6ba89c3a01225ce82f8f3fd8a1abf84a240346d7279b9a376a977bdbf3f7081a

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
11/09/2024, 14:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

da86a68578c8c359717b45b65b81bac0_JaffaCakes118.html
Size

82KB
MD5

da86a68578c8c359717b45b65b81bac0
SHA1

814dbe3836ab4ab78d9de30e1789886672e8e6ea
SHA256

6ba89c3a01225ce82f8f3fd8a1abf84a240346d7279b9a376a977bdbf3f7081a
SHA512

0196f742b389ae8e8d6f5df91ed7843457fc94b3215082f5f01f85e0e1f741e7192a83319ccc4c7407849ec86a0929500883ad28ec2b59bd9629a967f6471dc6
SSDEEP

1536:zyHHCzFuXjyG+0J/OJuEYWm0Tmo0tbSz29+uQIQ1NxHE5PolW:zyHiZuXjK0J20EYL0WhIMPolW

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1532	msedge.exe
1532	msedge.exe
2848	msedge.exe
2848	msedge.exe
4844	identity_helper.exe
4844	identity_helper.exe
3568	msedge.exe
3568	msedge.exe
3568	msedge.exe
3568	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2848 wrote to memory of 640	2848	msedge.exe	83
PID 2848 wrote to memory of 640	2848	msedge.exe	83
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 4784	2848	msedge.exe	84
PID 2848 wrote to memory of 1532	2848	msedge.exe	85
PID 2848 wrote to memory of 1532	2848	msedge.exe	85
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86
PID 2848 wrote to memory of 1016	2848	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\da86a68578c8c359717b45b65b81bac0_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff93cf746f8,0x7ff93cf74708,0x7ff93cf74718
  2⤵
  PID:640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
  2⤵
  PID:4784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
  2⤵
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:1304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
  2⤵
  PID:1260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1
  2⤵
  PID:2456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
  2⤵
  PID:1948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1
  2⤵
  PID:2392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7000 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7872 /prefetch:8
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7872 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7596 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1
  2⤵
  PID:3268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,2246304030376369742,3951443571642617457,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6900 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3568

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2576

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1452

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5064

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
53bc70ecb115bdbabe67620c416fe9b3

SHA1
af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

SHA256
b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

SHA512
cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e765f3d75e6b0e4a7119c8b14d47d8da

SHA1
cc9f7c7826c2e1a129e7d98884926076c3714fc0

SHA256
986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

SHA512
a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
45KB

MD5
aa6a698d1c7fc6d35265b10af5570e9c

SHA1
00da372ad4964a5d5b8afff7fe1b207ff284f232

SHA256
02f6ae7bda59fb1a20d3386021fb972ced348bf724fea42157225d416f9f049a

SHA512
f5b2f732e899cc0fed577e1ef1c51c154ede5d206543e8ac7c1fabb182901f8e93e137b63f12cbb87b3f570a283a368bfb1b9d637cc5b1c4f1669ff5cfbf306b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
720B

MD5
ed25b0b6effa5c4c8ebd3c0728b4f7d7

SHA1
711748bcf4cb1cdd3cd5bd5384f7a5d39b9b852f

SHA256
886df7e7699b9043f6e07a123984963e5db863a9566aa453497a1e2e6d556f97

SHA512
e39d85e65c079923d1d06118c3741b71c2a4cfac569b44efbf8d077e0333e4ee9c0ff219f3067c8eced2ccf64b738a316a3d4ad6e5938a3f99497af17c739643

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
3ea1d00ec0acdaa7468a997f5f3442ca

SHA1
d8f7b004812db668ddefdc3e1f03c0d4c0aaf6b5

SHA256
9e37793497991a4952522a03820b657cec25b9f5573aaf270af9a6cc22583fc9

SHA512
8c0b030008aab317738349899083d8ae4c17bd76c33591459750bb0fa4b514fdd4534cf74010366c49953223dcedf062f03bf525f6d973643c6734e92d912e44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
648B

MD5
68ae7bc874cd597661707775db644731

SHA1
21cad08d6533f7a6fbc5b1555be4de7348eb7fb7

SHA256
30ec67683dc5c0e0942e0a171de184eb3f51af5af453992e5f24d734f77f943c

SHA512
5f2799a2b1c1cad00ba2f66738a0bf54d821a9174d7715a3d9c836a7ff295eeee0144bd7b2e357e6796c403630ab5bc35f1a87fb2c0d8232202ca1bcd8f4432e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
a188ad1ffa2b07d18ee6c39f7b5505e5

SHA1
6528f7b8af76743dc38a6b8ec7c20880b7ba17e6

SHA256
a09845af9e003797f2116b36f1131697ca747470aebddf1cc39401f7ff9504a6

SHA512
7a30006453d6d33b084bf37b57306f0f1b22b794d54bd43b1cb123ce0a162568ac27f59b7ae1e7c3582fc56cc7c2884996cad54fa4bceb79200091d91a4951c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
694c1c95883ad6fc597fd46eb62951c5

SHA1
b9cde378eaf0a9730c1d36bbfbbde18e208499d2

SHA256
80de8dfe5dbe0c94d1f56381b73ddfa7b3a9ace2f9af38a820a0ae49089c8c5b

SHA512
219e91820ec8ca79a7fd6750186120697042ce1c7ba2e4dade15d35f6ea58a1532b31fe9daa5b21fe7f1e8c0edd07e774eda5008d04f73d0fde9fd9048fc77ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
f15c354038033d0d017687075b23846b

