cd46d501c1310e6471f7d99485c3b15321545b2f684f4445e7702c676d161edf

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29/08/2024, 14:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c90169fba79b6e2ed8688eebe60c55c5_JaffaCakes118.html
Size

68KB
MD5

c90169fba79b6e2ed8688eebe60c55c5
SHA1

f3a2b6ace224d823237e30a7ad996ec37c54cab5
SHA256

cd46d501c1310e6471f7d99485c3b15321545b2f684f4445e7702c676d161edf
SHA512

44ab927c41cb941afaaa08eb126ea17306578cc3f56857c275d6bfed25e88b4be55ce09848069b1fa724ea0730f427e407b29ffc922c2a0292b3cf95a8dd10bb
SSDEEP

1536:nQ+k8kuCppnjgcScN62oCXFAcQ7jMgftR:nQ+k8kuCppAcN6BQFAcQ74gftR

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4532	msedge.exe
4532	msedge.exe
2204	msedge.exe
2204	msedge.exe
6008	identity_helper.exe
6008	identity_helper.exe
628	msedge.exe
628	msedge.exe
628	msedge.exe
628	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2204 wrote to memory of 4380	2204	msedge.exe	84
PID 2204 wrote to memory of 4380	2204	msedge.exe	84
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4080	2204	msedge.exe	85
PID 2204 wrote to memory of 4532	2204	msedge.exe	86
PID 2204 wrote to memory of 4532	2204	msedge.exe	86
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87
PID 2204 wrote to memory of 4764	2204	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c90169fba79b6e2ed8688eebe60c55c5_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd0f1246f8,0x7ffd0f124708,0x7ffd0f124718
  2⤵
  PID:4380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2016 /prefetch:2
  2⤵
  PID:4080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
  2⤵
  PID:4764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:3316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
  2⤵
  PID:4984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
  2⤵
  PID:1196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:2620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7036 /prefetch:8
  2⤵
  PID:5864
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7036 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1
  2⤵
  PID:6136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
  2⤵
  PID:1164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6776 /prefetch:1
  2⤵
  PID:4148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,13144640765830563969,1679308334467373141,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4972 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:628

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:736

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3512

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ff63763eedb406987ced076e36ec9acf

SHA1
16365aa97cd1a115412f8ae436d5d4e9be5f7b5d

SHA256
8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c

SHA512
ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2783c40400a8912a79cfd383da731086

SHA1
001a131fe399c30973089e18358818090ca81789

SHA256
331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5

SHA512
b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
09a596532efe590576b172fe838e284c

SHA1
96036b850f926f2c95e6fe1243abc5cfae958695

SHA256
c6ef3e4d7bb01b3f73e608b7c4f080b5008754efd6cd3251d88a0db523b42c53

SHA512
83663e97b16f720a65865d20844f33f0ca7fc87ffd6ce8ef53f76f81cf055fac1741001a5e483edc54ab5073951c771cfe99a6a4f288ab51e166f3a41529bf9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
9770d62524a8961229da1672e7febcd0

SHA1
7af3fbeb10180a236c2ed4400e91d2650c8f1480

SHA256
6e6f4bd6d751c2dd302b7d7fc7269825cb6f60477e4c6eef3828c8f4bf995948

SHA512
7a41eb1e5d1d6a5e8cc1bd92953e72d8cb2a04a38e983d4f696b76e0495220d5332cf6c3d79dc6bc82fda2b9a715802e2d879cc3dd0253457c503e672abdf907

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9bbb52907ffbae2b7964111ebc849ceb

SHA1
32ed1d21ae1b7ffa9ddb6e6e39069a52de1e858f

SHA256
6695c282493281c3600288a58e7f7bd7be1ca9be53e68a3b1433db15081c1450

SHA512
3a2270f59d09a8b712bbde9a99e9e909e6c64e2aaa854d13f65d77f90ef2b4c8640c118bcb8bba6456d11d48056a4fae9df42b077053171181ee2e73f7761cca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e59c591ce18b343a72d051f6bc9bec06

