Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-08-2024 04:29

General

  • Target

    c248e13c31fa0fb26657d9adfb5d20c8_JaffaCakes118.html

  • Size

    114KB

  • MD5

    c248e13c31fa0fb26657d9adfb5d20c8

  • SHA1

    e015c8742fee6d5bd2b39c01dd267e3916d9f079

  • SHA256

    656da9f7f655e7d4cc5b799b593a71cab3803be2bf4886bb6ae576937dc708ef

  • SHA512

    c97ec43e1d25fd7f635654027df3cc72560e973bfbd62809673382c7be897bbd3455e73ab4e0c0897e6b41b7d08214ddf02feecb57985f8ea8f4f764d4ad3e05

  • SSDEEP

    1536:twgr8VkeO3hAjsMe+y5M1IwES6yjG2HZTvlSmCwo02BNaaS6cgRre6JF9:5eO3hAjsV+y5M1IwES/yao02BNPU6JF9

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c248e13c31fa0fb26657d9adfb5d20c8_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1056
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ff9d48d46f8,0x7ff9d48d4708,0x7ff9d48d4718
      2⤵
        PID:1960
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2
        2⤵
          PID:1016
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3224
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8
          2⤵
            PID:3264
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
            2⤵
              PID:1160
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
              2⤵
                PID:1412
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
                2⤵
                  PID:4036
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4180 /prefetch:1
                  2⤵
                    PID:1004
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
                    2⤵
                      PID:3236
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6880 /prefetch:8
                      2⤵
                        PID:2172
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6880 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:4368
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
                        2⤵
                          PID:1364
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1
                          2⤵
                            PID:3884
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1
                            2⤵
                              PID:4264
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
                              2⤵
                                PID:4168
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
                                2⤵
                                  PID:1768
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
                                  2⤵
                                    PID:436
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6836 /prefetch:1
                                    2⤵
                                      PID:4308
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5588 /prefetch:2
                                      2⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:1720
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
                                      2⤵
                                        PID:2252
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,10457112025213397339,6719246127990724409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
                                        2⤵
                                          PID:4880
                                      • C:\Windows\System32\CompPkgSrv.exe
                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                        1⤵
                                          PID:2556
                                        • C:\Windows\System32\CompPkgSrv.exe
                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                          1⤵
                                            PID:1188

                                          Network

                                          MITRE ATT&CK Enterprise v15

                                          Replay Monitor

                                          Loading Replay Monitor...

                                          Downloads

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                            Filesize

                                            152B

                                            MD5

                                            eeaa8087eba2f63f31e599f6a7b46ef4

                                            SHA1

                                            f639519deee0766a39cfe258d2ac48e3a9d5ac03

                                            SHA256

                                            50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

                                            SHA512

                                            eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                            Filesize

                                            152B

                                            MD5

                                            b9569e123772ae290f9bac07e0d31748

                                            SHA1

                                            5806ed9b301d4178a959b26d7b7ccf2c0abc6741

                                            SHA256

                                            20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

                                            SHA512

                                            cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

                                            Filesize

                                            71KB

                                            MD5

                                            da52e38c98b0f2047abeb07609608ab5

                                            SHA1

                                            da1210caff36df73e49a0c271ff7d573c2d20d02

                                            SHA256

                                            726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

                                            SHA512

                                            35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

                                            Filesize

                                            33KB

                                            MD5

                                            14f9dd38cdffe59be03908f72ecd230e

                                            SHA1

                                            fec01cf03f79c39be9a9e7de6a38021c68c5304f

                                            SHA256

                                            1d7b50b44b0b035afe34a18fb604f9776861b8060a3fa6d1e1e59648ee81f1e7

                                            SHA512

                                            e5df181552119f8de991e19156b3d6b1098d57ded119b3c6fc256d0bea8bbfe287a55f9d5200b719a7fecb01831cc7cd621b7e52c58f13c8611a2356f19c24c4

