d5e3f690a008afd8cc97b0951c4f58392234fc6f32832c8b54d6556ec201b567

Analysis

max time kernel
145s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
21/08/2024, 14:51

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b3e756818cb69ff19ea7c0c75a34eac5_JaffaCakes118.html
Size

17KB
MD5

b3e756818cb69ff19ea7c0c75a34eac5
SHA1

60ae840d00b7ff301b300e197c25230804149670
SHA256

d5e3f690a008afd8cc97b0951c4f58392234fc6f32832c8b54d6556ec201b567
SHA512

cd1e45cbfced9f5afd7c7a263270c5cdec1cfb19c82e0464bbb29300e98616e4f1f9c941b4aca4fa8c95b37a2d57fa2d06694bfc0c6b357bd1d65cb01df163f0
SSDEEP

384:wh+Sco+uuNXnPbf339XOTVGKehNz0dO2V:ocFRN3PjtiVp0NzyT

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4500	msedge.exe
4500	msedge.exe
4416	msedge.exe
4416	msedge.exe
1868	identity_helper.exe
1868	identity_helper.exe
2092	msedge.exe
2092	msedge.exe
2092	msedge.exe
2092	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe
4416	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4416 wrote to memory of 2976	4416	msedge.exe	84
PID 4416 wrote to memory of 2976	4416	msedge.exe	84
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 468	4416	msedge.exe	87
PID 4416 wrote to memory of 4500	4416	msedge.exe	88
PID 4416 wrote to memory of 4500	4416	msedge.exe	88
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89
PID 4416 wrote to memory of 3452	4416	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b3e756818cb69ff19ea7c0c75a34eac5_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffed10146f8,0x7ffed1014708,0x7ffed1014718
  2⤵
  PID:2976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
  2⤵
  PID:468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
  2⤵
  PID:3452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:1092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:1792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4172 /prefetch:1
  2⤵
  PID:3948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:2512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4136 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
  2⤵
  PID:4432
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6116 /prefetch:8
  2⤵
  PID:2944
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6116 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
  2⤵
  PID:3992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
  2⤵
  PID:5192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:5200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,11492904941590250996,2814134994018555579,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1932 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2092

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3728

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4448

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
53bc70ecb115bdbabe67620c416fe9b3

SHA1
af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

SHA256
b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

SHA512
cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e765f3d75e6b0e4a7119c8b14d47d8da

SHA1
cc9f7c7826c2e1a129e7d98884926076c3714fc0

SHA256
986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

SHA512
a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
bb1a089bb599d13ba96e94a012620a34

SHA1
daabed0e23babf470d72d197893a7f9787e8b7b2

SHA256
d6b321b3dbd8f9827d9011f53410e048e6fd76579022987ee9f4dd21f6d532cb

SHA512
859eafa7326ede282acfab6d0dd186d385a645fbca98b2cc26582a4b89a575b9401210330ba49dd9a3fa8a5d38277d0b1460aeb16dcf1d8419aa83ac8433e2af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e555dd922a61d099d83c7e86df9274ad

SHA1
d6223426390f5423578c40dea9a828d03c9faae3

SHA256
942f399dcddd2c288c0fd88dc43f4b4bcab35bc4d711c0013ddbdb7f8d951eb5

SHA512
43d785ad6ec27ff309c1554614ba7e93541dabb32ffba279e5d4534de6c184ea0582c2cc4f148a03091ab1f82c56381ab3062093512c5a470be6b118daa994eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
1b3989f939898bebf95d7a3f14e42cb9

SHA1
20e2c1c8960a545ee33559ed27d68e33bfcd46f0

SHA256
f913a8f101a5b32a2b5731a61190b13a462ef5ff22280db7848e0ebd51c38bb7

SHA512
bdf4f028245859ffa7b764118f8d2dde31955b037ae263dec0fb5a11634950f327902f4e27f554d53108bbe1d512cb77ea0fd190c0680b9b988fd5eca009c970

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
77017536ddb3a0181736e854aba0945c

SHA1
53bc82acf6c1bd5e9c5a6e24078868ca9fbd9e7a

SHA256
5e02f58435faa2a08924d6cfb8f6885119f65493bd369b79b7925d3a0a14ba85

SHA512
19c4cd8613195d5aadd267cc14bb5f4d94106c66f18e58e0dd1f5e7dc2e795e753fd01ab56334eb021485bf8874a2f15080f43f0a873f29e69088dcaa3903d6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e83d47926811f4a412890d2508172c4f

SHA1
c6087c37c3e2126d53a16bdbfb22f730beac0dff

SHA256
9ff502afdd4ee3742ff26aad90990a46876073e801fcae519e8eacb8b4f1e8fd

SHA512
ab1a38f2b57ba5174c20e254df4df491bd3ac3db4f0048e750c6885f88dd282453b13f747daf76f80a5ad2f3943d5228a87640c70c282295b071e720c2da064f

Download Submit