SHA1
f44262ae96d0c9ff5c1acd417e752d39b6e77339

SHA256
fbf33f3dc1dbdc23787e1c951603ed6b4c9300bfae8b19555aefc23ef9ff97d7

SHA512
383f7ebb5f288f0488da53e7f25916f707f55b0e0419b04258b7d308734a1dffd3770389bfbfbf9951fcac079832928b0bc1efc0d21fb687fccb5a3062b3d005

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d0fcecbfc25add18ff243b13cb8e643d

SHA1
b6522eaa3489b91e5d4115f6370d2e652bf4f333

SHA256
4d68090f7212c4c555e38a3874269fb549e226a45028f3e37498c628790e69ff

SHA512
0b7a12a06fadf1aabed2624e45694ba4d10557256ec69f13933adadc3d6c94068056857c03bd91aab615dc795a0438925910c55fa6a5e71481c983abff5b4b34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dd1b3e43180a2a9c9414a97ecdd2cd9a

SHA1
b2424ff75403383b238fb06119b1deaa4f623d11

SHA256
15330ea04dce02a5a608c3d807bd41f6276df200b1e61d0dbbfbd97886c758b2

SHA512
6e6db35e0da7b399cc5d356e9f782f01c6f4b3b6dedff237913bc533821eed9751c9d2fb72d1c31627f4fa886d547f71a0d16e173e24ad49358f12f182e088c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
62c57b2ae31813bab44239d495f5339d

SHA1
e611fc6469845108e9d21ae571b37ea52c42127e

SHA256
faeaae8c955f8be1a41e36667293384489e1fb8e820d1513cfbb65deefd11395

SHA512
c59050a795cfd259e2cf5b683de1773ccd659df3a96305f757ee5858d0883b336c3b52c2c47693f77545cfe2d0a9443e96312a39ce940254aa73d732b91992ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
f6b31186a3db24ead760c63f755189fd

SHA1
a12d63b902a74949fe39f117e398dac0033b4c68

SHA256
8f58527d6538d841aaf735a574d0138707f122044b9974aed3ca223385fc016c

SHA512
6f7dc934f517c45446f3d242f3fbc78363019000ba378d354d0ff568be513d9556715535ac3c38be4304d2717f9b39dfda5f24cc9547940c29a2bdb7c6e047a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f30b.TMP

Filesize
203B

MD5
ef383c4e65fec8213d22654f7d18b8b6

SHA1
37024483755d9cd82436ac2cfbf4219407603569

SHA256
e463330808eb7109f5a0d5881c18464e148c62b29b84ef0a29f335a7dfa9428d

SHA512
31c07551b3ed1c041499e0685a9691b36e27e92662c19149e052f92ff8835aab5af12edef248f0664a9697a96255152901760ed2caab86ee5675486726eed259

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cca10b02-8e5f-43ac-b8a7-3aa0a01a131a.tmp

Filesize
5KB

MD5
9e921b4487e4ed7b755cefe251cd3130

SHA1
19c0f9554e3d3d510f8ec428dd84b7388e72fc78

SHA256
f260fa39e50347f59734c17c414a7eb730dffe33e7a85048c70947a5baf181c9

SHA512
c91ae0198f3f13106c93336dfab799778f07416733230f1116697f28db7ca0fb85ca2f4b9fd22468225b313dab431131f933fb7338128d42318a427b3bb153fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
3417d675caf90f3fac50f7d3835ad488

SHA1
0caa1096c92c16a49a0014c66cb71412b97d6548

SHA256
5d830aad724625a99f1841f6e58f2de244539752a667de233ef77cae71dac043

SHA512
28ce3d7d154a0654541ceae4a3c8c666f7b5061a3a5f74528af919d26279b3a80ac591c57a92e04c48aa6ea9c0a1d37cce17fee5cb7b3003fd55c79e1bab5b5d

Download Submit