920a8632926a8c4bd3f0b30ba0a0ca09bc1c1fad88f80c38df71cd3d6088119e

Analysis

max time kernel
145s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06/09/2024, 03:38

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ce8feb28c714827c7bcd950379cd3a67_JaffaCakes118.html
Size

65KB
MD5

ce8feb28c714827c7bcd950379cd3a67
SHA1

dec7ad0a859dabff6bd89e3a8efa171a254991c9
SHA256

920a8632926a8c4bd3f0b30ba0a0ca09bc1c1fad88f80c38df71cd3d6088119e
SHA512

02aa6ae4afeb1755efd6fa96b4b126114b2206a7f940f3931e42ad250779a33998dbbb0a80a7a14d9dc986f5b3d0955212278bee2d0bf21906d16f8a6ca9bcc2
SSDEEP

768:7kc5mkcluT+g6/m/chio8cUPt++pv9FmYw2YeniA3p/CSBv3VYjreOmgYEC79JXv:7kc4kclbg6/m/cUout+FoiPYQCzD5Hl

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3692	msedge.exe
3692	msedge.exe
1256	msedge.exe
1256	msedge.exe
4900	identity_helper.exe
4900	identity_helper.exe
3124	msedge.exe
3124	msedge.exe
3124	msedge.exe
3124	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe
1256	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1256 wrote to memory of 4496	1256	msedge.exe	83
PID 1256 wrote to memory of 4496	1256	msedge.exe	83
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 2984	1256	msedge.exe	84
PID 1256 wrote to memory of 3692	1256	msedge.exe	85
PID 1256 wrote to memory of 3692	1256	msedge.exe	85
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86
PID 1256 wrote to memory of 2348	1256	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ce8feb28c714827c7bcd950379cd3a67_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcc66c46f8,0x7ffcc66c4708,0x7ffcc66c4718
  2⤵
  PID:4496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
  2⤵
  PID:2984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
  2⤵
  PID:2348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:4976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:1952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1
  2⤵
  PID:3620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2512 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1832 /prefetch:1
  2⤵
  PID:4216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6976 /prefetch:1
  2⤵
  PID:2524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6928 /prefetch:1
  2⤵
  PID:688
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7488 /prefetch:8
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7488 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:1560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6964 /prefetch:1
  2⤵
  PID:1784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6920 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,10426682925335734306,7934982549557193508,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6348 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3124

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2644

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1268

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e4f80e7950cbd3bb11257d2000cb885e

SHA1
10ac643904d539042d8f7aa4a312b13ec2106035

SHA256
1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

SHA512
2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2dc1a9f2f3f8c3cfe51bb29b078166c5

SHA1
eaf3c3dad3c8dc6f18dc3e055b415da78b704402

SHA256
dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

SHA512
682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\76ad6bd4-8c8a-4be7-aefc-062365b42525.tmp

Filesize
5KB

MD5
e50c03c8e55b1430d38935916bb17c60

SHA1
f1583707e5d330858987dfa6d0966a77cf99a673

SHA256
3dc7a89f4b8803433e1f542280c3b835be84a82daf00743e66d6788adf1d0408

SHA512
e3381104c2402cdede4a067a257d4adc445d0261435cc4d1d7249c4e68b29d35bfcf12e56aec0d9ca528596d9c401958983bdf99df93de0eb572b054d2fd278d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
600B

MD5
1cc5418af98a6902f5f010b488ac9964

SHA1
5dea09d38871c31109d3bdf0cbb9ec9fe312dece

SHA256
8844cc3cacc48f52eb294303d0a1899f91b8763ec64263f5378feaab12a02283

SHA512
ba62f2b87db76f9b4154c234d35fbcfee978d495f5188b7a6ceff4ad2a381e45370b756cb6d427d6fff1f31e1bb8d8537a44338dd2a0b25ff7118c74b113f655

