Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-08-2024 19:45

General

  • Target

    c171f0467211dfcf5070637bef5f5819_JaffaCakes118.html

  • Size

    69KB

  • MD5

    c171f0467211dfcf5070637bef5f5819

  • SHA1

    64a442ee3c0b7c4bcdddd6a80ca0f7bd258d9e8f

  • SHA256

    17093d4313453324110a7b0e601f433e481cbd4ac2af9d01b83874a6f0189706

  • SHA512

    031cc168975bae77c728278fb35ad8da4c7d6a69451d2e38af7523c6b89c9e2b7a6b03204e6d0a54dc25385223b2c64e032f31360566b79887fcd657acdf577d

  • SSDEEP

    1536:3wgr8VkeO3QG0rNYlV3y4QojE/KnrXiAaKaS6cgRr1PK0gpjiV:3eO3QG0rNYb3y4QojEMGAa/fPK0gpjiV

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c171f0467211dfcf5070637bef5f5819_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3172
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe667e46f8,0x7ffe667e4708,0x7ffe667e4718
      2⤵
        PID:4672
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
        2⤵
          PID:3852
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4184
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2572 /prefetch:8
          2⤵
            PID:3336
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
            2⤵
              PID:4684
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
              2⤵
                PID:2980
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
                2⤵
                  PID:3940
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
                  2⤵
                    PID:4868
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6180 /prefetch:8
                    2⤵
                      PID:4840
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6180 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:2744
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
                      2⤵
                        PID:3736
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
                        2⤵
                          PID:796
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
                          2⤵
                            PID:5164
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
                            2⤵
                              PID:5172
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
                              2⤵
                                PID:5884
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
                                2⤵
                                  PID:5900
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
                                  2⤵
                                    PID:5616
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
                                    2⤵
                                      PID:5632
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3056 /prefetch:2
                                      2⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:688
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
                                      2⤵
                                        PID:5928
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,2188781896338605391,10738445823255376917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
                                        2⤵
                                          PID:5912
                                      • C:\Windows\System32\CompPkgSrv.exe
                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                        1⤵
                                          PID:4856
                                        • C:\Windows\System32\CompPkgSrv.exe
                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                          1⤵
                                            PID:3648

                                          Network

                                          MITRE ATT&CK Enterprise v15

                                          Replay Monitor

                                          Loading Replay Monitor...

                                          Downloads

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                            Filesize

                                            152B

                                            MD5

                                            111c361619c017b5d09a13a56938bd54

                                            SHA1

                                            e02b363a8ceb95751623f25025a9299a2c931e07

                                            SHA256

                                            d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc

                                            SHA512

                                            fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                            Filesize

                                            152B

                                            MD5

                                            983cbc1f706a155d63496ebc4d66515e

                                            SHA1

                                            223d0071718b80cad9239e58c5e8e64df6e2a2fe

                                            SHA256

                                            cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c

                                            SHA512

                                            d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1e9a7542-df10-4f14-9c26-f5460de1ee60.tmp

                                            Filesize

                                            6KB

                                            MD5

                                            b0f3444536eba665ccf5dad071fceb3c

                                            SHA1

                                            4027bf16ea43de8ceb5a6ed7860e4ad69e392edd

                                            SHA256

                                            6e011a6fae1b46041945fada6e6ad2edcd1ccb6bb03cf6eb59a1a66689da19f0

                                            SHA512

                                            d9a53a5a0de53485bfc81b1879e36f3462b681796a12dd0e9b43eb377cd516f16bc1c1b65bff3090307f964bd058089d563d3decca77070060b68452881f8fee

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3bb3f6cb-d1c8-4efc-8401-af86b62c3080.tmp

                                            Filesize

                                            539B

                                            MD5

                                            71039b05ceacf2e60c7efad4257115a5

                                            SHA1

                                            2aef7ca1f6b2bc9d4275f1c7746bdfc0a4b7ce8f

                                            SHA256

                                            542f1f3fd8bd1a08eb5efa93a02fcf07333253a32487eff95dce77279cd10227

                                            SHA512

                                            558925461d3ef9bd61b4c2713bff82a28433712a46c9533e20ece7086417ec827bf160d8ade192181428012add05728eca5e23c7f729937297332aa808775f3b

