b67b521555ec1afdd509fd0369a08bca07b96738789dc4d046f13d6eecc2833b

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06/09/2024, 14:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cfb8548fab3e8a60243006a45e28ffb4_JaffaCakes118.html
Size

175KB
MD5

cfb8548fab3e8a60243006a45e28ffb4
SHA1

ba711de72c8fc699411b54a137c91e0ce60b1198
SHA256

b67b521555ec1afdd509fd0369a08bca07b96738789dc4d046f13d6eecc2833b
SHA512

65e50034b14c0f328ca3940a93bb2f0dee1aa5f8bd5238480302d98031ddb0caf7c070f45145f201840f3b80f75ebc4206deea0652bcb8d26da7927d1abe6c3b
SSDEEP

1536:Sqt58gd8Wu8pI8Cd8hd8dQgbH//WoS3xGNkFSYfBCJiZv+aeTH+WK/Lf1/hpnVSV:SHCT3x/FjBCJiWB

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
4440	msedge.exe
4440	msedge.exe
3580	identity_helper.exe
3580	identity_helper.exe
448	msedge.exe
448	msedge.exe
448	msedge.exe
448	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4440 wrote to memory of 1160	4440	msedge.exe	83
PID 4440 wrote to memory of 1160	4440	msedge.exe	83
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3408	4440	msedge.exe	84
PID 4440 wrote to memory of 3016	4440	msedge.exe	85
PID 4440 wrote to memory of 3016	4440	msedge.exe	85
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86
PID 4440 wrote to memory of 4124	4440	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\cfb8548fab3e8a60243006a45e28ffb4_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa62ab46f8,0x7ffa62ab4708,0x7ffa62ab4718
  2⤵
  PID:1160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:3408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
  2⤵
  PID:4124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1
  2⤵
  PID:4432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
  2⤵
  PID:3860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
  2⤵
  PID:2624
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6000 /prefetch:8
  2⤵
  PID:4732
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6000 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
  2⤵
  PID:2724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
  2⤵
  PID:768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,1966786885882056852,17929044403377143699,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1048 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:448

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2524

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3100

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1844

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ab8ce148cb7d44f709fb1c460d03e1b0

SHA1
44d15744015155f3e74580c93317e12d2cc0f859

SHA256
014006a90e43ea9a1903b08b843a5aab8ad3823d22e26e5b113fad5f9fa620ff

SHA512
f685423b1eaee18a2a06030b4b2977335f62499c0041c142a92f6e6f846c2b9ce54324b6ae94efbbb303282dcda70e2b1597c748fddc251c0b3122a412c2d7c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
38f59a47b777f2fc52088e96ffb2baaf

SHA1
267224482588b41a96d813f6d9e9d924867062db

SHA256
13569c5681c71dc42ab57d34879f5a567d7b94afe0e8f6d7c6f6c1314fb0087b

SHA512
4657d13e1bb7cdd7e83f5f2562f5598cca12edf839626ae96da43e943b5550fab46a14b9018f1bec90de88cc714f637605531ccda99deb9e537908ddb826113b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
696518a7bf0688d153650b2ba42cf52c

SHA1
e2592c70d37cf7a85db67a8b3abed768dbaab1cf

SHA256
da179fb5f3e6486146d052f92c243a865c424741c60d04d5fca343ed26d3cac1

SHA512
f29239d823b5d04a6901ebaed52168f5b00a02edda3ece8897ef8a64ae98f8513865a84340770af46557eba4f1608e6d673afb437ae820dfd0231931e550c948

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
f5761eac254b345c4dac1d36c094cd7f

SHA1
2499c0e3a118ab53050474b8079fc8b79245ca63

SHA256
ea98321fe20543fea0b097702846fa774e9715c2d65d3fd43983aa43990cc8ec

SHA512
9ee1164760ad4e5d1c69c5dda2c1f4cd7b6a5963d2c484e5441538e3a364c5c1920cbb09b36c51660264ca83e1f0a3edd71c17370dd2352fdf3a1c695cd6579d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
9ffd325f977158b7bda8823af4175841

SHA1
38d03c0251dd76cbcf3151b135ebb6b1e3a3b159

SHA256
e3a12b0923249246d2a28857c9ccf65307c869cb39a406b0fe3eae72519331bc

SHA512
dab7c3a85c078fb2c6f1cdb3023a4d647bd0a155cc2e3ff89f05802975704639d2d55775fb2938a5cbca423b88e5d9d331f696d9095464999752b74c92fc3136

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
39b3f6acfb7fd04d337a0b7a1e6f71eb

SHA1
0452251e8d84efa48ae4b8188c8819dac7b91801

SHA256
07ff126ea1f51855b9079a553fff2cca331bbdbb2c95ff7ba9f639b12539451c

SHA512
8ee560e7ff08738937258d799c32899e8416413141a6b98b378cf63fec8daf02b129294a2f0f52c0392f9672af170f582f66367fbb807e01714e4574f98a8ad8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
803ae4dbf8e9b9ab302d1dafff5fdfa0

SHA1
d8b8bfd16570061b1c39e2b93343933356754506

SHA256
83294427244396cf15235fa8c20e0d992b080b08ef1cf951144f33db278626b5

SHA512
5e6afd8631e6065b50a6d0db876108345dc2197d26900c2df3684dadff42e2a794483091ba9f731710a025e78c7fc3814cac6a3938997d89541d4a56b829647b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
24317d4948f77fbe75a6a0301f0d35ad

SHA1
b40e67817152635da31b08e9e754a11db021efac

SHA256
b067006506113774469a435e3ba89a74fd13d2ab2f366dd77b69a5db91ad15bb

SHA512
13a44a74a4ec56ad70686ff5de319edd864a4886a9c681636ddd8e00df59ced147a179b355abcfd46eb98a9084ac6a52ec8c85012106112510eb3c073f7310a4

Download Submit