3f214d93d2f85c8a20a2f0635848285e6314d49b976faed389cb14a7d0595075

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
21/08/2024, 05:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b24ec4c9321cf3047e6e708e9ce7b499_JaffaCakes118.html
Size

64KB
MD5

b24ec4c9321cf3047e6e708e9ce7b499
SHA1

674e2dfcd73b92024bcbcdf777fdce44b84917cd
SHA256

3f214d93d2f85c8a20a2f0635848285e6314d49b976faed389cb14a7d0595075
SHA512

a18c9d6335b5db2a51136bd8e1f40c1349089297996c9d3717978dc59e01a96265be58e27f67df7020015ecca562fe23ffe8ef45d97082c465f20c79bee678e1
SSDEEP

1536:DIF7hD2uVvnaFz6n1AaULpBS2oqVUDDkqAi2DaamB5e/6ueCg0pEwe0U9Snza8KQ:K7h9Vvnmz6QpBuYaaOmU50U9SpKg9nn

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
4028	msedge.exe
4028	msedge.exe
3448	msedge.exe
3448	msedge.exe
3448	msedge.exe
3448	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4028 wrote to memory of 3340	4028	msedge.exe	84
PID 4028 wrote to memory of 3340	4028	msedge.exe	84
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 1016	4028	msedge.exe	85
PID 4028 wrote to memory of 3016	4028	msedge.exe	86
PID 4028 wrote to memory of 3016	4028	msedge.exe	86
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87
PID 4028 wrote to memory of 3252	4028	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b24ec4c9321cf3047e6e708e9ce7b499_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcd83a46f8,0x7ffcd83a4708,0x7ffcd83a4718
  2⤵
  PID:3340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8
  2⤵
  PID:3252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
  2⤵
  PID:3776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:4064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1304 /prefetch:1
  2⤵
  PID:1056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,1440168125866323519,12413228949750974528,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6536 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3448

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4208

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3116

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7114a6cd851f9bf56cf771c37d664a2

SHA1
769c5d04fd83e583f15ab1ef659de8f883ecab8a

SHA256
d2c75c7d68c474d4b8847b4ba6cfd09fe90717f46dd398c86483d825a66e977e

SHA512
33bdae2305ae98e7c0de576de5a6600bd70a425e7b891d745cba9de992036df1b3d1df9572edb0f89f320e50962d06532dae9491985b6b57fd37d5f46f7a2ff8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
719923124ee00fb57378e0ebcbe894f7

SHA1
cc356a7d27b8b27dc33f21bd4990f286ee13a9f9

SHA256
aa22ab845fa08c786bd3366ec39f733d5be80e9ac933ed115ff048ff30090808

SHA512
a207b6646500d0d504cf70ee10f57948e58dab7f214ad2e7c4af0e7ca23ce1d37c8c745873137e6c55bdcf0f527031a66d9cc54805a0eac3678be6dd497a5bbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
67KB

MD5
b4b711f3e747704ffe02b49791ce8cac

SHA1
ac7ce4cbd3c8ee66e3c8d9d209c1352c160c3b89

SHA256
f65bf40e2f0ce993b54772f703f72d53f0fa925457346fa8ec2031879ffa91d1

SHA512
b738deba57337a9147927f7dd35eab7c999dea6d2ff11f57fdc2e5b6f64326028a54778886548ba128a3f03ee333cc9e43de5162d8b578b85c290626577042db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
a6783c38d0817693220f675cb704217c

SHA1
c44187f73230622df695992ae24891f731346b89

SHA256
75afcac38718b8e5eb1df091aa54bd0f75477a1866a529554cfc88a86ede1eec

SHA512
48fd8fe79daf8a1709c749ce123ce2a993739add8f63c5e99bab1c43d4eb799f3e9b6146a664f48c92190ca2f1e653c74879ccfc0ef67f335940c9966ef63d66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
97a5db4c6b95b0ab066c905cc440221e

SHA1
9cc0b5cc6518e79c20a58277d9f316604d8f3c7d

SHA256
800fadc535bce680c7355c9529db4e23b6013525a7692c7f42fc22a2446fba43

SHA512
94e76ac5779aa2cfc184d1f9f21565f5ac2a1f2caf9e1b5384c516662de3e3b0c29bbef0ea16b8e8cb36b4eabd88307b18111412569df39257633cc5672d6ba9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
3587c3c4d8fea773bcd96f2911c5013e