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

                                            Filesize

                                            232KB

                                            MD5

                                            e436a692a06f26c45eca6061e44095ea

                                            SHA1

                                            f9a30c981cb03c5bfa2ecad82bd2e450e8b9491b

                                            SHA256

                                            7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040

                                            SHA512

                                            1b09a98336cbc0c8ff0f535a457a3db3cd3902e4a724bb2e56563648ed1a36201dd84e63f45dcea80bb6edfe80a17db388379417386dec76341fb9eadbafa88c

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

                                            Filesize

                                            23KB

                                            MD5

                                            d0007015af7e55b5874b6f7711e9ab67

                                            SHA1

                                            fd514e45401ab3c27d2fded42f34024260086150

                                            SHA256

                                            95c98d45b7481d60c8078e04973ca86a67833927fac958ed6d8c28593454aef3

                                            SHA512

                                            375ea404a1c847f5b5e10803277d6a54fcf22ffdde3f41a06efbf4732858d749488b7ac67ffd9461a3d0b7bfd8f18ad465946cd4123c54383a410db6e699a6df

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

                                            Filesize

                                            117KB

                                            MD5

                                            ba1fdf336445fae71e285670280d674c

                                            SHA1

                                            ea84783529f71e28b6be1856aa8a9f31949771e2

                                            SHA256

                                            588590044e23f37d33a9b63194209406ed13a37d21ed5ccc6910e0217f4584b7

                                            SHA512

                                            af30b23cfab955696b03273212808bbc3a10d11e18fc40a40fa8a75ac790669a624e5e972f3337a53e0c07f08f82376b211e66954fba15e0ca12f4138db8e304

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                            Filesize

                                            104KB

                                            MD5

                                            271110dde91c2d5d7d35ef38b7cea03b

                                            SHA1

                                            a07d26ecea36a04178701bc3de41439523430372

                                            SHA256

                                            31b6d940f227d6f1b2a3bdb7f58739b29d7c0bfacfcac4fd05dd2a8c92c1fe1e

                                            SHA512

                                            ab401173d70d40fece5eac7aafac7babc2d680416b82081743328a1eadafa41de2c63edf931ee637356da1a0a3b194f2f62ae8374609b0cacf5749ac70ff0c9a

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

                                            Filesize

                                            192KB

                                            MD5

                                            797721ee43d810fe3b24ca927e860f2e

                                            SHA1

                                            ebbc7b41b2c73ce65d68f243b3e3136ab288120e

                                            SHA256

                                            70cdc0beb310e8242d4398023f34aed34cf5991fed808809662dac4683592d3f

                                            SHA512

                                            032f51da19c3d5f5c9e28d67dfee421dc9392d5e83d476c73470742c650252c3c387c13af6e82869e477ce9825ab95717852a16799b671c550280fb17e58908e

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

                                            Filesize

                                            198KB

                                            MD5

                                            131a26183ac7895efd358928b1e51b7d

                                            SHA1

                                            91efcb559a561fdc94e07d8776e8c44286fb9d96

                                            SHA256

                                            34d42d436ca2c57df9ac71a42ce84be6e9d581adcb634d8d7a1f362e7c87839a

                                            SHA512

                                            d3b2c05fc429bfbd13fe9b91340b95f9447491b555e7b6d6ac003201d1fc7061383d987cf6987a840cf9634658e5ba18bcecd4c6931608e980d5566c693cca61

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

                                            Filesize

                                            219KB

                                            MD5

                                            53587c76d63e6bf56ad37f3447db97f5

                                            SHA1

                                            b0c450e82af8e3dad230f53ebde55332f0b1fc6f

                                            SHA256

                                            18f8c51684478202dc06cbdf8e3db4a7eee3aca8d28382e76e281b19b5c6c4c5

                                            SHA512

                                            44fc886e5df1f944fdeb020e7610e87361c97bccb77da843c8e3f0bd7f145e06e24e51dade6dfb3a2acc56360f7ea494119b7eaec4d765278ad0609b4dd771d6

