fff2e739fa12c10bc04e33200fdefe2bfbe12438afc4d227d07ed083312900b8

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
25-08-2024 11:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c0a91ba13b1a497fd686d75a9b942ab0_JaffaCakes118.html
Size

28KB
MD5

c0a91ba13b1a497fd686d75a9b942ab0
SHA1

0674ba18c4206b947a43a923824d65bfd9097c12
SHA256

fff2e739fa12c10bc04e33200fdefe2bfbe12438afc4d227d07ed083312900b8
SHA512

8f8c9f52d331c619df7f3219f67b84166e17207744538006d508b838f2facccfae518474a680bc470ed94c0458d58e2b35efac91657a47c03bccd9b52aba7f16
SSDEEP

384:Q+jzFis2w2BG9HdxI1y1MFfYBY3Y4n2DYXw2yYXUbym7Yi6/DYpEd25:QSzFis2w2BG99sFn5IymH6qo25

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
2076	msedge.exe
2076	msedge.exe
3048	msedge.exe
3048	msedge.exe
1264	msedge.exe
1264	msedge.exe
1264	msedge.exe
1264	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3048	msedge.exe
3048	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe
3048	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3048 wrote to memory of 1508	3048	msedge.exe	86
PID 3048 wrote to memory of 1508	3048	msedge.exe	86
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 5076	3048	msedge.exe	87
PID 3048 wrote to memory of 2076	3048	msedge.exe	88
PID 3048 wrote to memory of 2076	3048	msedge.exe	88
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89
PID 3048 wrote to memory of 5068	3048	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c0a91ba13b1a497fd686d75a9b942ab0_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe5fbc46f8,0x7ffe5fbc4708,0x7ffe5fbc4718
  2⤵
  PID:1508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,7823122190745148286,17874532643307243291,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,7823122190745148286,17874532643307243291,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,7823122190745148286,17874532643307243291,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2632 /prefetch:8
  2⤵
  PID:5068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,7823122190745148286,17874532643307243291,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,7823122190745148286,17874532643307243291,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:1932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,7823122190745148286,17874532643307243291,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7988 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1264

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3028

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3900

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ab8ce148cb7d44f709fb1c460d03e1b0

SHA1
44d15744015155f3e74580c93317e12d2cc0f859

SHA256
014006a90e43ea9a1903b08b843a5aab8ad3823d22e26e5b113fad5f9fa620ff

SHA512
f685423b1eaee18a2a06030b4b2977335f62499c0041c142a92f6e6f846c2b9ce54324b6ae94efbbb303282dcda70e2b1597c748fddc251c0b3122a412c2d7c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
38f59a47b777f2fc52088e96ffb2baaf

SHA1
267224482588b41a96d813f6d9e9d924867062db

SHA256
13569c5681c71dc42ab57d34879f5a567d7b94afe0e8f6d7c6f6c1314fb0087b

SHA512
4657d13e1bb7cdd7e83f5f2562f5598cca12edf839626ae96da43e943b5550fab46a14b9018f1bec90de88cc714f637605531ccda99deb9e537908ddb826113b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
90KB

MD5
ab39cd888273aa68985e4051bcab9170

SHA1
7067501e24d6e50b94f55764dd5f0ce4dcba8f14

SHA256
982b50c80cde360bc22bab73de66252d2cc77a71e967d9c114083359d8facd63

SHA512
462b10f462253a8f7eb3c91dfcbcd2523ed34ad0dd6142e9d25207cb4ff4642fcc162b1d6a81616bdd7359a67dcf8d45efeab133a7fe40ccbed311f2503e45e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
75KB

MD5
49e9a5f5c28949e749c0361975081529

SHA1
884e475a93a7f1d1da13010900dad3fc0592061b

SHA256
c3965447b9f14f6c9080523600e47a482072724e448665a3a32c49aee28dd5be

SHA512
a7fe391ed87a2cd845e504e829dc845599b471e67e95449b28287055b4bd6c7f5160247a6abc713a59215e424f39409f0a76018f11be7746587b4fb8484b63ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
75KB

MD5
7f4c4fc556aa312d1c579ffbc279a0f4

SHA1
2cee28d6587dfa97f66701e9f35e2d0279e1a375

SHA256
16ffec5528432617c1814e5427a304cc5ae3bfe9223a434187e5f6d5406d5142

SHA512
36dd2189764a88044bf6fbcc15ea77443f959dca0dc50dfb6aa4e557f0add6982e3c0b71be46319d28e71cc38c8f6d758bded17c9c8c660ac4c2c1d1e86038c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
75KB

