28c6236eedebc038483c3ff3956e9b8fcc787ea83938d3811741de5a90f569a1

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
12/09/2024, 20:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dcfd799e574149eaa3e5decb31124c12_JaffaCakes118.html
Size

36KB
MD5

dcfd799e574149eaa3e5decb31124c12
SHA1

58c83c8c00e3c3f6c4f2d1d8533d70d3b7e43d66
SHA256

28c6236eedebc038483c3ff3956e9b8fcc787ea83938d3811741de5a90f569a1
SHA512

63cb43f8aa075fc0aeb34d632f0935f6fbc9ee64c80036877dd6f76a55f4879a26e4cbd1279ddfcf45ab1758a9c2cab03cfca53371ac9d19859c9d6761e692a2
SSDEEP

768:iq08fQO8s4hKJ8HO3qJT4WyAJ96NlMIpSaS6cgRr1I5p4tB2SwqY:v08b8VkeO3qJTdyAJ96DMsSaS6cgRr1y

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1880	msedge.exe
1880	msedge.exe
3664	msedge.exe
3664	msedge.exe
3720	identity_helper.exe
3720	identity_helper.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3664 wrote to memory of 4556	3664	msedge.exe	83
PID 3664 wrote to memory of 4556	3664	msedge.exe	83
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 3464	3664	msedge.exe	84
PID 3664 wrote to memory of 1880	3664	msedge.exe	85
PID 3664 wrote to memory of 1880	3664	msedge.exe	85
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86
PID 3664 wrote to memory of 1988	3664	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\dcfd799e574149eaa3e5decb31124c12_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb02cf46f8,0x7ffb02cf4708,0x7ffb02cf4718
  2⤵
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
  2⤵
  PID:1988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:1980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:1372
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 /prefetch:8
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
  2⤵
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:4668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:1632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4000 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17335934018891296345,194042774092060935,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1
  2⤵
  PID:1696

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1924

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3988

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
53bc70ecb115bdbabe67620c416fe9b3

SHA1
af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

SHA256
b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

SHA512
cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e765f3d75e6b0e4a7119c8b14d47d8da

SHA1
cc9f7c7826c2e1a129e7d98884926076c3714fc0

SHA256
986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

SHA512
a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
71KB

MD5
da52e38c98b0f2047abeb07609608ab5

SHA1
da1210caff36df73e49a0c271ff7d573c2d20d02

SHA256
726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

SHA512
35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
61KB

MD5
468446a7240461af44b59ebb2047c231

SHA1
47b7c525dc91bece99df0c414960b9490b986ba8

SHA256
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

SHA512
ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
23KB

MD5
d0007015af7e55b5874b6f7711e9ab67

SHA1
fd514e45401ab3c27d2fded42f34024260086150

SHA256
95c98d45b7481d60c8078e04973ca86a67833927fac958ed6d8c28593454aef3

SHA512
375ea404a1c847f5b5e10803277d6a54fcf22ffdde3f41a06efbf4732858d749488b7ac67ffd9461a3d0b7bfd8f18ad465946cd4123c54383a410db6e699a6df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
56KB

MD5
1affe2accd04b9ca38eaec2c1a4962ba

SHA1
2d019f5944691fd31d407338eb124ca54beb4686

SHA256
52cff69204aba9de35b3e7eadc3bdc3caca4017eeb9b71ace20488ba6d8752d6

SHA512
93061407f3778fd9eacfefdfb6291b8544630aeb09fbcedec333a039eda460877523370f4154b6c91a5cfd97d6096727e0be3ae9e04c582dbf9095674d161859

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
25KB

MD5
17367ea6325a5a15faae5c8f9d8b7224

SHA1
031e655d044e9d916239be00432e3b157b3aea29

SHA256
74a923446fe9e6acb99436c0f82717fc22f4d5cf8cf01f1e16106ffdca00d87d

SHA512
04a237bd938be9ac673e94db99ed86d96aac2119c92ad00de111034291758a0666a48bdd82ab189c09500304ee6d9440af80ab95b074fd8c462a3d398b32b47c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
21KB

