dd61175a505737f36b0c5e5da9c4aac6aa8fe06a9bb2eeba5effdecd4810d6ad

Analysis

max time kernel
145s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
07/09/2024, 16:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d266698ff28e09b48749f2ed44a02ce7_JaffaCakes118.html
Size

113KB
MD5

d266698ff28e09b48749f2ed44a02ce7
SHA1

117fb540e52a011af4478347353f699d07c4a4a9
SHA256

dd61175a505737f36b0c5e5da9c4aac6aa8fe06a9bb2eeba5effdecd4810d6ad
SHA512

7376f95a136b038d5a9f401c98b0043b7f60875c7bb6f61fe4c317ba53b5070809c5642b3d39f17b0876ca410da50d9cd9c11866916f5ee7b79d4b862d4c06a7
SSDEEP

1536:Dwgr8VkeO3WOMdyFRlkvPmInUqhbwq8tnysXmrbSaS6cgRrAq1grjyP:jeO3WOMdyFRlkvPmInP9bnaq1jP

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2580	msedge.exe
2580	msedge.exe
3016	msedge.exe
3016	msedge.exe
5116	identity_helper.exe
5116	identity_helper.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 21 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3016 wrote to memory of 1804	3016	msedge.exe	83
PID 3016 wrote to memory of 1804	3016	msedge.exe	83
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2028	3016	msedge.exe	84
PID 3016 wrote to memory of 2580	3016	msedge.exe	85
PID 3016 wrote to memory of 2580	3016	msedge.exe	85
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86
PID 3016 wrote to memory of 1352	3016	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d266698ff28e09b48749f2ed44a02ce7_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffd50e46f8,0x7fffd50e4708,0x7fffd50e4718
  2⤵
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2732 /prefetch:8
  2⤵
  PID:1352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1
  2⤵
  PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5972 /prefetch:8
  2⤵
  PID:4492
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5972 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:3732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1
  2⤵
  PID:376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
  2⤵
  PID:4908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1704 /prefetch:1
  2⤵
  PID:3004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2240 /prefetch:1
  2⤵
  PID:2680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
  2⤵
  PID:3152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:1192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4180 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1324 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:3808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5812 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:4256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,5961474477232968736,4667224625431574428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
  2⤵
  PID:4280

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3424

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9e3fc58a8fb86c93d19e1500b873ef6f

SHA1
c6aae5f4e26f5570db5e14bba8d5061867a33b56

SHA256
828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4

SHA512
e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27304926d60324abe74d7a4b571c35ea

SHA1
78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1

SHA256
7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de

SHA512
f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
71KB

MD5
da52e38c98b0f2047abeb07609608ab5

SHA1
da1210caff36df73e49a0c271ff7d573c2d20d02

SHA256
726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

SHA512
35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
61KB

MD5
468446a7240461af44b59ebb2047c231

SHA1
47b7c525dc91bece99df0c414960b9490b986ba8

SHA256
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

SHA512
ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
23KB

MD5
d0007015af7e55b5874b6f7711e9ab67

SHA1
fd514e45401ab3c27d2fded42f34024260086150

SHA256
95c98d45b7481d60c8078e04973ca86a67833927fac958ed6d8c28593454aef3

SHA512
375ea404a1c847f5b5e10803277d6a54fcf22ffdde3f41a06efbf4732858d749488b7ac67ffd9461a3d0b7bfd8f18ad465946cd4123c54383a410db6e699a6df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
184KB

MD5
d07f3067bc87e66bb8024ca3b86526f2

SHA1
805b141dd719e72499d89b7ed43926b1eccd8d3d

SHA256
474078cf4909a7551a17ed06152b0c1e39245eef7c5e2a274f2511304d130658

SHA512
c0630484408221a8fa1bfa08ac68997eb8f3f242239809b5730eb75d79032be04a3cf8fd3e6bf81cd3d1887e59f689b1fd572019ac92771a36c8bdca99ed5f53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
253KB

