0148f1f7250158a21e4b9018cf178cfdc3ea74fb6a10c80ae8b5fcba1cdeba59

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06/09/2024, 23:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d0a403a251fceed57395ca676a539409_JaffaCakes118.html
Size

102KB
MD5

d0a403a251fceed57395ca676a539409
SHA1

9cf4eb21e70147d1c668df4792cceea9d0ff2786
SHA256

0148f1f7250158a21e4b9018cf178cfdc3ea74fb6a10c80ae8b5fcba1cdeba59
SHA512

5b75ffaa35f70a9983203966824dacab83f1b54e3f230fa37e36adbecf37ad1921bf7bd1ac5d9cf7a3e6bb901367d401efd74e890626597241b5d8c1aa2bd1a9
SSDEEP

1536:8wgr8VkeO3pAjdxyXxn/l5vIjEQ6cjI2HZTvlCXipaaS6cgRro9Jut:8eO3pAjdxyXxn/l5vIjEQRfpP+9Jut

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3216	msedge.exe
3216	msedge.exe
3400	msedge.exe
3400	msedge.exe
4040	identity_helper.exe
4040	identity_helper.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe
3400	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3400 wrote to memory of 2924	3400	msedge.exe	83
PID 3400 wrote to memory of 2924	3400	msedge.exe	83
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 996	3400	msedge.exe	84
PID 3400 wrote to memory of 3216	3400	msedge.exe	85
PID 3400 wrote to memory of 3216	3400	msedge.exe	85
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86
PID 3400 wrote to memory of 2516	3400	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d0a403a251fceed57395ca676a539409_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff0d9e46f8,0x7fff0d9e4708,0x7fff0d9e4718
  2⤵
  PID:2924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2264 /prefetch:2
  2⤵
  PID:996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
  2⤵
  PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:1372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
  2⤵
  PID:2256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
  2⤵
  PID:3732
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6248 /prefetch:8
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6248 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:1240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4080 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
  2⤵
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6916 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,6898597805355069848,12219487631008888888,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1
  2⤵
  PID:2324

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4568

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1396

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f9664c896e19205022c094d725f820b6

SHA1
f8f1baf648df755ba64b412d512446baf88c0184

SHA256
7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e

SHA512
3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
847d47008dbea51cb1732d54861ba9c9

SHA1
f2099242027dccb88d6f05760b57f7c89d926c0d

SHA256
10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1

SHA512
bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
71KB

MD5
da52e38c98b0f2047abeb07609608ab5

SHA1
da1210caff36df73e49a0c271ff7d573c2d20d02

SHA256
726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

SHA512
35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
61KB

MD5
468446a7240461af44b59ebb2047c231

SHA1
47b7c525dc91bece99df0c414960b9490b986ba8

SHA256
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

SHA512
ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
23KB

MD5
33a83c16527e4531fbfca2631f653674

SHA1
87a63514c262ba4bffc52d2ceebb3ca14353507a

SHA256
1156bb50a264543f6a9dc8922dd2c65d444c8bb11b3b18be95d5adff840b33b4

SHA512
f1dba28d0f81aa0894436ae7b4ba76a2e635f002f666d17d31b8b21500dc2321d7862ca8dcfd22e44aab4d1f33112c076dc95191c889546a40f9c6197cccbda3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
45KB

MD5
aa6a698d1c7fc6d35265b10af5570e9c

SHA1
00da372ad4964a5d5b8afff7fe1b207ff284f232

SHA256
02f6ae7bda59fb1a20d3386021fb972ced348bf724fea42157225d416f9f049a

SHA512
f5b2f732e899cc0fed577e1ef1c51c154ede5d206543e8ac7c1fabb182901f8e93e137b63f12cbb87b3f570a283a368bfb1b9d637cc5b1c4f1669ff5cfbf306b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
4c2431cc2fb72b4e2bc11be4c927b53b

SHA1
ac373cd3e199af37ff744f8588af13a1b2914671

SHA256
8309f806dbe9292f117eb4635d1be7d741936cecbfceb32e9d149f3bb5c1febf

SHA512
238cc7e14947a25eb6d3cac1d70dddd1789bf01a660f916cdd2c9203fb2a05985776322ee0d8fddc11373d02d4bd9dcf50f7df7746ae6122b4ccb808bf070e54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
fdc07b892f3c566de0841ba61d00a9f0

SHA1
9d78b83aa2388d60f67b049d18828a667d48b5c8

SHA256
ec57982e780d1b3f2c60f4cae12c6b295b5367fcdbcb8781c0a21377e1663f70

SHA512
1eca00b9e6ddd116130c32d984a4922ead11d7e3c2ef121639a30f4c75a7f03e76c01721ea0d2e63bcd03985ec6c08de710da2df3f5100ad8588de235269012a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
1a21c4256ca4e8ca173aa45c6c0d603e

SHA1
553debb3655e6fe093abf4478f7379a0d4bde19f

SHA256
60fc5459786b4adf002a22230cabdfd3594c64a69171470538896cd23295fd46

SHA512
d10c810f4fa134c7161f33df44e3303b0165558aded1f00086a3a68c8ffc3c86850af5cfc24ac8af5fe0353bdd87b8d57d51355b176ded7eb2273574668d15bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
29820de9e951badc817067a8430e3eae

SHA1
f125fd24745e17ca2e9672c59b4900df8a8bb203

SHA256
7d40b2d4f3d03e9ea9bfda969610e47815158a4e946861329ce31963e58e02e7

SHA512
dcde9542ee2acfc78c55b133747c8a2a815b3c3850dae54a1ce18525df4bc7027118da35cc79e19ddb0ce13199f1cb244dd7f75b2b47ba9cb04123ee314cbbbd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
1130c11ba0c53c6b3bd9fac78b534d11