MD5
41bb2fd90cb21915da7236f9af78aa03

SHA1
a97013a2eb60a7c79150cf1d68c061d9c5082880

SHA256
1e8e7fb8415e0689d397d738bc41430ae17c485a3cd3ca4dbd7d75ff29ae8839

SHA512
1fb559705840ae62b2e07711877f342f5dd967ae50ce93226aa89b5e9ba38a95699b1f45ec6b7fb40d475b2485031698a469262084ccd5c78d31d0cb4ff6044f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
23KB

MD5
4710e00ae1be3e14c11ad4008667cf29

SHA1
bc6a3b450a0a26448cc4b5435c6bb36dac77e358

SHA256
29652b5b4e44064d1f14d3b415e5ef5fb464c4c2cbb5bcf03d52733b832150de

SHA512
507777a958f86d9aea8efbf822b3cd8b29e7efe13c38d7b1fa40f181769430b9befb7f808a68ce1e94204be15c5d1705196d7ae7745b72823fd0aac0f5fe4517

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
26KB

MD5
f4ff2c6a4a593b514f757d94bcf32656

SHA1
506670086160fe19b2094fdb171b21bd8dcc010e

SHA256
173d68f6df39ac3d8873b556e049d0eff50b70915970f271baac884dae26960f

SHA512
46b3caa5e3dbac38461b5ca180c6753837ff4d737834a5ed7fd656cdf5e38932ffffdaaf343a15bc3ff9205154242379f71a9f8e348a0f28b83b49f8126417f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
26KB

MD5
e3a01a8a296d0b3208335f60668a9010

SHA1
1b9a5d65041f5fb2aa8ab0f561e6aefbebb5466a

SHA256
9568899ff75cf2eaf41b8b1ecaa2c7518896b46bb7cef448e56cc389f7bb8665

SHA512
748ee305d121bc6b6428bd9de92cafef6b7d9a0239228e3fbdf95491c8655af81752a7ede5433a0498e451f5a221ce89455e5f754b2e5075f16786e9bb643493

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
26KB

MD5
65f7ea92e6dbb211fce70123c3ae4892

SHA1
c4b4ae10ccd4f9a0495ef56a2a92b93a18dd6e44

SHA256
208da1e77fdb8513086947b4981a5e887b97d03ff841349f14c0aadc02e78409

SHA512
655e5aa915e58a3772c48ce16cd243a446855c99faf129b41e31b0d1474e278589bcaee96f4e1780e21658a308e9af5baa435ef64d59048352c505ec6889f2b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
27KB

MD5
4fb85a9315d30790d19427bd7f4956fe

SHA1
3e100547de879c5d10f097dde2a41c7a1fde6911

SHA256
c08c7c3d15275c55e08a16957033dc20aa8ad43878e31a6502f494a0fd0e2583

SHA512
4b7322624c8ca4cac7728cdc5c8fb13128fbbff46921129a7316f37784e0d14b12b9b1576a5c70cad58a56b8171d1845c3f82725459da16f6b5fbbc02d28abba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
d4e792c858f668d0ecd63f2143290bbf

SHA1
ce55644ff9a351ac414000cdea0804eb9f73cb2c

SHA256
0146bbcb9d7db05e9d97a975c52761ef00533c0a454949107eaeb0619f9e6bd6

SHA512
c1762bb007484cd74ba79bf30daf4848390bbf217e11ed042bb842693fea35693112e2927f6be609f55d2f2be818c95b5b68f8776ddbaa7a90ee22ec0df61c96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
16e9a31081f5edea9b234e1ded8a257e

SHA1
711af6d8dd01b34bafc3a28e4248aabb4ce9df11

SHA256
f833bf79b673a9c2559f92300d969e5e3395889b42114b04e8b2894b22653a6f

SHA512
2e8163aeda831203dbf3a5fc21adbc77af61b58d257781e15178c15d3838f99b737f69dfa73d027acfb25aec7654b5f2fe97cfb0e7e623812b3153bb35809017

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
389cb5fe96e97551b0847bc70af92eb7