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

                                            Filesize

                                            226KB

                                            MD5

                                            3a8bd63d38cb2ff4d96981d6554823c6

                                            SHA1

                                            cb857cce816556eec9a75c1ae8ec989efa3983a5

                                            SHA256

                                            977c2e0231fb47262ebc142a0ec953f6a1f0f6a1cb99d208fc094955b75330ff

                                            SHA512

                                            4ccfd1566e3db09265fac3da87119c9e74957303b3597b47e8525ab5ffd3ec2dfc8fd0b8bf05f480901c698cf1370de392a5e983b7ee01f5771e4f098265cfe3

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                            Filesize

                                            212KB

                                            MD5

                                            1f99b111ea2b8c96abbde3bc3577de83

                                            SHA1

                                            29498d4e862e5a01c940f29e794e9b6c37310807

                                            SHA256

                                            d4fabe98a3b13ee691b104799fe495ea21603fb93404b06adf7b85354a1a1c0a

                                            SHA512

                                            2e49a14e170e57578d0b33f63644129135116937fd1d704448a37b266c4e9382d6c63138b4ccab02853ae0508fef318bde1a0476d4530fdfd8fe11743ed406be

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                            Filesize

                                            34KB

                                            MD5

                                            cd05640564742b1a72a818d15873a1c1

                                            SHA1

                                            4673e5731f755d45d3899550cc48cb79a40585f7

                                            SHA256

                                            0b940c2b7629585e9b218cdd1762c3c79003dd2ac37db8992ecbfb3728359e1d

                                            SHA512

                                            b2df34cb210457ed5371085ca2cdfc59c0c1aa291865ff0760805a464f3e6a8ba26e77c5bff1e0ebbcd5973fd85833ab9e71ad2b1a2e2594f7a49c6fd7baa6b9

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

                                            Filesize

                                            477KB

                                            MD5

                                            17bd357c79b38d7eb3a75263aff5b101

                                            SHA1

                                            13a769be8aaa402f509d9138df238ec2a1da8ed9

                                            SHA256

                                            2f5b6cf400bfd250b28a135aa88ff9c9f7975165eafa173c5f35e8b5c4b20915

                                            SHA512

                                            63b26066003799a5d5b70ad3d78446b2d4e58512623ee51caaf968a147326c64b934158d8b3107eaedc6086891482a33d660b77964bebf682529fff3590a097a

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

                                            Filesize

                                            21KB

                                            MD5

                                            dc52475756e1c2cd28a642483362cfea

                                            SHA1

                                            f3ac327ef03dcde06f67e14c832fc8192720c5ea

                                            SHA256

                                            101e409217ecf85114a73cb222e256680fed2c01985839796fd7ee33abba9f2c

                                            SHA512

                                            51d10255550361a1d3bcb0ddda3402e7479c7babfe109982d6fd0143df08699ddcf6119c09b6f3ba357419a6d2828815c750a362c67a7e10b3159df8702af4a8

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

                                            Filesize

                                            441KB

                                            MD5

                                            2335655c24ee053985bc432d131c56c5

                                            SHA1

                                            0ef2290daccc5827fabd3e1a07731d6188387327

                                            SHA256

                                            ef6fd424242d11d227ba5234df71775e16535cb73db5ba7ffdd2ebccf783246d

                                            SHA512

                                            273644a647479a15012f0aae50676d737661fee38472ebf8fb98fb6ba02b5ea039d1a5df40cb071ebfaec34105dd1c306532d5c885f628ef9c6771219e7f83bc

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

                                            Filesize

                                            440KB

                                            MD5

                                            5031b85b56bda6ba74a32832f1444396

                                            SHA1

                                            9694649b22d8e6f5a23104ce93587d73f6865942

                                            SHA256

                                            788fb27bd7c9a7bbd811f8345b712713d38d21b48fc3d0e93484b3482b83a6f4

                                            SHA512

                                            348521ece34a21482aa58ed6c89c45246ca4cdd7b77861daa6a304c7243407cc2e403792765dcc14d4b31021e86b4df394a144c6e9096311422e9d4f5a3c9e4b