MD5
adfb3a285a529da7147b6901068433ed

SHA1
0230c243ce5abe8549c048dc13f99fd603964347

SHA256
d9e2a11cf0b03627e1f8876a0e7e52bf4c12c9dad7d6963fbcf2f82c4702da93

SHA512
10c27e5f47425100caac397df594f458fad44fc5708d24a7044f431260824b9647609b54c00034be9e4bd824b8018956a8c5c10458d4495fb2144d1d0effdd28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
238KB

MD5
824fc4cf2f75fb552c31a3e3fe5ef1de

SHA1
7fb1a28117276c854cd5259b9b1c8145d33a88df

SHA256
4b23682dcb51007386d1e70c62fb63431e775a778d06b6d3ebedd2e62829226e

SHA512
c611ad3bfe219d8bffd0db53563fe0728aea8cadcdcf3cf26614527147a5f411304cd9c41d26fc1dd075660ca12975e2defaba71c04afba29c0a67d98ee98998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
245KB

MD5
7d0dd158dc38bb88bfa6e97b81f8d3d5

SHA1
11ca5f00ac285a302e28b41724649a1b835a2c41

SHA256
a38c7494103ea2750ef34349eb36bf0cfee1bba9477df821f388211e93a53806

SHA512
d10ee529f82b14b9e767e1bf7f5ef3c5be3c516eb12810c3ac4b0879b92a6b474fe906b6a0e442ca4780df3f2c62c6470c22f86b6912f0855f461413330687cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
242KB

MD5
f21c1b089d81e0bd3db97a379f0c194e

SHA1
58230725f5f8032471c83e6d68198a357d33c398

SHA256
8f5666efcde6704c946898adc042317d9507bf7a13251fdd732c4668a4be9c76

SHA512
47be6530142e9ca9b7a1b435aa4c26fc789295758aa3c26c34487fa89d4fdbd9fcbcc962b1894157512ba422cc44975c650963ce693782459310cabcbef80a05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
275KB

MD5
a554d92f04da5d57598a40cee88bb90b

SHA1
00b1639af67f44309d142477acff718c9819f813

SHA256
327523dc9e6966795f7178f75501ca5f195b6a80331d86501c279a661afce5c6

SHA512
5c63a49bbe54c7aa69d95a26ad0af92409dbef33c0d5a23e90961d6cad43626f1c66d4d6d766ed724d91936f5764147509ba058f78a5de9b977481b80867c80e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
269KB

MD5
0ca34d374dba66a58e647ee5edce524d

SHA1
f2d3b02c36b329caf747fc8bcd76f7ec31453a20

SHA256
02942ebd82235cb2b13bbe96caebe6112546baa19dab239eef2c0f908455d5cb

SHA512
209c6ea76c2948488432299cb764900448bb9ff8db1e21bf03b2a98cf25e2ac8fc2bab156c9760b765dffe28bb57f26b2b74ab9b1f59591eaf1cb2eacc71cc2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
313KB

MD5
9c961086dcfd1c4960eaf6787e20d624

SHA1
7536935798bb344d37c8e4862d91a649dd6166c7

SHA256
e49e5ecee4e93bba0b2b85299532030cb1b06a60d5986412526b040f9e9f02d0

SHA512
ab60290711c652fc3c940de31a52ede0d8ba3a480ec98833a1b06711c538b355d3740f86b3dd526269c9e36bb9dc4cad84453f1a39f8b02fd7cb3b958a2cfdae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
213KB

MD5
69a04cc90a3ba99514fc5e04c0d033a5

SHA1
01237a241a841e53e1907cacc4f3733a91e5d3a0

SHA256
5f7f853936df867b472ec1ec5ff85412eebde8ce2c20d38961145b038ea1d1d9

SHA512
5023785168926ba0a901902ec17f740e729cdbd891c2c2e4c47fc9a895244f820c73113dfe14be90c3d8f43edbfd5bb031121c641576ec11b37d3da7ece3aab9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
318KB

