cd237ce85def92cc189e8bf0524c6ee04b1546290270ba78c37cf9a214ea1efe

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06/09/2024, 17:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d00a70f18945ecc773f13b4e4cde0830_JaffaCakes118.html
Size

164KB
MD5

d00a70f18945ecc773f13b4e4cde0830
SHA1

a8fd518dcf60aec74d58fe36ab985186a047a21a
SHA256

cd237ce85def92cc189e8bf0524c6ee04b1546290270ba78c37cf9a214ea1efe
SHA512

d086fa5d686bdfcdc90250036f0d0337bff4b5e21fc8ae38f65b48f12fdbd95a8c3e3d325d48d1b432557dc6067f2040c7f3784f7e61d4f122aca010efe7a3ab
SSDEEP

3072:sHRcVhIVs2LQe2U0Dzvj40MZEPjLpUxAfYxslxNcl8CLcXmNRSxrfOZoO+i49KBh:oc7J/jXmNRL/RkR8L

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3588	msedge.exe
3588	msedge.exe
560	msedge.exe
560	msedge.exe
5060	identity_helper.exe
5060	identity_helper.exe
2384	msedge.exe
2384	msedge.exe
2384	msedge.exe
2384	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe
560	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 560 wrote to memory of 2660	560	msedge.exe	87
PID 560 wrote to memory of 2660	560	msedge.exe	87
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 1204	560	msedge.exe	88
PID 560 wrote to memory of 3588	560	msedge.exe	89
PID 560 wrote to memory of 3588	560	msedge.exe	89
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90
PID 560 wrote to memory of 1544	560	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d00a70f18945ecc773f13b4e4cde0830_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaae9546f8,0x7ffaae954708,0x7ffaae954718
  2⤵
  PID:2660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2
  2⤵
  PID:1204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
  2⤵
  PID:1544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:4716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
  2⤵
  PID:816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5400 /prefetch:8
  2⤵
  PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5400 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:3124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
  2⤵
  PID:928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2244,16677392244020330038,7749703177664516011,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4788 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2384

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4392

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3196

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
23KB

MD5
33a83c16527e4531fbfca2631f653674

SHA1
87a63514c262ba4bffc52d2ceebb3ca14353507a

SHA256
1156bb50a264543f6a9dc8922dd2c65d444c8bb11b3b18be95d5adff840b33b4

SHA512
f1dba28d0f81aa0894436ae7b4ba76a2e635f002f666d17d31b8b21500dc2321d7862ca8dcfd22e44aab4d1f33112c076dc95191c889546a40f9c6197cccbda3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
87c3622f1f90736cfa115a908f104e06

SHA1
b83e3700fc7410b6cfd1d309e26a7f8e422bf58b

SHA256
5f293fcc7ab9ca0dd8688551f2da433a225d5be89c3f06f11fa255eab420dde2

SHA512
0f19c17a5074d242443c9cad5c44338e7abe33d92d1e96efb70b6c42222718097b6a0e487541fb987527849a3f7dc20c0c2a88c4da5abd743a9955ff602800b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
36b7917049de4bc8916ec40d7477481a

SHA1
d24963bcb21f8e495c47cc560e9b95c08bdebff2

SHA256
fa4d1316209d0f98c1e22f72dba90879668685d0f172f259b7d981c256ebb377

SHA512
ab1576a3d5b5fa95c3e7237a0c0959ad9d4b489ec7c5db75a065305ca8fc21b1b41da44342f6e82dab73b175c794c4d1d9dcf96ccbe30d6f50e9309b69c0c3c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8b360fec16aee2450ab4c5e0558b6f5c

SHA1
65930fdf6adb3585baf8f91538c7072d0095dfa8

SHA256
60c9f19438466b53236f5d7ee5221e56d28a77cb42ffd94ba233a41fd19a8872

SHA512
1f1589ddedb37a9558e1a3360b493be32648114050aa9696595c933b83437c9aa9bf89ed1362a7c11e5f9dbbd37a57b12e8224933f3705e03fc912331e97ad11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0f7cf25389a20f97672fa065ff651414

SHA1
2da6bfbf6840000dc037a3f65908893a24a177f0

SHA256
39498d701c8bb707e0bc4e29ba7785dbba7463df8f96a56eaa66ab2a3fc3ee5c

SHA512
769b8d633c903f39404a70aa528032741ad256751ff3916dfa4d2bb97b60c917b3d65d900c953dacd102eb18bbc2331628dbb4d08543d41ee40a44f454aaa48a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
34e3b383b9e6698e03973166483565b8

SHA1
3554fbee0e09329d8fce85d849e24cee67d54406

SHA256
66007bfeaa0515582c39acc27879030a701a24772058421bbef0c63846a302d3

SHA512
37dfca9f55cacad343634b2e6b72c0dbae6cfa4531bb47858f040017be07cfabdf0861be7be685c59206f4c2be4c5efa0f51cec89cc7a34032d12181e599ee06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7eb42332c5fd495b0d75a39a1a9c2588

SHA1
5a2753fbd421b1a47c5918af4f776ea5dd3b44e4

SHA256
525578c59e87e16be2dbc7765e9ac197b3fc332e2119e6dce3bbc955f012242a

SHA512
729a2058bcac934871cf0d1174af6c7b1f2c16da9dcd560351fc08e510e9703eccf7492712f72faa4c95dcc5b432eab29dc61c62729b8db4b54585c19c775581

Download Submit