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

                                            Filesize

                                            207KB

                                            MD5

                                            e931c73695ea5f5aad22055b29172746

                                            SHA1

                                            d3a45236217ab29933a7339f275da704bc3b0f7c

                                            SHA256

                                            60aefd8c7e8407f68e9da2b1991fa771620bfb72839a700a355bd2ca891206d9

                                            SHA512

                                            715712490d669dece84301e119859f04b39a98df557a2bdf7e4eef99e7f3e45f9b95a55099d6561e8e8e93d27f240da21951f9db9bd4775d947334f4a047d624

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

                                            Filesize

                                            120KB

                                            MD5

                                            dc54e316f1d430723052d512eb7ee3ca

                                            SHA1

                                            c75dded906ca8a0ab357ccb3dcae39422700dba5

                                            SHA256

                                            c2145bb74221759af4e24368170f00199d25325295a137c983fcae86ebeb6997

                                            SHA512

                                            7765fb38af6454995a26fe0da827984437473d7fb16cec85848fd81ed4fbfbd426cf786b63abeef897f27166b64f7802af6ed0083f10f1f851a728a0e3c08187

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

                                            Filesize

                                            168KB

                                            MD5

                                            82bb39f4cdfe93fd462cd986d8339eac

                                            SHA1

                                            bc03999cdf78c7f5e40c0b9a7472802be66b379d

                                            SHA256

                                            78b52111a2e5809d3838847e87c811b657e26c874f65d29844ce10d31af96120

                                            SHA512

                                            a73d128eeeccf6626cfccc721773520716a95057af4bd378ce2cf5c3f9315fba502242a850c977ee727f5e985047ff00be46560a05e92184d75dd0e59cdcb8be

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

                                            Filesize

                                            193KB

                                            MD5

                                            6e966a5869f9eb6108b0608c35be3c64

                                            SHA1

                                            b47b45a3b80e4b057a6b7e6a862eaaa46e545272

                                            SHA256

                                            16506ef42b748f941608eb2948241267bb560b6010c024880e724f083a70e9eb

                                            SHA512

                                            961b4cd9f11230ec4a6f94dee1c7bd9aaf752c6062884ff15cdbf2732ca2563fbe0c6a4d93ecf0427366acd71126e987635b55380aa9f5086cfdd9946f1620b0

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

                                            Filesize

                                            110KB

                                            MD5

                                            b4b07f5b990f6c84976595d01333b466

                                            SHA1

                                            71e33f52994f7bd9e39b673656835b1ea9af9ac5

                                            SHA256

                                            e71bbf63c5be68d0e7172d17d55862b75d44ec870f3c7ac9807be45a618115e0

                                            SHA512

                                            db6b17c6cfc80aa345bdd624ce8feb6a9fdc8ab8bd9bec7c65ffc990816f72b0ec3fc24840d7372839940029ef8a6c7dcb7e1b0844c38b2fa874e7beb800d6f0

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

                                            Filesize

                                            194KB

                                            MD5

                                            b70c13d19f84b4d4d1d0876ad2b4201c

                                            SHA1

                                            957331b79171998f0513a950bfbb244f5d90b659

                                            SHA256

                                            83f4209d3d765f7b911dbddb45b7bbbdf3cff027ef4096edcb1e99736f15841c

                                            SHA512

                                            7b0615a3d8299bfb13d7740e15c8f7ef4ff18a2bdf82b1b8a667e3cd574aa5f13ee65b8239a9b8063d135c11a2c699566c537cacbafc4e8dc777ed9093d9ee46

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

                                            Filesize

                                            146KB

                                            MD5

                                            3eb1486d682ac913db6d0c94f309b196

                                            SHA1

                                            bfc208f91d6659d2e772589642d31dfaee58cae7

                                            SHA256

                                            35347c86a6473d75c59e039669f881afd1d3eb3f5d612f978e631c640e1a486c

                                            SHA512

                                            f7ec14ccc13dc4e9e4e5d915a105eb44741852a49bc80449a3f69e3468fe4d1675e0886dbb41da2bab4ef27b11038a231d0afa6f70de25fea211aa64e528a96b