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

                                            Filesize

                                            71KB

                                            MD5

                                            da52e38c98b0f2047abeb07609608ab5

                                            SHA1

                                            da1210caff36df73e49a0c271ff7d573c2d20d02

                                            SHA256

                                            726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

                                            SHA512

                                            35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

                                            Filesize

                                            232KB

                                            MD5

                                            e436a692a06f26c45eca6061e44095ea

                                            SHA1

                                            f9a30c981cb03c5bfa2ecad82bd2e450e8b9491b

                                            SHA256

                                            7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040

                                            SHA512

                                            1b09a98336cbc0c8ff0f535a457a3db3cd3902e4a724bb2e56563648ed1a36201dd84e63f45dcea80bb6edfe80a17db388379417386dec76341fb9eadbafa88c

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

                                            Filesize

                                            54KB

                                            MD5

                                            f6709e854e8cd05910577ad6198ab91e

                                            SHA1

                                            bafa5783c4774120861b0293990edd46cce81079

                                            SHA256

                                            388a79c8385bd15be5a55f311330e436f930f1819328f7bb747c4430e0214bb6

                                            SHA512

                                            454018ff2e5a528c64529b18584dc2fd8bedd819cd797682e708301d12f5e20f5ffaab2ca24d4320e4fc0d3818eef9b4b7d66f1f171817e64a11fa8d73b19bb8

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

                                            Filesize

                                            52KB

                                            MD5

                                            3939787297d8dc570fcfd9af780b73c5

                                            SHA1

                                            e48d93089b2a6a1c37091cd7f9b2355e151464dd

                                            SHA256

                                            b3556a04a2172626ae3bbc557d9cbb4d26618080ed8817cbadf38df5d847bf11

                                            SHA512

                                            4db11322362d6e9ce8a71de9075a86edde0c1563d8be95f448cfbeb42f2cba2cc57c42dfac9cbd78cd533f42364a74764b489336fac886863d6a1ff5ed721db3

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

                                            Filesize

                                            21KB

                                            MD5

                                            e0f78790cb3a8b2bbfa790779c576bce

                                            SHA1

                                            495cefefc27651acc6055a8e06812ded11bd293f

                                            SHA256

                                            196377c90a2ecc83ccff630daaf67dd853e6ae3f3824eb222f1e18c2469c4724

                                            SHA512

                                            b89d39b8cf3890a4a7339bd91dcb81e91bfb9ebc1280364abf2826817c5b9152bb002bbe5a9cebcfff065b190a839446ce205f45e6eaada9914c67dc1093dd7e

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                            Filesize

                                            94KB

                                            MD5

                                            090084e5fefeb3643c9ac72b8717e34a

                                            SHA1

                                            4d702b9fa725c0036244a7f0ffe1780a069d30bb

                                            SHA256

                                            d3afd11e9db4dd90c8149bdb1ad506f06f708310c146b7383af29294eba832b6

                                            SHA512

                                            4f63e41ba5ca839b54e2f23f1dcf69d3783a6c00c2f9f1bd41c4d3f8d2242a6d2b5f993e30a4498dfc6306240928f1716ea562f9d4e789ea0f288ed6df9150e4

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

                                            Filesize

                                            56KB

                                            MD5

                                            d4b166d7f09bd43b1989809bb1d37971

                                            SHA1

                                            86dd5388625e93dc6cfc0fc3d4efde201beb6657

                                            SHA256

                                            a0a2494b6006a35d2335e06ada4134cf5b7387918a857a201c86500db3726704

                                            SHA512

                                            88e359e79e4eff068eee465b525265e1637d943b9e05a60235fc0dd10a1c8794668c63f96db01bce0e0bc08e3797d59d5c278294a955d83effb1a74bc7a9a751

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

                                            Filesize

                                            53KB

                                            MD5

                                            96a657fa9d43aabfa6d802c11a4c08d0

                                            SHA1

                                            200cdcf45f144c1b60282d620d9b568b8eb776bc

                                            SHA256

                                            10b385985e81d852a86fe628b62d8a55229a4f0961a951cb3df357d0b6e0aabd

                                            SHA512

                                            c3fe7086ccad7fe0ffbdbf20fa5a1575dd18ffaa33d617ab84a8129d44fd643dec46dfd06f0a0a8ee9c88606c6ac474deb3ea4f17bc0ac6cca14b14c714d83ac

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                            Filesize