SHA1
4aae7b2044220aa816740d575c2cfe572de526c5

SHA256
3ff771d183d11112dbc33f04d06c8359b4af675c05487b380999b14c468bc282

SHA512
c2bde191a8c4092b33b19a90a23c73fa84da25b17ea28ec44eebf96905b456fb1b1c190ccb5a66c67438efb2352442e689dfe413d01c4c48178f5fa73c992794

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
d40c6a9a611751e3e0de8ce43d0d2050

SHA1
8c744948989bfa81d9ad7af92dee1aac7c8a041f

SHA256
816744fc3ead28fba4a0f582ce75d3a947d2c31593253754b2fe70d4cd24bb97

SHA512
38ac3f8095723f05856b67b399634f241baa368066314649f065364ce3d21a99d292c0f765434eec7fa4513c3b93574b553998ae3be8357698cff27275ab85b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
6930537bac04b14f77ae807ad6077225

SHA1
f40c7ab1520350c3e5a8a13b4fb29b62fd1746aa

SHA256
0ffbf61af8f7c2a331533fe304b0fd0badcfb553dcc60eae0900c63d6015e7aa

SHA512
3d248ad77a8f48a2abedc9521abd082000caec1c2559698015161aed6d879febc75b9862ef6d5d1aefc0103c0d161d38fc419479c0c8060cf6ed37b47431f3c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
33425c7503d90411108eb05509c1e818

SHA1
732312b4ee537382d722f85e05ecd2f6642a1e88

SHA256
48ff2588811b23202537774836281912dcb1c681a32ba9070983b471d4266cd8

SHA512
de93b58732ca9b694e2146f3c7a3bcfcad439caa006058a373684069873d2bb2623dc54f530965d9c58f0c9657088ebf6134e9fe355fafeb8badd62c7ca50c0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
d2436519b9b96073b7ea2faf4b060845

SHA1
d7c03833113f0e9aaf0db348a6f227d3c8b6568b

SHA256
ab5fa8075a5284bfe74de36a47472785d9854a0f14a44badee1a82881c7f9596

SHA512
c8c21e97d0fd3762289751df2b957cca31d5c44aa7e2059c3e55cd05f6e34f6559f581b9fb4327480e0b4d701c0e35dca6be29a3b361addcfa7d05a91fe95e45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6284ba0a7b88f52438d03ca12bf505bd

SHA1
7517fb245f205d6c59a5e23e3ce3445630fd0629

SHA256
532b6530af5d0139cbfae3f0e489753325d66f14ca8b0a20e3cbc9bb6f6b250f

SHA512
497f412881016affea3b1936dc8f14f463f9f2bcfbd7645cf26dde314cf5b2ab111a41f06b0c7c009e1dd59ebc878ae74b3d10c0e8c715ce17b30343541f641b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ee93e54a44b955e025c363d9cc6cbbdc

SHA1
b0aa8045dc3f8b3ab3565c7555a613ff8f19be70

SHA256
c4d7a587384458c8a66f440a3ca637b24dbed0d37dd276facab10725f5492054

SHA512
2442a531478a63c8a712953b826f61ed180a37b4e15e2e8e7a561f6c5a375c707ba0771cf8df03847c89f22bd368a15585f7f4d63849aa0f90f317863d1f906d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8caecb3b059646f843cc2abc21b269ea

SHA1
c287775da7ad509f39fcdbb6fb9341f8c10f519a

SHA256
231b4cd2dde215331dc01eb9b22b14ad20fb9c74547d9773ac10c38d8ca7805d

SHA512
163ece7345369bfb48f9876c6ba62ac39482ebd23c727a0ca36f3414a798306493df16add83db1b8179c853df28a00eb46de6cb728c6eaf6d12fe06a35a32add

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0b08d4e6b8b5c85c84db3dc6cf639307

SHA1
89b3107d02cbb476bc94abeda10ce36e46aa8533

SHA256
6af2d615dd21fc8593134e8cc9c699cec695b3a8c422a3c8b764d6dc628537ce

SHA512
9c7cefc9a6fce10ecc1b879506d04b4f2dc0276452128ff4b50e8ba25b3ad95decef435fd7890529a1d7053b6d5c5d7562c890b7424d54ada73d57709cc12657