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

                                            Filesize

                                            23KB

                                            MD5

                                            a0423f1305547bb6b8f5a4fb1a9fc2d8

                                            SHA1

                                            092dcf1fe57e6bb53821eb754e04188ee70602d5

                                            SHA256

                                            6add651cb411ed9ce9a17883c1522920a6ee3b4eb676f5b411e72d1a5e7de6e8

                                            SHA512

                                            b8487c60b40d332e562cc5d4fc7c515e3b3c2c82311700b788905754c1376ce6f0da650583545a4691d51f04ec5da0c0204997214d167c85b788d4c85236c4c3

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

                                            Filesize

                                            176KB

                                            MD5

                                            188aaeacc5a7c0aacc4a7fea5896f6e6

                                            SHA1

                                            083f2fca716f86e2b2184ff026aa403a87905eb2

                                            SHA256

                                            ed28b22a04472fe3db96db655240868b0c250479f0933e19254f0c32fa55d5eb

                                            SHA512

                                            ca351fd2da734d2a2c6d8f14b0eab0f2b6385e526a6c24863a48f2b92bbfa9f7971c9de45a9487f3c2fd23157cfe62c5186327d393ab152db8136a0ba427eb24

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

                                            Filesize

                                            34KB

                                            MD5

                                            c5362e1ccbf0de936e5b3431d1013231

                                            SHA1

                                            7ca343a5e92cb2832b07980e5689e8281ada6c1f

                                            SHA256

                                            d623276ea41281e2c9f7f9f094f21bebdac9bb5c8d87264f75f66492d1fa9902

                                            SHA512

                                            a4b53ccdd0fb74691952f3b1298f426de03b24b9f2df4a107a54a414a09ef34d3c658d1af039212674acc63939cf7c79927a6451059415b9e02a4ae66885d502

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

                                            Filesize

                                            20KB

                                            MD5

                                            a1afe33ce7442502a96deee597945384

                                            SHA1

                                            fe34cd78635f5617cf238de6dc746058d6f88899

                                            SHA256

                                            f7eeb570c60aff1435db1daf3767c0672634269789870ef91c69b2b90a47edaa

                                            SHA512

                                            f8bca21c3fd79d63c8265f5dfcba95419eac697b42efb600e7c33d15dc5d9c3e0d0d360da39e14004facaea4cff4dcfc00d7437979283ce0a2b06916b69b8c80

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            336B

                                            MD5

                                            5b4439f86ee5ba682f1f785c8cd6e1ac

                                            SHA1

                                            3082feaa0f088c0b6a2e66868b96c5a82596f1bb

                                            SHA256

                                            3b70003909f3eeed27ff637525b1bed988469bc30a143a461311c39747a752e0

                                            SHA512

                                            29e3c9557b351ba552adceeb8b631efc23baab9e00d005ef1a04f41e00d6843565fe7c2da588135d6297980f1e3d252c640c1337f35b71989b536ed6e0acb295

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            264B

                                            MD5

                                            c0713998342360d0dcdb9c5d5510e455

                                            SHA1

                                            36afe603f12120bb61ed34e27fa28d5997f59c87

                                            SHA256

                                            87c03c608d4eb63332d2d07de696163c3071bc26305c3adb9a8da4da9da7de32

                                            SHA512

                                            9e45975ae71992e74d6af08dfb9fc162fea9498b9d6afea4952c531164c6a73b88cd9c5504c040bfd3ebcd556975f2bec4976b978d6fd0b786f33b0696450f94

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            360B

                                            MD5

                                            d0c32b9ac410262d2a41cb0ab6ca5460

                                            SHA1

                                            5ec6dc02e45e282bf4a156581767e04ab5918f27

                                            SHA256

                                            33a5935dece4a0bbabc3d4e3a7fbeabd0c7a54f8a39045c986335bb1bac8183f

                                            SHA512

                                            28c772a88956424cb53572fff0224cdf9083e47f0c2b522f889e643f99556ce13af1832b7107d16da30a8d7864a7517e687d0e19b27ba9f43ba36f1cdafd6640