MD5
547738cd06ca43c0218cb7af6b9657eb

SHA1
cf9f93fac4a08c3dc7c1da7c99d4ef2763f02786

SHA256
7244be77c0378ca192fb8b54964eddf88e79cdc662c349e0b8ad0c3de06531e0

SHA512
12c9748e23416594f52e659c9ee359e3b86f189c751777104ccfb6d6ffcf2329203aea30e6c4b871654da488c2a09062cc49f515c8ebb2b5071834d25689d7fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
75KB

MD5
4b74590aaa58dd0fcb49712af6a3f78a

SHA1
61df2caf53f92282bb25e80545dc0c35a6d730a1

SHA256
44c2668a92c0caeb0a6b54e9c060ea3183570820c0df2277b18d6f686844f779

SHA512
72b23a45aa3b68c9545c8ccfae974372914061bd680293720d82082259368186a57f4e308730b092877823ccca526a27916993fa2f37058bef8a9a6fb5b10c59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
75KB

MD5
46abd5fce944cf85edeba99d272e7fa1

SHA1
ca3d9d36a2e9d9baceeb5cd603b14c37a52d79e3

SHA256
0be3999dc9ea2bf8d7a02df2b7666c3a4181b07570d3c8d14ba58bc2a94f3d4a

SHA512
e0be81e6e0cc8e35f57e823e6dcbf452bfa2b29c8b8f1c79bd789014fa79d1750e220603632a39c425d0981f0c927887cdf26428390bd60db1b40acf6cfd23be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
90KB

MD5
630cfea1149966e9a87115069e8c1fa5

SHA1
9b28d2fd598379e50cebce1e888d6c690f2c555b

SHA256
f462d19b0196de7c26ad960c9e8a9cbdb56a2392b5c665c9ff946f511d2650f5

SHA512
fec32b7f6ca19c359dfee9955bb011ca241bfe8bc00c3c63272501f3b451a62098daa5739b25bac10a8e6fa735c9af7d02fbeab84e7c14803c29376a85dc50a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
75KB

MD5
ad4b6be0981f93796c776fe2bc51fa22

SHA1
36532fecccda6adc6de169f7bc8b7d1090ff0d61

SHA256
093a78e3f9a923ea58962f1b112e295c9458df00c1efa95402ff91c7c430949c

SHA512
e20e41be7afb55878493c6dddc312fdbc56a69e10cfc32d935dcb131610c7096fa16b140f50e3971d79ae70592d559db5db69d94c412477afab93498210c9412

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
75KB

MD5
bc99119a096f41287e0e9f06d118d680

SHA1
44a8f7ed56a52b05d266797e8d6d1322d6c3033b

SHA256
56e7fdec73cdb98f2452e4f2e30905f5e305d33f0d91dda177d44e2a8f24d5c0

SHA512
bf4e7ab7de529ca00073a9f6928222a54383052f11c31c6529df8fb45c29bcde9a72bfe8fe5afc3b1c4421bcb5b6384e211c12e83ec7a488c40b3d499db6e7ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
799B

MD5
58f2f0c4c976cddc99e2bc1ef05bf109

SHA1
327d10179cd45ecc9dc56c3e6ca02a2c45f3d092

SHA256
3f1f2f1d30f4451de81168686a83ab2301d8bd9b1b006289088239febe146f4c

SHA512
b16b668b2ebc746b0356f9307fb388489b99d222251e5cd7804c013553b27a32c8adc04be52d4688275207079c84221b8b1f7e0011b3e8686adf95880ff44dca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4e14fe4b0b42c3ead5c3ce307c24d0c8

SHA1
a738c376f5faf576c4522494236933ecb8172476

SHA256
6352bca5f08446dadbceaeea586d5acaa45371e72447f1f3c968f33a5ef864e8

SHA512
0bf43fcbc256d4246fdfd0c0061e249fb07d3eb74867aadaa0432ddc9aa80ca3fba8e10735bbb1bf93c47ad228cd4367acdc31eb55ad428350f4aa8c9049173c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f10d0645e21947f08870e94b998c381b

SHA1
1a51ac7d69a5902b5c978edd2f22771c762236f0

SHA256
596407c348522547fdc444efdc9d22c85e1757c3cc0cc6fe58fd1056c1b76530

SHA512
495fdb7af22427e93a0ee5828b7690dda0eaa2421ac26dc1d883261baf45cc820024e7aaae7efb1bb197b00ba6b2810e40818c98efe4914a8b9d6580f62c42a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
366B

