Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-08-2024 18:08

General

  • Target

    c148b6a4521fd73ff729717977446bf5_JaffaCakes118.html

  • Size

    153KB

  • MD5

    c148b6a4521fd73ff729717977446bf5

  • SHA1

    6c7b7310aa7117dbcb5d172015f56998f4943465

  • SHA256

    f7618df451c6dd90bff2bc1d708f0ba94620822e0b93fc8aeab33fe44be8c6a0

  • SHA512

    585e68a358c6f8dba50aebd8dc76aa04abbd0525f767e54ab88507a47afedb8e60d3643e0e3d2e1961dbd887842d2ce73d5cad148da92b9e575c2be5dfbd1f5d

  • SSDEEP

    3072:XFFVSF3z2UP13G4k5QhLpOatVzA3H/fNbYaaLStR7cxWUu/v66sbsGon4G59t9V0:zEr3G4k5QhL8atVMfNbYaaLStR4xWUu2

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c148b6a4521fd73ff729717977446bf5_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3096
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff80c1846f8,0x7ff80c184708,0x7ff80c184718
      2⤵
        PID:3212
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
        2⤵
          PID:3320
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2540 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4224
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8
          2⤵
            PID:4976
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
            2⤵
              PID:4408
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
              2⤵
                PID:4228
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
                2⤵
                  PID:4112
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1
                  2⤵
                    PID:4292
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
                    2⤵
                      PID:1580
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
                      2⤵
                        PID:348
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
                        2⤵
                          PID:4768
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6640 /prefetch:8
                          2⤵
                            PID:4944
                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6640 /prefetch:8
                            2⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:3508
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1
                            2⤵
                              PID:212
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1
                              2⤵
                                PID:652
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1
                                2⤵
                                  PID:3536
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1
                                  2⤵
                                    PID:2644
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,17730734401375935010,6673096056675764518,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1992 /prefetch:2
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:5360
                                • C:\Windows\System32\CompPkgSrv.exe
                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                  1⤵
                                    PID:4848
                                  • C:\Windows\System32\CompPkgSrv.exe
                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                    1⤵
                                      PID:2644

                                    Network

                                    MITRE ATT&CK Enterprise v15

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                      Filesize

                                      152B

                                      MD5

                                      e4f80e7950cbd3bb11257d2000cb885e

                                      SHA1

                                      10ac643904d539042d8f7aa4a312b13ec2106035

                                      SHA256

                                      1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

                                      SHA512

                                      2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                      Filesize

                                      152B

                                      MD5

                                      2dc1a9f2f3f8c3cfe51bb29b078166c5

                                      SHA1

                                      eaf3c3dad3c8dc6f18dc3e055b415da78b704402

                                      SHA256

                                      dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

                                      SHA512

                                      682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\46e8da0d-978b-4ecb-b673-5ba83cd6a31d.tmp

                                      Filesize

                                      7KB

                                      MD5

                                      9beafb1723550055d695e08517f26868

                                      SHA1

                                      fe956c8bde6eedc91cab68d47643c5319db60dfa

                                      SHA256

                                      c891e64b37110bff322fd49256308625fa36cdb6ce40377cd4af0d0d2cfc630c

                                      SHA512

                                      77b972af1c0f408ded3531017401527059753b25e76dcb9445c630e78693edc5382b6cd54cda5a27f0ee61ffba1f127d3800dddcab8d5e27d2f56b7509443458

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

                                      Filesize

                                      23KB

                                      MD5

                                      a0423f1305547bb6b8f5a4fb1a9fc2d8

                                      SHA1

                                      092dcf1fe57e6bb53821eb754e04188ee70602d5

                                      SHA256

                                      6add651cb411ed9ce9a17883c1522920a6ee3b4eb676f5b411e72d1a5e7de6e8

                                      SHA512

                                      b8487c60b40d332e562cc5d4fc7c515e3b3c2c82311700b788905754c1376ce6f0da650583545a4691d51f04ec5da0c0204997214d167c85b788d4c85236c4c3

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                      Filesize

                                      192B

                                      MD5

                                      5fe3f6592a6694af8b115763bb66ace5

                                      SHA1

                                      bfa27f029d69064f9f43f9be41edc186f946eb62

                                      SHA256

                                      e6328677f410d45054221c33eaa210339e1b38b1d63357631b839313dbf48fb7

                                      SHA512

                                      b1fd8f4d5118f086c577d543c4595a927209989efd5350b2dd3871da5d9370f1a2292c10c8f511a1a1657e1276f9993bcf44db30637a5e63fff3beac5ab9c12f

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                      Filesize

                                      168B

                                      MD5

                                      a749276b42b5cb7d534aec6445f3b44a

                                      SHA1

                                      b8e444bdbe6bc1cca08e7823a5a4bbbad7e6c81e

                                      SHA256

                                      b486ee35fef386b065f04e4601b8cd4869be211cfb2e848f105e348cc1e10bad

                                      SHA512

                                      5317b1c23718cf1fd3d4469cf7b0523e5adc1f461643ee52030130bc5f158eabd4c7d085768f5c82a792440c841bb83ce98e65c7558b8687e21982d993e0ef6c

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                      Filesize

                                      96B

                                      MD5

                                      f2cded27d09c9f06b1dc192fc372b554

                                      SHA1

                                      c54d56ded18087585f8cfa430e988bd7224bba4a

                                      SHA256

                                      0be9a83b737288401f3a7605b0b74962ffa753fa8a5801cd08b7e05788762959

                                      SHA512

                                      0fbf80bddfef463bc49276c803df17ec92b98b74f4c69f11cfa04886b513acfb52f3548a978a1f466e7150c39edcf381ab4d385530e21b6fe2e4f67017e33b7f

