57d813ed5464abe9ade8a8e74d9cc468605bfc9791b7d5bfb3b36528eae3b2cf

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
25/08/2024, 07:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c03978fbf173ec0ed95c12c6809b53fe_JaffaCakes118.html
Size

21KB
MD5

c03978fbf173ec0ed95c12c6809b53fe
SHA1

ff9f61495b03f8df74d342c9f5b127102b7cadd6
SHA256

57d813ed5464abe9ade8a8e74d9cc468605bfc9791b7d5bfb3b36528eae3b2cf
SHA512

fa79439b8d5787fd9ca09ee3a583c69d35adb9cc63036e609878bdfa5a168365b5785139c476bc79f43289a5e65737343686bfe5583e12495245409935f0e8a9
SSDEEP

384:eu62KKo0lAt3gAK3z8X9QITHVaP5rlE8ja8I8L:XlNK2vEGL

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
60	msedge.exe
60	msedge.exe
2208	msedge.exe
2208	msedge.exe
4632	identity_helper.exe
4632	identity_helper.exe
4828	msedge.exe
4828	msedge.exe
4828	msedge.exe
4828	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2208 wrote to memory of 4072	2208	msedge.exe	86
PID 2208 wrote to memory of 4072	2208	msedge.exe	86
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 736	2208	msedge.exe	87
PID 2208 wrote to memory of 60	2208	msedge.exe	88
PID 2208 wrote to memory of 60	2208	msedge.exe	88
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89
PID 2208 wrote to memory of 4216	2208	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c03978fbf173ec0ed95c12c6809b53fe_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa8a1f46f8,0x7ffa8a1f4708,0x7ffa8a1f4718
  2⤵
  PID:4072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
  2⤵
  PID:736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:60
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2576 /prefetch:8
  2⤵
  PID:4216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1
  2⤵
  PID:2528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
  2⤵
  PID:876
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4836 /prefetch:8
  2⤵
  PID:3332
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4836 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
  2⤵
  PID:3020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
  2⤵
  PID:5068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
  2⤵
  PID:620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,3312916006223897617,12668835303359531478,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4828

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3740

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
414c66be97077aecf7647eff34a5b932

SHA1
1cbf6e4318988abdf697d2d22383039edcb72cc9

SHA256
0b3e31a2d2af89bd9ae5b7fd9a9dbc01e280222c0f2b91fab86dbf6a0445805f

SHA512
a264d95d5a1a9a79be028aae4b1ce47138c7ce857c4edd83972f80c5fb528605650a1081f033158ce22a995703e983b59fe6e7f54755db50a7bbe99d472b5f96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
c7a30db0b36ccbebad6a0954a417df45

SHA1
958b9e56f5280e728e6cf9cc690e50430d1870c8

SHA256
90bd1035d60a9ba9e8196a8af96bb2dbde6bf6cde5d9f353a7e8b8f219e610ab

SHA512
eacb0c33f4d2435027f72b2653ee650da5be9558ddb99509cd0c5f44cd4f4b383ac40dae54dc344724250631d1b0b9b8c025cfce64844a7287f41b912d427900

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1023B

MD5
f9fc659e341e7835353ca619b3bf3d0d

SHA1
ab2a037eed4886beb78c6d46169ceb04b67cc6e2

SHA256
84156c0add56b99006e071c1100e51381bbb1f8c1d475f3140f5445a79edeeb9

SHA512
67fd0f3c98dbf3b155711281910c548ddbdc838d48f0c850bbe35fffaad3c207f97b49a5ee1edbb0bcf93eca7e1f0cbf5dd3e28a01c494a9d525911286866a98

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
476d9949e01ea28536a0bece0d3fdc43

SHA1
84986ad07ef41c912cfad8acd21e845bfec5dd01

SHA256
fc39b09afdefd66e19b881797283e25cc6bdab56cb02d69c4d169c57253dc0d2

SHA512
57dc70ab938865cb856545ddf691bc5ba86024238f8b9572d53ae2b97c6da9906c260cf95e2a9e77850b6a1aafe3338d615fd0756f082f6f13a58c71229f5b93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4924c05b8bbdc7ab5c9599cbe5f148e1

SHA1
787edebba826856406f40513998b519305d9fb3b

SHA256
1474d9c7aec15efc7e4a68fcec34bf93ce66aa8284417811a79e203c8bc18e97

SHA512
53c3275b3ad7211b6ea0e67141380d0129ce81ec8dbeda35c84bf4aa0aba78c69d6bdd4f02d6c9b2da32485860dc7e25b709f8ee92fcb9e1bc3d86025ee92d87

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6c373859c9b518101e21dc1901e501c1

SHA1
abb68a63bd6d57def38aa8c6e65bf049e87d6823

SHA256
1bfa606b08dae3c7c9ea893adbd5400ebb910ac6d7ba0a26017ccb0c24652826

SHA512
8c5e068aa0753e53b1923b4da5e5b0f7a80daef9368caa1116e547dd9986844066307c4524a05cc41543841c247f83240b95ee3b7fbf31898d618adef7b7a02e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
848fd427abeec570159a9622c7722d38

SHA1
ee2faf6449c3c1fc73eebbc8c35b9687982be2fa

SHA256
62afc39a6bbe76b37dd519be9001fc4d44d3d9743d9e88395c647da8370553e6

SHA512
8f46489bac2c2abd05c125d18e2b60d7e72f18f12decdec6488be16c7fe94e8f8066600f33f5672591c895364e293c3411a10e1535ed0b6aa60bab1081944dd6

Download Submit