                                            23KB

                                            MD5

                                            33a83c16527e4531fbfca2631f653674

                                            SHA1

                                            87a63514c262ba4bffc52d2ceebb3ca14353507a

                                            SHA256

                                            1156bb50a264543f6a9dc8922dd2c65d444c8bb11b3b18be95d5adff840b33b4

                                            SHA512

                                            f1dba28d0f81aa0894436ae7b4ba76a2e635f002f666d17d31b8b21500dc2321d7862ca8dcfd22e44aab4d1f33112c076dc95191c889546a40f9c6197cccbda3

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                            Filesize

                                            135KB

                                            MD5

                                            cb98a2420cd89f7b7b25807f75543061

                                            SHA1

                                            b9bc2a7430debbe52bce03aa3c7916bedfd12e44

                                            SHA256

                                            bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

                                            SHA512

                                            49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            192B

                                            MD5

                                            efb29d571f7e8d4289b97515b8cc76fa

                                            SHA1

                                            7344a5e6179c0d24aca208898a592de8fa4c6011

                                            SHA256

                                            e36019e85e3b23b323dc70cb9f8acd8863daec7c410e8ee8c69ea28bf62ab063

                                            SHA512

                                            a03f6d3daf4878a40d983fd42630682143d3f1ac376cf798abc85117d41912d03cb89c9882863ac488346b7c5859893cdcdc728b1db2af6ac3f22039a54dbfaa

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            192B

                                            MD5

                                            906a04beea6a9d4d16cca04fcd1e708c

                                            SHA1

                                            20ea52b31cc0a74a5409af4c224fc408ac1a5f7b

                                            SHA256

                                            74611182b2ce883e6dace00ed0ef0af9f7258dbf8ead0304d004132e71bd4635

                                            SHA512

                                            c12866ce62821627db1bb61c4f290d1fcdc429559cabd53e68d2360159fb786f9d5410b850f2b86c5ef4667342d621b2e8cfb5638cd11bc5ea980c469c67dd28

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            144B

                                            MD5

                                            134b8ea3355a6c54c12ca48ea8f5173b

                                            SHA1

                                            f6974764f1a13a46f32c069362b1fe0c1d95d797

                                            SHA256

                                            2bacee83d8d5a6025da3b48341149ce5567efd1e04dd3d8470511efb72fb7054

                                            SHA512

                                            96d1d10e69f6d7bcff3bc413d614255f034398380a01361a07dfc3fffae120f538f5ad5388f6f87e63c500490a4007fcc40a71e434a1ae3881b2a54a54004253

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                            Filesize

                                            1KB

                                            MD5

                                            0e48f97872a6d2bd1b661ee724012a6b

                                            SHA1

                                            71e1db02e3919a32bcbb0a919ea9227a31f99ce5

                                            SHA256

                                            b8cccd3c36c726b5fa5657e85fa35ace31adff6d8921a6bab02b273197795c3b

                                            SHA512

                                            728d05019fcfe4d5d3a1f0d3e06b572abd8b1b41dc715dc626243b23158c1664b570d3e3d6e7aaf3f9875b1ad9f80154dcfd96b537ff20cdeb9f2e83c4de2045

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            5KB

                                            MD5

                                            ba0fc8f91de5255d29bd8e324a08946a

                                            SHA1

                                            105afd1b89b492207c7b6c0cd2349f656f587571

                                            SHA256

                                            16c612c4951e16b80586cb95296879189dc8589c922df7d4196b6eadaa57fc8b

                                            SHA512

                                            14018c0768b11837dbaf5de46d840d34b41f422478884b5ef7c486ddeb59cbc5d591a548485598ef66ca34b2e040d132bac9bb3924e898ec9a63cf940937ac37

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            c2656637425a729cc5d773f446e61dbb

                                            SHA1

                                            d7540a46f84051e6e435e16aad913a849c88aaf3

                                            SHA256

                                            3981d710a76b28d25c5f4bb0bdf30b054a9ddd1606f84b564e6558626e4138d5

                                            SHA512

                                            04fba6b52d8799b3c65421e6c799add43293cef68da0cb2becc5efa7fff21b4fe4f775d1966e2489914f2bf3235db1b2b491367cdfc7bc05541e939605078d02

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            1c2656425649335b40a094da60ed8698