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                      Filesize

                                      2KB

                                      MD5

                                      96abf545fdd50f0b811a94b2424f6abf

                                      SHA1

                                      a18a0659a1af1734fa0b877f11e104f6b1152de9

                                      SHA256

                                      c9e6b4bd6e2a4c921073b8b4c12678f62cbb1eb2c0107370327e1b17e407d29c

                                      SHA512

                                      bb052b830e50a0dfd54cb0d2a23e8624eb2a75af7e174e55821f807d17ab0879013320410a6c8a12ebb87ca37121e8fbaac3eac2aa663553f7e1e03cd5941cc1

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                      Filesize

                                      6KB

                                      MD5

                                      f3b17ce6aafa97c93fb1e9cba239e915

                                      SHA1

                                      82a2da74137a93be6e96d2635ad6fac38e453bb3

                                      SHA256

                                      a2442aa81bfc4a9f4fe32b4eca3d3881dac8a57de2d394bcc206a96cbad58cd0

                                      SHA512

                                      1e7a98eacdc0af6ca992440bb170d9b2b6cceb210fe4d2c55ebe4dc8a2858761ff969eb198e8d7e6dd48b246b3a8f35078a05c490cc8212058f8ad59af55a1c4

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                      Filesize

                                      5KB

                                      MD5

                                      8b93d37329a79fedc26439eeb9c3b7f3

                                      SHA1

                                      6b21a12274323b65c168fb3271500a5876eaa972

                                      SHA256

                                      5220bad874611a2e8a84eb331e3bb071aec2701c3f4c331dc7f53a2180f982f6

                                      SHA512

                                      3a94a1eb6372bc5ab83372bea5d788f3e97e9c1e42ec339a4c35beb1b79b392824c9917fe4a0111452365ea64905b0dbf74f63a046d1bd1ccf94bba48fbbb9c2

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                      Filesize

                                      7KB

                                      MD5

                                      c02e993a237f7e89bac5c58cd5f00224

                                      SHA1

                                      56e67023be110c81f61f6393653e98e0afc2e48b

                                      SHA256

                                      6d0c6c04e039b411467118e457e80a3d960d33270d5e0ba9e9e10bf37e2e4c16

                                      SHA512

                                      1e1a8dbcb77bb212cd77c8ad0558236b2464e29656149c9308eb73f83a0a1a7473223e68db75fa1031a8349794ca7c731f01bb2806e2f4671c53228c6ecbeed8

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                      Filesize

                                      7KB

                                      MD5

                                      d64ca15b21ae335e57ec1021c2d71140

                                      SHA1

                                      9ce86aa3b7da95ff36143ce3eda365c177013da2

                                      SHA256

                                      52ff537791c254a74727a8f88aabbc449474118a5b651a0eeb8245f5a3f2a19b

                                      SHA512

                                      b6c5838f11717f131254b3f470b89ecd2c32fbc70cd42c887875897e08a094617f1f1c5fc81316998d63c79a28a1af559953531e75ca9fea5b6cdcd3a784b16c

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                      Filesize

                                      872B

                                      MD5

                                      369cd6b0d3dcb5cd63f6b266a7119492

                                      SHA1

                                      bf8daebcaf72082aeeb2c3c2646fc4e0599e6d19

                                      SHA256

                                      c766128b02d3059b7eda27d5eb986c29c808c25f83ff22f489d3e710b546bd28

                                      SHA512

                                      3048e845d39132301631443435ae8d660d8ec111636ff66dc10ac83ae381066919c23feabe89fb990e97d3b48739ca6e0cb2092975688781e7369f894cbda868

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581131.TMP

                                      Filesize

                                      537B

                                      MD5

                                      5784f79e83dd79bd81e729b7af07e224

                                      SHA1

                                      62d6f5d529d95c80646b6d125e490bfbb638bfe3

                                      SHA256

                                      1fd3c02cdc150d91deda727f5a60382abcb7a7fc6b9b41e73c18fd0cc4681814

                                      SHA512

                                      802d4f11dbe9c1a813b923b24dd4d552daa6ba0a2b932958e9ca8469be53bf4193f5c231b21f67a073d9fef62ad8fc6e4ec94a062277aa84bae728ddd2960ddc

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                      Filesize

                                      16B

                                      MD5

                                      6752a1d65b201c13b62ea44016eb221f

                                      SHA1

                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                      SHA256

                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                      SHA512

                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                      Filesize

                                      10KB

                                      MD5

                                      91f1a4a1fff870858af58dfd319c9ddb

                                      SHA1

                                      a14b94988065d3a172002b54d726a8ea315e2c14

                                      SHA256

                                      0eec1dce2e41f4095ba79eb7e36036fa7569d137a697dc7fea85ce443f4e0126

                                      SHA512

                                      8eb8d41bba9d65ad942786cd4a4e0ec6a357643d83939dfc9fbcdd009afb6d54a1081479832a9b23d3a1cbff89ada7cd75a757920d659a90dc519a1147ea9ad1

                                    • \??\pipe\LOCAL\crashpad_3096_MFZDDUZNEVDRLGXW

                                      MD5

                                      d41d8cd98f00b204e9800998ecf8427e

                                      SHA1

                                      da39a3ee5e6b4b0d3255bfef95601890afd80709

                                      SHA256

                                      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                      SHA512

                                      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e