MD5
a12f6dc442cb6e214cba2bd69b5faa77

SHA1
4da46cd0f9741d18312996a788ec6ebcd8a79f1b

SHA256
2ee84d218adb28ae6116410f621eac02fc7e38b648300f9f5ccd285aaefaf2dc

SHA512
91a95bc4233882ea2ea4490b7088f31d9672538ddea614fcef41a809264f4fac68fcf3ef389c68311d9dce9e98d796ca512e55b56dee0b118edcd4517a2cf0a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
366B

MD5
4c90aaf2e0c063b91db2f63f98ac624c

SHA1
ef64b007aabdc9549c39566aa49ddf05b8c46141

SHA256
ce9b06429e76307c24d6fcc57cbe5f25c2022a3bec641a46e33e0673d1e18f2a

SHA512
e77f0ec14984406b0489df699bcf9f487ddc6c7faf91c2e871053d7dea50925ff2873e5ee9d21d3ed52232ad78e76ea278161f1b20fca9893eb2a8c6c1b99833

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
368B

MD5
a1a6ac9474bd0654d4cb95676ab996ea

SHA1
817c1e323de0ab66856d18c7c9df95a1934dfa89

SHA256
e73a2c010244e507a6253c8e3dbbd812b14810ac6852ac00f9ac125e929dc2d0

SHA512
c47313860126aa5cfaa9db817537ad384929dfc044ed0549c22ac993d36d051170da86ca568124615548f2ab0a1e0051a7eaa12e2a6f1c8caa1aa0dcb0f363c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
368B

MD5
6a8d3d822eef15af4142f0b5a16e8493

SHA1
861dfe17af098128dc17bfb2af6c60b8c035ff17

SHA256
68105cf787b52a49936ceca865d0cc51eb33004c2bf1dfccb419084657d0590d

SHA512
78316f6ff3a42391567f635d23565a149fed65a8629d92bbc397f05262d606fb401c1d21a8577083d19b261fdeddac32ffaf0d7752057040a14a7c8aebcbd963

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
368B

MD5
81d15fafb6089591a6484be96062f497

SHA1
c24584ed4e0cf2b4e3c83509119b3bad8f2ba7f3

SHA256
c0110c8929274e179fcbd51554fedc70b42f8fd0b71aef4a688ef94898a3dd89

SHA512
82a358e9901f1e0dc78eca6c48616e8e03d4dccd6f37177787b1c931925794445c98e941f2d4706f4e8fa709497b4f850d441c3c8c9ef5c975a427491c2e5822

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
368B

MD5
2374d978db845a878b30b95437589865

SHA1
23a8c2d4c7a72d6e568bcc8e530270a2f82f206e

SHA256
a24eb9b68216039ac7d3191983ce35cde79e9309d6caca98c5fd7acb172286ed

SHA512
701e1d63a6cf04856e46f285f71ae3307b3811573644915505214614994543adec0bb84579cf22de6a3fce5851cac863366a0a65f1d21345af910dd88f3b8196

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
368B

MD5
b84700eb38c43a6e888475dfdbc4f9a0

SHA1
19591cad7cd92e62b8d829b06dea9b803dda74ff

SHA256
f1583fbc5e3887af3c5d53fbf4c47c8b4aa849630cc74a0eaed85d8c03eee023

SHA512
f39b203c8e1e14212b99c53e99810adb55ef1e38c8a268ab6a3e5a58eb52c31d332119a9b823f63b99c263ae2ede69902794c44e2943da345bcff8d7608a5d2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582a66.TMP

Filesize
368B

MD5
8e552f93f5ff2ee11c53450f5558e582

SHA1
c31689669cb4f47bdb5ca7b431a5f16f992b6d81

SHA256
bcacfdb33107afdb4b4bf237936988c3a20564b60e471a11895617e70c2ba1ca

SHA512
a1295f1fd05421d91392cf53fb119cb7a4130968fb3bd85051c568dab1235e5aa49f6f345aa4bcc7a3ef36cecccffff317a777327cb5e975c79ea9e77a448a6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
93ecb28356311a54e3e7293f7986c318

SHA1
26dd042e0c5e0c19972c10f149141d3eea3abe8e

SHA256
9dd761594426544f8111ed8765b1a9343795a5cf78a174833d65e4c6494b066f

SHA512
03494b07e615d949fcd87b5dbb4ff56696d680e1ba1b20837a729f34a7160eead2e2939a9ce6b610f7764b6bf9663a46a80948db921b291998b6dcda9d4876a4

Download Submit