MD5
31e6d463cc78b79901e230561f5a306e

SHA1
947ee52635f30b26920712166a76733d37d2a988

SHA256
8871981948a8cb9103df0fa48a7b7210b8a9fbf0fa55ddcc1653b146e7b486a9

SHA512
d6e282de50471aed7e1c36364662f43480e5838528fd85467834c1696ed550edd35589cc5bb53e167d7bf127f6e4ff1b8fff9130ec5607e1da512f689dfe4981

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
376KB

MD5
1198994178e48aa2f97d54119ac967b5

SHA1
ee406431d18427d836b4a484b94c56435bb29b51

SHA256
5afcd9f1097343a07a0f9072a8bbe4476837430baeb266c6ed314c483981026b

SHA512
dfed399482d1e777e33a410edff4d28ef4de57045398b62b551642c280dbd9a571a46767aad8e349b41a896e9ece1c09c81681b165a207517043a847234a61d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
320KB

MD5
842c65df600dd433f2cb1d5f05bc4864

SHA1
5653fa70945db6e0ae8d544868773911d5ab5ccb

SHA256
2336d42e77256ae415f74eeb9a5a7b7f943e064498c4cef069eff54e0ae05f4f

SHA512
7ddd3d348887bcc77d171f40b80a2e8161f26e6fd2e7ecca346335d904a73e403651e5fd80ea6241f1e7e23d295bbff32fce5d979999f252f3e0154b109e8476

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
28KB

MD5
52cb2cc4a6943cc0f716ead84d08118e

SHA1
955a143b68f42a849f8571b324ebf6886a9173e2

SHA256
c4bd1dab4e04f630b402ea3d002b14912b3b0ba964640840fac048bc2d8fc259

SHA512
f114a77a221af0d086367857a4df2b6abae36e3e87866e062f78ca7873c98633620c6da8bb91de7c48144ca885ba39fcffdec06b5077fbea34b4e7a86563963b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
34KB

MD5
b6d29aeb8a7b59c432dd037eb105f4cc

SHA1
98656832d5234e4c51d8e2ccbea936b408b5a9e4

SHA256
d30903848b862a623517bd1fb5cec1b5e08a52a242e9de522518d1ec75122d21

SHA512
eae2de516cbbe5265474b01874758612f8b00b58aa960fc2145e5e57a9c08034204675a7f7d8ac0b255b95f472106dca1aae2ff5d3cd7e310f4ce74647623922

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
20KB

MD5
5957c300b8653d48c875490dae6f3edd

SHA1
4960cb666c7863b2bd8a3449619005d0730875b0

SHA256
9dd3ea282d524bfc4a534223dadf1450686feae44cf231eedd604fd6238e96d7

SHA512
eb965c8beb916dccf7469399df4e504c1ea255a443d933648429e7b59ef04d249812912b171afcd45b155047773ed46218d2e3509a701f4bd63171c133efe66c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
45KB

MD5
aa6a698d1c7fc6d35265b10af5570e9c

SHA1
00da372ad4964a5d5b8afff7fe1b207ff284f232

SHA256
02f6ae7bda59fb1a20d3386021fb972ced348bf724fea42157225d416f9f049a

SHA512
f5b2f732e899cc0fed577e1ef1c51c154ede5d206543e8ac7c1fabb182901f8e93e137b63f12cbb87b3f570a283a368bfb1b9d637cc5b1c4f1669ff5cfbf306b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
4e36b81df86a5a3c482a3988efb5a06f

SHA1
514ba8193643c91ac9494a307b3f3bcca4dd8f9c

SHA256
45a3291aa7258e0bbd20a35d6bca02f069d50043e16cbe6e851314572b0b057b

SHA512
99101edf083f827035042f6fe0f819585e1850571670faf1eb4e0926abceeb015bb52269c858553c90799d9ac1b816cf55543252b85c96d1ddc02070f2065125

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
6016b1350835ebb290be7b04bfaa2cd8

