987ee69ba706566409d5c0bbaad48a41b4a2411623947a104b98062c12ae2a00b871646da4814e2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
22KB

MD5
debcbcb963cdf6fe8e8105a80553af68

SHA1
afcb26fc8ecf896116a735de81960d5d50ac4ac4

SHA256
1a4ad165e67e97adb13a967d3e5094010c114fb53ca57a3bb37366a626e2d538

SHA512
6b02c0ed0caa3807e3f08be5423e6a6696c2d0ab3da8a4072fed605313fddeba06371456178c2c6852fcdfa6afb58b7cd09edbf778c0b4d34415f02f4ac12857

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
19KB

MD5
af6b968482fbc8c5c5a1bd3724e8e272

SHA1
27d4a3c90b501f7be53046b8cd5914f7b27e629f

SHA256
039a8fae3a7bbadd66c21801bd3a5806a03995363034829ef5ae80b06f4d4361

SHA512
f17dbfcaaf7a7f6a62875ee4c2d5d8dced79aec9d212c5dc9a86cb46bbce038895e3f7184e5a65add49767dbda330f74bf04c46d229a06cc4df2299f59e763ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
20KB

MD5
5c6f2784ed044094b07983ccea423994

SHA1
11eb5f40397e91a97ebc02d43ffdcd81f390d9d0

SHA256
d7d0063025bfc13648cf951da0e0ed0596cca6d654d2f85e7a66bb4367d33179

SHA512
6c7227c8fe038191e0c92fb4f974ce41f4bc1506dd48dc2994a552065de23b4c52014c0028a340c1a0a972cf220c87251d830d9bf075e8b7380317c013840b94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
99KB

MD5
b9f6239eeeb54f2442fde45ff78d8caa

SHA1
e85fe3f09e4949cf1dce259cce97776942a9b2f4

SHA256
e61dd1e44f27b865a1b2711282cc122657a00619395a2c0f467ce59140a7a483

SHA512
2ce56f5b1988ebc0c2ca5c162effddcb5f7871e8273b2cdc2497569d654f69625aa4e660ee2bf6b272c81fbef2307e6b05fc328df3d98fe6263063e2729600c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
17KB

MD5
64f378e653e14e3d25fbf926cdab41d5

SHA1
0c8281b8db489e36a83999bb05820e956a68cc7e

SHA256
175132206ce99caf6d8072436e8d48758515dceead67f04d0798818cc92ffa8f

SHA512
87e2ce859987924d9133c424dc5a2d32ea3969fdd9ad4a390c4053ef75e26e4e9fc6441298701c07ff798c88fe29992a22fdbf9d4256d31ff1a925a62a9b489d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
19KB

MD5
dbe4c23518ae747d5752cb0f43ae44ef

SHA1
bc63ae0d2d5ee4c3726ef05cbfedbc90a8bd3d21

SHA256
b7be4a518842aba7253992b35f5fa60944e67f48a54bd200520159df37a99cab

SHA512
61b442af13d71d4f76320ab1d8703ee18d82d26d9008eec9723eccc306e65d8b29a88c9b9db9aad205217af3bb038724eaa9cdd5cb6a9c166ab11998f24dfb55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
20KB

MD5
0f83f5bf164c02deeb535ff2f4c0047e

SHA1
1f75bc3a4881c3942f0ad6bd7a12b20aff9fd4e7

SHA256
9b4235de9af4af12509e9b67c921468e6b5fc1e6ba4e39a138f3cc91722b3c26

SHA512
feaa73d357867c1bcf68169d185c9063cac54fa91afce647974ce3abee31bef5f567eb399632153c2bcc47afcf1ee9e8624c793b0ab0e667e96bd6512f05fdea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
32KB

MD5
c5b5ddf2d6a92e069971c5e2029f85d6

SHA1
037df82fc2ca19abda20bc9677ac88a8dc688771

SHA256
6f7c203b54019ad91aae953ee1ad67d7cffeabd7610b6141593700e573a4cf5d

SHA512
7661724e74280174915f20214767f38dfd0345907fc62c41bf867f228e65a38ce76c7604ded882252fd08af2489bb4c8f2643b32fac9effa80de4721ea7f23c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
728B