SHA1
56fc1b19e361befea080124185811e5b3fee7f1d

SHA256
acbe8294dce28d23a25e990b0d517dcea9cb276d56f4d2ddca6a182f9c58890f

SHA512
80432ec547c05c41c45f7983b98d85a576f7dabe7a247cf920226daa855d467a67e369c1505580a1e9bc2244e1016bd2ef952e0b47cdd47bfa9c85cd2ad99763

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ecfe486b851d31e8611a0186605269e8

SHA1
46859350859825b5f75ca5cb25a1938461f49094

SHA256
41f0d1b163e780368ae288dd650acce9fca7793f704a3c6b40a222f4b1fbde05

SHA512
ca520348a3465439c7c6aefea5a3508aada970f9d15059135dedf1c1f5c62e67790ba4ea96cddbfb8fcd45593ad1c9c4fc56817fd9271353598ef037ab69e663

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
628d67617b727e0104cf488e4e46aeef

SHA1
57d718a2d24677d61dbfcdd5f7595ac713ab938e

SHA256
e8c20aa9882993e971dfda06a3674db2a571b2de65f24496445005d6afc515b1

SHA512
cadb1c21886ecac1dfb1d4a10b28f3515c80a5ee5c0a72d68dddd4381930834f6d35e3759642984ead304d9358c785e8864e28d4af6b28dc835bd234b8a75371

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4afb9695a1cd5c3d054bfc45ce7a2032

SHA1
6a543203be10613ec6df53b57aca417f98b479f1

SHA256
d85f312afedbc7848792b07b116420105d469708948db25f9915f6468074cf15

SHA512
ca1dad5c0e354f44f6f13e2dba1585a62f5b44727343e1a2ebecf797d0a45fb66e34a058a1699c2b2fb26686e604ac972b5d43605bd164cdd871b235bb24125b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
272427ed08512b41774239dd71e213e3

SHA1
50e2ab0b784775882345fa43c02dd61873db747f

SHA256
6eb0a6951f653e5f22ca6b5fb2397d1950d4858cb528a7bf2a634b1a4ad61946

SHA512
bd9adb2c9cb6d6642aa61bb527beab193bc3475aab4ba3dfbb0a9560e2a6cb161943032e7a9608a8b8c831394e8133afa4880946adf418160a5234344bb75e05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
af40b5a7be7b3d3ed0515b2f981c163f

SHA1
2e6d6b5f148160ffc4548aa02f76a0f0bb9dad25

SHA256
a68bad6e0d1676f926a27790e2e2b3a2a321d9a67bdd041b0ae10246221f2f72

SHA512
dc9306fb0bbda5770ab399d7c03998e6c6d12626be1b94a1e09a6700313e3d9dffa1a9cd2a0ac96b72e7ec21bc4f10e853c7addada7ad42449e23e7ee7edc717

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fbd226569e1559c9623cd67c5563f200

SHA1
91d5b6e492426a9449450d393d74898cbcb3ca8d

SHA256
77eb23a73454d94077be9388c919ab5cddb0d841e1a913c2509b5c22d19eae36

SHA512
320b0053e96086631364f2b9bc63ff62fd65e473fc7810c29369812e8c02fef7e6453cb01c3b9311c54ff6b7fe9b2972062a987f61a09e9abd5b1c62cf11b53c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
ac95ef0e6b834407336c7ab93cf72ea5

SHA1
d53e7f738131705905cb05558cdd6cc2682c9c18

SHA256
e4b8a9c69b44f553a442d647b9956a325e7248d674a97f735e3ea44f2b54f247

SHA512
39b4101a584ccbfbc854432404834e220aed854a377a4fba2a823491465f770033434f036a4e78cf1b98a5fc4dd123e1e8f003ac347a5df9dccdcca28cc9127d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
8b69fe62e5d5a845a11c0ffce0327c1d

SHA1
62116bad8c6f1343349d1a453662633ac938118a

SHA256
e2fb282cc2bb139634ca0bcde62590246c96ea2501dce38333d54a3c57e11e1a

SHA512
3b04422460f30458c1ca4074f47a3d87f9a1abb6d244fd8986d8fcfd7e1cd1ff405061b313bbb0ebad5782914e3287cdc7278bbdb7b967e7735cfe31f2a715b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
19cf3b2f5f66fe0a03188b31b77541fa

SHA1
5db2822888f5242e5cd3def418fe95c2a4839734

SHA256
c1d8d54d8a4d3c1442db2ce18c3d5f86f8da93a5babd0ae7e81bf528e95b50b0

SHA512
8f621f5af5c21a34686cb7ef532301c0b3140c71b31940e8b2430a4b8fbb83ea4b7e036812c826ced9d3eefff39a22f2c9cd55d2b3ec28f2aa8d746db1f68a30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58216e.TMP

Filesize
538B

MD5
418b15d1f1f634e315e16a20783da974

SHA1
2e11b6b25fc8c1556645baa633387192000ee56b

SHA256
6c594b8c0692ba7f73b036799fb9a785f4f8d4b1c70a168c3988079fafc7c68d

SHA512
dbdc6f18702d45a573418866933301dfb08597234ae31ce4a22ddfbcefa4c70eacbe847da59e95bd21ec379abaf65d1c46422714b8bedd7c00ea53181538d124

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
639c02840e15cc086474082bffaa2a6a

SHA1
0890607fb6fc9d42a17b46bb52b45674c23ae3bb

SHA256
4677107e67ee6c776b611ae2fdcac1b08fa2b4968081502e554f8c117401ab91

SHA512
9bae348e6f2a052b97ab191c7652e4e8c63a6ffea5f911c586f82995d59f7a31ba25d61fa385f0423c21189ef72d359ee92c9bf00d27080061325971048df868

Download Submit