SHA1
bfef6cb9ea9a323206e865c5ec65571f3a265d01

SHA256
78e5c09800e91a94e84d668fa94ad291bda87a2114bce7fee0d9d70a0e6e930b

SHA512
414faa897d161d7fbd3908b27b45cab7de2dd637e5dcad42819a39451bb453bae15832d917b4e14d00a1ba30fd740814488c8816e033bc4a0a33057dc2a56bc5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
36a1bcdbf757b1bfbf455f7b9febc53e

SHA1
226f8828e45b94e1407e5a5275a47fc276ca614c

SHA256
e3a347856ef988a36059a2219bac4f5f7e9a3e5cf345f9ee92b5d167c3f6a8d0

SHA512
8505cd0859b8be2bbe7a2e5f20cd3e275e5cfae5309a56cc339d19c1b2ffca16aa741313d2f79621812fa35142c9597e7c4982752390c46db0af9508aec068c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
35ace57b85a811d6720a2c4a66d87760

SHA1
5ed592f0327efa72dee9570e5da482c81695e4fd

SHA256
e71445c7e18fee61db74ba07e9e2c20f5ca8154d833a54c67c08519f5ccfcb05

SHA512
37c38451833559a4548011ca14d34c2c0ded686a30e8e922be7ab9a43816b2ebbdab5a483a242416759531582931875c33d3a82e42ddc98e514c5da01df2b74c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
ebdd1fb40cb633403b4e15c1cc11cc13

SHA1
9a876ce7c65cf85bb5e7aed79a4d13481a833c8d

SHA256
d48696be1e1fd604cc7ef587641b5917e87e69e35f17c8190de4525dd9e817d9

SHA512
86aad8f7b102cd13a2307c107badd0e1b6b751aa7c010e02a54b8a0620b9fa678f2e65110418da7a66757ff6d7d3a4b43426c230572a98cc84e713bdd60e6752

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
a9efc5e32d09ddb9fa08d0f0a9e47009

SHA1
2058c3e8e3254b733363dbf22f0ab5f7ccba7fed

SHA256
8cc5e88b9cabdc56b070b9505dc64525001eabfad825c93c2905e5ba3092fb77

SHA512
edd4a42da63b2f6e28c02457bf2b72c8f9935ccd2eb475807c249a372e2db7182e0ece316919bb5127cde9c7f16492ab747eeb5a47af2c66df3ee770bc17740a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
034be761353081c07f11c810b51c9ff1

SHA1
ae4b93664c4c564a19e7d9b92a950bc750501ca2

SHA256
15375130379e6b68281882f0b3c470f162d562ff892a44f5082e2bf089792b2f

SHA512
18c90fd4385f1ac78f8b598947d70a49efe7d69b800dbcef1817da242f79c63c59e4548ec4544068c8712397658314e7257d757eea5fa0d77fe013213b76f863

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
18f63fb51e483e97ced5da854bd26304

SHA1
0feedbed3e5a95337fec8f1ee3cbc038c31fa0ed

SHA256
d41c1c62e0123cf4489cc6e2e8a3101676c24c2f21eb2e494617503e97e92c5e

SHA512
15b7b186d4eb4108e6e6c71f4ebe6214e33d2e7a061ac0f7bf9f830b0b309d3f2aa5209d5adc43ad41e2b65b64e9b0c4f5ebdc0aa6ec43145da6f718c1b8afce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
90614ccc4146dc4c8b75b35e5e365c6a

SHA1
c4280a081dfc9209a3de9c50157ea5266a78aee5

SHA256
0be0995b98c2355a272ddf11c064f34a95e5a985c6226c36b9eb33bdb7d63215

SHA512
5d6c22d0c98b5360e94aea1441bfa64608d43097ea0ad2139d1b210d413a36367caee45fe165963847d2077c5866a85e2c4ff885c126274facfa42ff9f040434

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7def19fddc8f3acf1050e6538b6d8ff6