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
33a50177b9c772159eb920082feee6c2

SHA1
e987070ae2ea8d8f0da994e0880a4df4d588bff4

SHA256
807fd85279bae217b2c2c48f69b2dd15dec50c8df91b554c3716593edbe85959

SHA512
e81396c152f89befbfa68cff1df2200d950321bd760810d14abf43825c10363af94f4d83613a77704823a9e2dfae6d8a29ba5ecb804d08635411e67e817795b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
97c5946bfffccb3e3f11c20011abc589

SHA1
961bc442bf0e6e7bb5f05ab1ce80bdeea0191b7f

SHA256
570526ce04c2bf847efc363c6dab7558e8e559ea7755256c2827e6f00706d829

SHA512
924770fd517ae45f8ebe353890494691e770d4d998f21d4c0333ce8d36c67c7fa0e027ccf6854de4dedc5cce99905a932f428edeb06a2a8f4f346da3a117d7f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
9365b0e06e7827d90a0e3a026fa51836

SHA1
1c99d2e23bc69c3c120f8ac7d0f535ad901b4bb7

SHA256
440898c68848f82f016bacd1e0185160166f5ed6f5534fae65e2693bf21790c2

SHA512
9ae8cec6f71755bcd765966a2dc82a3cdd028fdaffe5a66f5988b2a618e70c5272c0a360d49393f7249ffa0f6ad83849bcdd08e42ea549ff9d50142542450ef2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
4d2b861247c9e0844eb4376d215a2b7b

SHA1
d00c39c38997aa0a20891de65cee528ba2a9ec1f

SHA256
446f9d6c1ca14e7d413d36bb2448c1df32f09c0ab0cd40837fd71dae69b46567

SHA512
afdaed05b096cee1eb55930fe931b684fb34d52042848b2fff411ed1fd273e6baf74ec09f466c89fe37b47974fa47a162f41a47a8d75f2132aa945f29b3036b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
6028f39f662047d788f603fc25b07e6a

SHA1
51a959c42a39c90c76aa3b6858c868dee3f6806c

SHA256
2c1e79b740de7ee4f2a5d7d37e3ae90c2a63f4ebb2163482e18b94bb1ea1776b

SHA512
1afd182e28e2a019b9a70b4041cd21400f065f812449840fac81c2676f1474321920ff369d3513e40b47428697ba935ae8df6009dc71a70b96232c8316b9f971

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
c8473a02d550431aabff846161372e2d

SHA1
3139152df0be3d7599f1f993ef4787e5a288fd29

SHA256
29c3b3cfce139f6000d0472912c44856b201bd1f4cc3890662a4922b9af058d6

SHA512
d261a2f20e2455f279f22f387061334d440be52667c6c3823d01d3f3aad65937c5cc4bcb6213e48312b7f94727833986d66b72bf9b420eda72bfcf3c42d9a619

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5823cf.TMP

Filesize
371B

MD5
4cd4827b09f793f09d95bbd84d43f903

SHA1
52272b8a23740a3c73de15ac81d6c61863087ee5

SHA256
a3d1d7260e37a9265be8c0ff1c9c7cc652166c99e2580eb49add81c57fb9f6f2

SHA512
85b1a2d2db6b2c64f913f1e217e1a74255e6322b44266ae48c26ed9231ea5c0294c668cff1421f7f864c1f39b37813faffa5726d6c42f5a6a90d4f15d860b061

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
02eaac18402842fd921c396533dd4354

SHA1
46d5aff1b17b9cca191560fe9ac529558b4041fe

SHA256
5bd09cf930443f2cf8cd46698d8326edfc0cac77eff9b2b4f64daaf9726548f9

SHA512
f49a2cd032b9333c79b767d0c547264eeafe04e5a7b88d1625186d7532d0db50932aace92b011c438006ba4d93fb06ede4b7c6336cf312ce48f14cbb152f0ce3

Download Submit