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            216B

                                            MD5

                                            ff145391650d35e8ccfd12ef28822d27

                                            SHA1

                                            6580f4b55b801d3a46a9e38ad705eeec1f33871f

                                            SHA256

                                            fed99d954f39eba14c27c60f3c5627fb61630e729416ab71187c934b77b8d4d7

                                            SHA512

                                            a1eab3295229eea1cc5c3a8d21b46e316864d74564f6affd13098fa40b256d5c1a1a53112c34f5f21d57dd7a644131850bd04f2e55b784769e503f0e92df6e7f

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                            Filesize

                                            2KB

                                            MD5

                                            adbee491851cf098e3f8d3948489dfa5

                                            SHA1

                                            82713c8a97f0d5f7f8dc149cc808c321f81895b5

                                            SHA256

                                            b416d932a20dd8661ded6ddb1b3052dcc45ddea77b5d2b65d8436bf12c516a75

                                            SHA512

                                            bb326449ed1e3484dbee0a0d3e01b816de1b36e91576dd4bc646195c74e9d49d5f48008e8dcf22c43323ae0b783090c9497a2bd3c92e9cf50a43fe0147838fb1

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            5KB

                                            MD5

                                            3a36af50a5d795efc2969a91f9de6a96

                                            SHA1

                                            660a9032523e4f5eaa6cd444baeda1cb0365e729

                                            SHA256

                                            74871cff78c691327abc46cb6dbe4649182b72c24dec105a69eedd7e9db0bd36

                                            SHA512

                                            f7e613c6d3805f6e1813f6f4054b5231d3f0e129a7841400d5f47e33ca5dbb15f606ec131385eaa9be9157e954bf42ad47213863f5f33fbdd81a82ef45347cd9

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            a7e1d61670330cd686004ee5be7119b2

                                            SHA1

                                            5d3c943a95ce05f9ced2296cfbb052b6f5ca59fa

                                            SHA256

                                            46424af7ac719bbc9655c170f4bc780cfb24839bf152a96b1bc4fe803161af68

                                            SHA512

                                            a703b1ca2329a588e5a8e4da5e5713726a04b689c34829fd0db660a42cd93f5e0775a86f7eb1d2dae1dddcde5401d66ff36373478d9f391143dcdef6611971f6

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            7KB

                                            MD5

                                            de6cfe8996ebc796a4ad05abc29efd0d

                                            SHA1

                                            d1637c631fd1bcbd0741931250649e1be426a424

                                            SHA256

                                            26c68777ca6e6b8c4c9198a79facda876f12f46dc4de90062ef96d1a9ed581cb

                                            SHA512

                                            826efce93ec67e5e1f279dbac99a54ff6eab3686f0c4cdc37f0ce4deaf19a8c0fbe26dda39d718d126b6fa7ce5fb88b72ba14e5499a039cdb66dcda7781b9485

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            7KB

                                            MD5

                                            2eb331e159ab4eecbca5bcd8249493a5

                                            SHA1

                                            673b0d96aa86a1f196291b43a9d25d2283b41362

                                            SHA256

                                            228a78d15dde36340d573278d5554313a233c4b3bc9961f3a73512b51a57a626

                                            SHA512

                                            9b7fed079fd8b8f7d2ecf96460b892e6f5858a169636f5f90c7ad80d4271c07bbd7d898214ddabb57dc07267c831b716766a836fc40f9bc9fbe6ba8909e2e47e

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            0fc6dbb86e298422218c55bb2d065488

                                            SHA1

                                            e22c1c6a53d794fd9ed5f4e26087e346bb89133b

                                            SHA256

                                            409fa031069a63f1db6f3b4774216ee5c1cf6cef6fc2938d8d4553a89362ddee

                                            SHA512

                                            8d150d1df2fe9101db48afac0b792735ea4f674b61af485da06a22a47b670d11ff888fb8897d78f186d137b3bc5161388cc101a769911bd3fad06790e5390085