SHA1
d236a8f98af595b552e9596043f21a695fbc7a47

SHA256
5d61526cc6af8790ab638671c82a399f1a691d36ae7ba65c86f18359400d2ac5

SHA512
7c0283c391d36a71015e1dc46c6f4e32337f99ddd951ba3735f1eb387de97b6509ec8e07074b10bd29139b024240dd532c1da7cce40bb32d02fb3ef75a889736

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
c6f9a3938dc6d1587c23c4421633e94d

SHA1
ff11648541829d1b148100af6a4caef314a469c4

SHA256
5289c1b52f14b1a1d9629a249caa99301aec8bfb60828c9e94ca0fab1e07d2cf

SHA512
862dc45786523df4bb739cd19ea34bb241c00e019c89901a9e22012e56c4c943958e9f613a772c840e522d3f7bd47a357eaeefb9b8d0f43a5c83b6fe3baa32a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
e7eb7b290c2e0e0289e7aa9600408177

SHA1
38721ff5b4fb5c2e90162c7ccab08a7b6765f083

SHA256
3c6a0926883a6a1d6d4d90e9e8e922ad593870c4a96e76ba5decdf36c9813a2e

SHA512
74650a8f6dfd490301753a4821552263a66cec31c0d743d5b006b40e4ac2e7eb56bd29eba017db914b1a758b66e2dffbdbd7b7aa338d928336edf3e798b41453

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
b82276fe6dbde64b41a6ccc5f4bb3537

SHA1
bb42d77a2f78ef7ee84ed83428088dcd6f41f7cb

SHA256
3f192f929b8090dc13d1bdef4838315f84325f4daad50aa3089e83946d4a6b37

SHA512
d879b7ad48cbd9af3ea986a1231fc6aae725908c08dcb29f2829e46ef26459b0c91a9d58cbc392b84425396fbc90a9f1639b12ac3daf69f8e105beb6ba110719

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt

Filesize
99B

MD5
5c33216b32cedb3d6c49e470bf1f7801

SHA1
9a271e71ee0febaee794bdc1afba64ceb2383b85

SHA256
ff900d580b89f4b2e3f3c4bc0806c1f4378c3dac2755e8973571bfc37b801f03

SHA512
dbe9221f34e8a951de6e9ef88be9814c655d2f83342a4add097f5412fd7cea6bae98631062e7c41d152472a2f036867a5d5ff1187eae98f08e0278d0fffae0ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt

Filesize
35B

MD5
343859b4ad03856a60d076c8cd8f22c3

SHA1
7954a27de3329b4c5eefd4bdcb8450823881aad6

SHA256
8c79b653c087618aa7395d5e75198da7d3b04c08654c39e56b1027f9ef269c2f

SHA512
58014a4e7f2b4b0d446fae3570196b8fb95d0d1b70bdab0dd34a74d6c62cd8d7ca494a486f19c1a829988a3af83a08d401f18d1769ce1799a02ee09807234254

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
19f05881f382396c520fa36756fbca45

SHA1
80a94cae0f08ed0fd365a1270dc332b2bc6abe76

SHA256
cb9ff993a971c790e9a8aec0ce63dd7dac52f4316629dd55118dd3788bbe6df0

SHA512
6b879a04d3763fcc3b2e81da04128095939d2909da828a904b86f243f8a9a5eb174b9af5624aa8b9ecd7db587e6ff652634bc5af9e807c93e533a109ff1ceb3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58245c.TMP

Filesize
873B

MD5
bf06d5561743257770693679e181647f

SHA1
6aa9929663a2d335251f5d454dcc741fdcd56088

SHA256
0b815a98eb774ec6c872291e08d3a6750a150ee169f5401acb1705bc65aa8d93

SHA512
eb8f16af3364a0cf3f44d2c81a1f14734c7823b4a1eb1f247e2eee7ea8c1b7056745ffbb98fd208206a9d1f05bf441ef3a4e3ee38685ae19b611f44f502a730b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cc0ae0eb-ec4f-4e6b-a843-1f0142601f98.tmp

Filesize
5KB

MD5
69b0139326273ac669586cb29b36042a

SHA1
eda99511c4075cbbbcb408585fd9810ea826cf48

SHA256
4a02e4ad3dcced8fb02112e73c6f226383febff5d1678da14ac30846d9dcce86

SHA512
24d043c4f61f8e4237b52d3ef1cf510828a98f6e0dbfe1dc7c5de1c80d756df74bd1650b2d7bb125b43dfe97e97cc67ddc5d2c8e4fd43a139b770cd1a0b8e44a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
02e9c770ad1c20de6dba4b53fc211d63

SHA1
8cd0c2c5e75a1bd94f51ddd2d2ffaa628230e546

SHA256
73dbd62495faf979018b7b3d3ac156129dc93b979691e118ca0649000dadc944

SHA512
1d5c33643364bfb3fc036e08aef6a50d96f7857af4dc40c2d2e3752f3390339923a287d81569fd1a6cc728666c7a7d6a12a355495fef5dfb7c845436aac0b89b

Download Submit