SHA1
ac88c479c646c258d9fcabbbea77ddf7a1b16855

SHA256
bb2ed791f807cb01686bef1a8c569a25d3b62a2bc7e8b975b5511ee568cc8934

SHA512
c1372b8f674453c9c53b45f7e8447b4d88379e01d76a438420eb03eb533fedad5003bdb0dfd0f9b1df023f374d1ee43518c15d7500b377eb6f82f9b1ef2043c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a7a4c7a4b70bda61a0d5f4beb1b04c4e

SHA1
0e4ad3b9429e011a80ac3d8d8e9068a8a68026f3

SHA256
abc9a95bc9d00d62f0e569adec6524cac82fb580b26e1815554c63ccd451d47e

SHA512
9eeef579d6e099ccec3c3dd60c65c5a31017fdf191513e240f769a9c2fc96f373afd4f1d210abdecb0570cd489a9096a4af500570f9870edbb709ac7e18d9b88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
6a5bbdfda5a54d4ddbafd33f94aedb08

SHA1
fa80eed3489373b88815acd1e6d175807103bdaa

SHA256
3ed8bd45a070df8f3dbb50eabceac392cb55977f24754af75180d307d43dd4f8

SHA512
ad78cfbbf1581fd31762cd2483a54fd305cbbcfc7eb6f3839bd48a87ed8f5309cd1b65db36240ebd71baeebcc4480b621f4bb6f5a4cddbc6937ce9baae40adba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
d4cf73c2aa24d5fab5b5ad471135ceeb

SHA1
6974d1c29267e7cbda009e05085039098c726097

SHA256
aa7b5712e1955b958460faa7de0b0552b955f7006f1d4772ca917bf0403b88cf

SHA512
cc3e306c4b2f9a4f9d81a254992a8acde1a78fa82bdad95afa7a9b6bde789732b762480e6f385ef67a53c0befc18e917c4f078ab4980c65e4d25272ddc58c1b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
6ff2795879b48decd076e7448262dc46

SHA1
bd9c3303c42c026f8a1a0c6ef41de9cecc77d3f3

SHA256
01a7b49c428fd16a4985c1a347e8f794d8a3c7278ff3605fb06fd066b13fa515

SHA512
3bab51adc4059a4f1df5b973d3b83cf3dece0afe46a6295531a9ad8918b9a9cb655ccbe0cb1eb73e55736116e38ba7a21245f7aba663c5d6a57cc4c4b9786f14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
8b606783dd88195b3b9964e1d2b05227

SHA1
bd45461d14d6a3675585d619fd985028e326a314

SHA256
c3249666dcf37b54a834fb10bfcbbafcb38089296d090623abd8c579548fdfab

SHA512
89a53c72083cdd71aa27e24bc86b121117ba5aecdc6d2c48ab7f0a43942a232c9a25d979ddae8122ecc9a4e2472775e64c5293f7f651f15fa17d8ea5ad3c52fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5821fa.TMP

Filesize
538B

MD5
23216799802850696562fbbdbf549c33

SHA1
f37641f68ed049c153bfd4c6c8410fadfa3bc4e7

SHA256
666930a08de14fe8b080eb3c9860fe68346e284ebbde438baa0d1404b38b4bd3

SHA512
431763d086973ca47fea7ccf612b3f1bbcc609d31587cb52abacd6035e2e9528ef5f7f39a7b981e9a56c6b6ee1701a3d19350f9dabfa56263e33e6e61bf41d05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ed8c6e529783a1ddcc68b7929696fcb0

SHA1
0a81c755a11dd80a19cce31d86dc84d0b26b2e3d

SHA256
04874523b9c49fbcbb1cbb1c04a07cc60fcaf378f930feb7873a7f1f836c32d5

SHA512
c75873c123431b99bd06e9a16d9031adb486b9e0f84b25f1de362d5fe806dbc8d8b5218da8d8c23cf8f03495be06775359faedfcd04ee242838a3754c92896a4

Download Submit