                                            SHA1

                                            10d648573a7b43003570ae4aa823a5f0acc74578

                                            SHA256

                                            1fa9710617a34896bd78f94d0b9c3d0db3e1e7f6c82c2fff33eb0a791e9c0419

                                            SHA512

                                            6f9d89eb1df73fcfb0cc1abb9e842c6aad6cf88782e62f479a32acbdc8dada52b8e39c72c477ababc2bc398eab476ce68db4051626c884c8c7c51d25a7e97b09

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            252dc8257869469c7f9d7fb58ece6c73

                                            SHA1

                                            bf46fad3cf3b3449b7dd3f5e8d6698a59fe77e90

                                            SHA256

                                            b4cd864f290434e482d5051828d346b0e70e1226a6b2c4c0a391e0a50bb16edf

                                            SHA512

                                            b0501441143b5f4b4f907ebe3e56b742d4cae7873bf7830c6f750acdb8bf5aa516f547e062707ab7c47a11aa2b9e211cb7b6e7312fb6625e2c69995f2bdd083f

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            63de1546a888188bef5a6c0e6f80c283

                                            SHA1

                                            95acabdb3f89585841277deb13c5ecf6bed54688

                                            SHA256

                                            009afcc5d0604c6f9e6257b380eb03bff6a20898f4ce51d56d9c9fe67fa22b11

                                            SHA512

                                            e85391b8f1bf1714b55e157b159b1a2c8c306003ce261326d2e2ee8c1502d37bc7e463b2e247fdeb30fa013423d29fd5a4ee8805077254f118debcad451cd5b2

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            533B

                                            MD5

                                            76768efb24efc3e72b0f798f5f4f3dcf

                                            SHA1

                                            cbe36a6825547eef4c9e79f268655e9e2130358b

                                            SHA256

                                            cf05c0b3f4ac6fe961a5fee4bcaf14bf8de4342c85a8788b8a90eb48063413ba

                                            SHA512

                                            99ed452c27d401fc42f5fafa126749b3c5710da682af417a3be50d354a169af91b225b4f7bcd3f01ce9363f309756f83b9d9cccf555864ae37d9c5a9722cf398

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            539B

                                            MD5

                                            c00d25c2ee076035d2d67ca9a3504b52

                                            SHA1

                                            ad75c7e54172b1c26511ba090e9546efd6901169

                                            SHA256

                                            3d5c7f4cf6aeaf4f1daf347fe1af07faefc2fd617e6dca408f25c80b7ab3533b

                                            SHA512

                                            2d33b8ec24aa4d6e3b09cb0b9d0f36681243b465c017bfeceab00ea6ec46df393fcc0397459015556063be2fe42638b63081eb9bf784f01dcaf904a58b8c8a4e

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58ad04.TMP

                                            Filesize

                                            539B

                                            MD5

                                            7f6eb30f2c5fd9cdae37a60244948d96

                                            SHA1

                                            48439618453852d3630268673d9128245ab1c8bf

                                            SHA256

                                            b9117b60cd796d026fae100917ec9e9d8f1b61e70550f8657a5780f7245056bc

                                            SHA512

                                            a073a8c7186f6c9cc14ccecdab0f3e2cf9694c97dba01d4233112bd7ca4e32816d5064e6536b260b1655f976b9d04e1b9be410111c957182516d27fc9cd86c54

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                            Filesize

                                            16B

                                            MD5

                                            6752a1d65b201c13b62ea44016eb221f

                                            SHA1

                                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                            SHA256

                                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                            SHA512

                                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                            Filesize

                                            10KB

                                            MD5

                                            f141e50e96e0e1eb5b17212edb590cf1

                                            SHA1

                                            1ae266937bec768655e1fe0ee04cf8c724cecbc2

                                            SHA256

                                            5ceab0c59df065b97523ad11cce8d5476812dde73177561dfe0e2173bf86681f

                                            SHA512

                                            f7fa86394411b76a2f74942c5b0125f44d03c41531c832595404eb3f0c3e665af864f1b8083ffcf56df46f8cfdd113bc68806f63e8bb8b0b71a039b1ee26235c

                                          • \??\pipe\LOCAL\crashpad_3172_BGDROWTQOCQNSGCF

                                            MD5

                                            d41d8cd98f00b204e9800998ecf8427e

                                            SHA1

                                            da39a3ee5e6b4b0d3255bfef95601890afd80709

                                            SHA256

                                            e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                            SHA512

                                            cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e