SHA1
ae851506d2d51f4814ec64179716adaccf6148a3

SHA256
656c7850c97fadc2608e107abace8ddb0e9af81f40816be537f7898b86343a30

SHA512
de4ec676bd1d8db97f87b8aa994561062ceea5df25fc467c49f5f3b82e25f23b1724244c9277eaad84b5cf4a5758cdfc8ef2ca3214b3963562e91f9dfe360a8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
0d4fedcedfac6a58a546049eec322ae1

SHA1
5afedbb0131065a6e02ce3c6f8edd176e456f356

SHA256
704cac6c30685a721764f90b8876964004b131bde29b94aa0bb24bac0ba1edf7

SHA512
8056fc277bf90d188dc25b355e2385cbf7c05477a64a953255475166582275c33df6848768127b39376e3b20e47a88a9530200855b395cb408b4bca9f43c9088

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
60902594f7c461b5f6082de9d60b1414

SHA1
98275f935b1faa9b53e19d18e6bd1e0bd75836c2

SHA256
47be1aa77cee337e2b0c569640c959f309314105dd570ccacd7b4dba5ecbfd25

SHA512
15bd43a3024e9d83931c2fb3595c0333740f812f7e3986d7829b9cc093bfb09d32c3ca4cf1525e602b41d7022829a1fea9a0916235e8a84b30b470fff15f2bd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
823ae4804c13252d489333f8a72f0780

SHA1
4430486abdd06551e2753ead2bcc18dd3b02ced6

SHA256
ba6320f2d60abacee282e28f5f2cfa9b4a87d0daa7aede96c22f9ef2883a4bfe

SHA512
37f2ef4ccbd2c5a87d2a4a9281d34abab3a4d12727a93e0702091e9e9c3fb2c6aed52eeda99a2e59b4eaf2787d6306170046eef32d8054aad3cfbe3ab27629fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
75245221e844837663c186e946dbb55f

SHA1
64eb329b1abe96a51d5d9770ff2febbc19e1d8ae

SHA256
9536227128e386de026aa66e19d7d5e06db2a96e5cedbf28e29e4d16dc042185

SHA512
607f3bae45be40d8cb5d3c5c2a172e1349185d115c931681c2cd3a06cacad0c9412b9ab76fcb0b0713ac9b30bc4eecf0dc820a430474ea728926837641fab71f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
61c338c35c0772df8e8898fbea4eab1a

SHA1
bae1c129a4d14f9380f9dc42248e68c282584be6

SHA256
0b15a7f537f31043de2b0a956a83dd9f959809674a0452a8262af8d442977d0d

SHA512
2344ec54048370cc32378c7f61bb51fa93244b82be820020ca2d057227e84c18a325be63f8a0a50f7d4fa54d1e9446449b8d991d3353918febceb39e91967eab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
873B

MD5
ba2d720b034aa03618e00cc14ea9ee00

SHA1
6bfb0adeab9dbcbdb447a68a53b92d1fa828f555

SHA256
b14513f1394f9e2d30d50e13055d4953934d54e1d43a3c0482c493118dafbad2

SHA512
f73f862773531d2703b4791e74a4d48f8c52ee16a46cce197bca5654bac1cdfb688a99ee3caa0a2ac1601009c71622f8f6d3ac53f1f6ea0f8255b90039d240df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5b88c691a6fa6cec240ebca3e49aa0e8

SHA1
41439ee93f64dc12c0147c355e313b872424c0dd

SHA256
f1ffc7294d94ddabbaf8a32729c95188dae6e77b83e3f72073f5c9f2fe70a7b2

SHA512
80bb6bb9aa9d943ac7f65bd55ad222fa4a2435047eda06f1dcad60f4525d7ae0cdf4ee9fd479faa9d54df547456c5f61d355b1e92323349f715f6c7491c819b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe591592.TMP

Filesize
706B

MD5
cfbe462d3385702ce6c60a1cee201b8c

SHA1
72e5d3de15767592a5531620101e03bbf073d8cc

SHA256
ff372019ac85a24509985b671fe6f2c8e1acfe4be52d9407538112b72525b707

SHA512
f24b9318a7f576db9f4ce1b0d3c6dcf4162392d9fa2ceec7b95825dded9be753151e599759a615b90d18d312a97316a2988690660dbbd78674a29777a9555601

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
46ce302cd5d061a4bd7674105ba2c1b9

SHA1
3daf0308d3830c84e55851d563f35c940222d6cc

SHA256
84315e11d4ac022633f2ca15688c7bf0e7ecd8a3a2ce909a775cac81ef393e19

SHA512
80501cca7a523daaabadc5c8642f310d58a2749a8abcd607febeee9a4c1053ede42b2a781b66985d5b48ad0b9ac74fb47e2a86abd64769c019193be5d19369db

Download Submit