MD5
a5d4f12caa21dfd63607212db46aa021

SHA1
580bd5b215d4051c6b5039a52edf5c7c5ceba636

SHA256
edafc8a378a52bb6f40b3e9d90efb543e81e5a6adc5cee2317f7eec742d7ada7

SHA512
7b5c889ebe35e886fdf39cedbc7f3e2e625fcbd4d71a3ebc4381acedc7222f7b24092d8c8974aa36a2e6905c751e2ca1b2b7cee608559906ed91065854c3e304

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
728B

MD5
18d3b828b1e8a0a532162940ad797c10

SHA1
9a11e8da597d64810265e68e5a3198d960968b28

SHA256
dd7c83fb95a19c0b3f9c2d456a8157e11f62b5892c698eda2d8b58ad8285ab06

SHA512
a1190f17d873698e1365fe0da582168cf3533315b4143da46782bcebaf30884761039bb5d2012ab54bafd8b7d1238ce4a5e7bf926722402964787dbb6c668cb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0e2f0715af37c852e876ec01433ade59

SHA1
09a898639170bb4d5886214ac94b79e6febcef30

SHA256
fb6ca853654a67c952ba7accdaea0e22ac1327788ad8eaf9bc3539e159987b67

SHA512
9bf7bdcd9e056b8eefea4f1b4294dcf27c305d24bf3ab4605708b0a53fd7049cd0940479aa09ddfa811f57e4e1a3ba0e71eaa07d81d1f447b34f34fdc7b2a502

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c15cf4e0c294f0f377f9eda21dce3be8

SHA1
b5be95bd6f1dae4c8bbbc1fea9c0759e110a21e1

SHA256
4f51a5f328608d396b6255f551e186c3a4435471858d88c4c139faac73c85f39

SHA512
df90bc86d0bb763b79d7acc0b3292da8bd5f9fcb458297de5dd6f5c7ca893fde1446106b890242ca20338afb9865df132fc8ff2a7234b42ca8492ff644389a73

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
6d6fae34960281006d49a920ce0a98f8

SHA1
6355b414d3f0586fe3a9fef34d0efe2a293ae5a5

SHA256
cc663de7113bdf82b8e95a2df2f5629f9171618d2e1a798a3dcf3ddd4896c296

SHA512
c62af7c436a55367516033c7ff8396e510ff95e493df1a8a10e746238ec5dd3674db488fa89d5591e747b18c8826176011fcda441cafeb03b0dee8c56a30db68

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
41104ff4f854f3ec57f4ef0309b8b28a

SHA1
9256cfa100598ca62dce7f56f43f25b0c8a82664

SHA256
aa6ff5669698a7daea0cb905894fa137774169676fb1c5d7f240e5fd05610761

SHA512
c6e2354fa997b180c870d740a85147b8b5e241878428bbd5797cca641bafb68946999b2ab6dd6220c022f73cd1745f12b0c34efaaa3f5b91b8a8706912b18b60

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58a96a.TMP

Filesize
537B

MD5
87d59904b28ca45e6b26bb0d7ccda273

SHA1
d1be7677b448dce0636f317c52d49653af0ddb24

SHA256
2a43837d96701ce5f2c7fcf5726e3758950950123ac1cd8ecdb3fac3620f6073

SHA512
0f6ec6543db9825f7d3a2bf544a6657103151bace02a8d91c497a633c4f11484fded90f362822ea96e4648c4bf1d2e4af854ca4d4198327f569d6fac0af9f099

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b07759a1354a04285e342848ce7a2106

SHA1
8d2cb16ec133a61bcf0a74ed3131f101628ead1d

SHA256
147f2f7e62e2c59cf566cea4a089e082a38126d6fae558df9693f1a741de98a5

SHA512
8ea645940b7618084e744193fea5dce927bd96b89d883248ebf4cdcb0f4789f44776dd57e83bb387ce019aa589228b09a3253091cfde6859b1e27296cd535e3f

Download Submit