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            7KB

                                            MD5

                                            3c184a51b627feab74a03482f0951ce2

                                            SHA1

                                            a54f76f12e35dd0de14c3218e6405fdbcc49502a

                                            SHA256

                                            61c081ff416729a57322edbdbf94482666c90ed81e53b2e6b6f9228c86926808

                                            SHA512

                                            d65e0caf61c5c6e47e1be22bcee80a77bbf144dade091bd0c3e917455877206b153f3515a7eb4c12a3ce03415a1a980611e23734d959eb11d17e2e04968b7a0f

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            538B

                                            MD5

                                            3f259d4e65727cd430475dc9ab945e3e

                                            SHA1

                                            b33b12cc45577e407c3da924c98f9af01ecb853b

                                            SHA256

                                            6e9e9b39883a4b3e4c014aa96a61c1577eaa6f0d7464eec64092e8e25edeb918

                                            SHA512

                                            fe469582d3861ac63ad9a262ef6c218a4de7540e430916f65e427347008850e01764cc17a936b3ebadbc603b64474989451c040ebd1275954f18715a42f136b1

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            538B

                                            MD5

                                            b4f7bc4fb297bdfc72ec579b352eedff

                                            SHA1

                                            3cf1b8d0fb37a4b5de2b158c54fac0eed0a8bb74

                                            SHA256

                                            5b67109a4fdeba0cd7984ebf85cd193a1a5a063f4c459b6aff16a42bc4aa0d35

                                            SHA512

                                            7d1fdd02c28c63cc8d4c7f4337389f27bb6819e921e5498fff003b5833f8da41847a6cf3ff65f69b46e17314da13f5bc1ccc625859d15986176d34732d062b80

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            538B

                                            MD5

                                            d5f0e8c14421281e372a04107c588e44

                                            SHA1

                                            6e49fcc92423c85e62b1aad00ff8f0de43d7f949

                                            SHA256

                                            5edaf71df576dfa97e7156669b73d891f276d6a11e2e414a6f0f92e1c1f453d3

                                            SHA512

                                            ef7c6f7fdc86526ce9be33ef26791b44fccdb3600718661f5a2f9c1c5d7ef37037f2658cede99aa536c047b6335750419265e5a0dfa51550ec03aa370bd5ff28

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581dc4.TMP

                                            Filesize

                                            538B

                                            MD5

                                            9b3a909429368782d33d1a41352b4f03

                                            SHA1

                                            4170ba958cecc31e4860e5bd0d7e77d14a3879c7

                                            SHA256

                                            4602444478cf1fcd112950dfddfbf56685e61235ac2fbb322b16cd1e228dccfe

                                            SHA512

                                            30cfc88e9665fc904b18202a8b599ee81fbd3929f64122d6c58422a0dc3f28d7335b0438e581334887d9ec7d09ef86cd94044601062b2be3b6a8813d5acbcda5

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                            Filesize

                                            16B

                                            MD5

                                            6752a1d65b201c13b62ea44016eb221f

                                            SHA1

                                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                            SHA256

                                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                            SHA512

                                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                            Filesize

                                            10KB

                                            MD5

                                            f2f17c1e1e1ac6d8849a0296f5b932f4

                                            SHA1

                                            47fd5e24467611cb78b75c92ea67157326d09b28

                                            SHA256

                                            ba5ea0a775fb0059c87fdc7a4e854d4aa637f1eb03ac816ad83495d0c0a36b77

                                            SHA512

                                            d5460d8553195633b208f61c14512f7fe9d8287d0021f858898426b577bf164f4cf66c910b41f14b4317e26dd24c876e94a28b9e30b78c89df4589f430d0c7d8

                                          • \??\pipe\LOCAL\crashpad_1056_AMSERJVQQMJCWUFF

                                            MD5

                                            d41d8cd98f00b204e9800998ecf8427e

                                            SHA1

                                            da39a3ee5e6b4b0d3255bfef95601890afd80709

                                            SHA256

                                            e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                            SHA512

                                            cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e