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
624B

MD5
7080b9b693ba8238ad2db4f52f5f99b6

SHA1
cc3a3d07619ae8a27fc7aa16a0e471c0fcb19425

SHA256
4ed5d92f9c016e12783e5d963571f1b8ac3e077ccb4b7bf1c73131fdb6241f4f

SHA512
d5fba997f8cf03984befea4bf14e487bacaac47db3896fe5511a766e75622d9df0b7356261d5200ac94010d38a6a3fe5c11c5acafd51667ebd858237be9f5373

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
4693b5602af19d420fb55965876578de

SHA1
a19c295da89b6939ab417791af9ae017d3ef1547

SHA256
a3d9a01598bd2a24ea0eebc6fd470ad6fa94752550c07d4213aee75e4b56b4cb

SHA512
b37b20b70161a23d9e721466c29794cb777c3b009b71be3dbfed113d6c405917522cd2aeede690223e393a05e43f09fbb09627260addc1a2a72eb3c47920559a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
32061976590406f53264313fd58eebca

SHA1
aa7e7c53c3b9bcae644b68de5adc1e0c0d896cd0

SHA256
ac947fc39619dfc25c36a8479635a2a652b9e05882f3a7d455a3e4de4c73a85e

SHA512
7b86fd589c8f8b2e5fbd3eb2c6c524fe5b4d70c91f47c88a5360d3476d771289588a671a104491c7370d1327caaf3a2ceb1357747019bcecd0fe5926954b0d3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
234250026942f0a650907def6fe0bee7

SHA1
f05b4cdf135b3050c4224b4609c9002bbe709f4c

SHA256
899110558dd47e9c308c9b14d13375893f85b5c1024fc98b1f57e265a452289a

SHA512
ba51931972c009046ed82bbdf4d285e8327f9e69c031491111d131cb4b4bff608884f887fdbb2f09c5e20ff462a1384740abf6b95a5bd48e782a7e0484e99fee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
27405bce845506cb9ac666f947c0ef7b

SHA1
58e69a454666fdf5707dc364107123c91cb8c44e

SHA256
2825c994dd24c8ad91ce69fe878b98842bcde8bf4842d6047aebef0f64170f6e

SHA512
88378b6fdce573ec45afc7537db5acf1597cbaab2dd2902f64f7a182f1d7d94303fc7ef50ddb06c088e8ac6060f6eb7e8eaabc1f2268f73ead42b2365e5805ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
431b6a964fd29b78c7e71ca684a11d41

SHA1
1338e37691e4f594ef24b1acb4fb447ef86facaa

SHA256
88e73f3911dfee23928cb6e19d74a162f9670ae5e32c06ddac6dc42f89cb5da0

SHA512
16f5bf1d37762963753131f922eced88dac59019691bd65473f96b3a2041f01f6db81581a28bb8d7e4354afe9bf4e72ab742c2289a924dbc746bb9ab7ca0436c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2d8556bd17392dac6c2e385ffbae3a99

SHA1
6bcd6c3984ba1996a4693e48a180941ba13aed71

SHA256
3c1e78c222d6a6e8ad66921e9449671a8232ed59addd1f4ad6387b1aa0bd75ce

SHA512
fe43c5e0f2528c72c4e3c7eb4fb722e9e967724a9d88228823f64669a419b0e1bb8eeafa964a49295bfa097f231a3980ed071256e5691097395d787de5491486

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
c09c2a22680495b404b2d66e95da11f4

SHA1
506aeb0aac584dafd149da90590d3e4a1ab5a2fc

SHA256
cf51d1a1e40b06eb424789823a74ea868ddcc2c54ae2f8a839624a0ae3bac936

SHA512
a59c3111a97016f5edb64ce9e852d00ec3bc8de68f96afb0231c66f72f5b7397050f1d734a8a408468fec1be2b2a4c2c81f318079ecc4749bcef2ec7af628d80

Download Submit