d13977ee95fd209625e8080c7dffc2af780678e3cb4ed451f9efec67946478c5

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
14/09/2024, 10:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e0004deabdbdaf9b95f9d941e0666789_JaffaCakes118.html
Size

72KB
MD5

e0004deabdbdaf9b95f9d941e0666789
SHA1

bcbb2f00a3aa4d4f1f066db1b94f48601a3f079e
SHA256

d13977ee95fd209625e8080c7dffc2af780678e3cb4ed451f9efec67946478c5
SHA512

c8261b58e011698d898ea08bbe76c9523e1c5653f55812517fc8d26816a6939a7cceb4e17623132bba91a034467961f31d8b1c5758bc999a4fa8b23d7fa0e7f9
SSDEEP

1536:w6OLgRquO21QUQQyh2YWqtmpc9Jop7lHOBtXgA:w6OURdOcQUQQyh2YWqtmpc9Jop7lHOBD

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5036	msedge.exe
5036	msedge.exe
2244	msedge.exe
2244	msedge.exe
1660	identity_helper.exe
1660	identity_helper.exe
4424	msedge.exe
4424	msedge.exe
4424	msedge.exe
4424	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2244 wrote to memory of 1376	2244	msedge.exe	83
PID 2244 wrote to memory of 1376	2244	msedge.exe	83
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 1228	2244	msedge.exe	84
PID 2244 wrote to memory of 5036	2244	msedge.exe	85
PID 2244 wrote to memory of 5036	2244	msedge.exe	85
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86
PID 2244 wrote to memory of 4704	2244	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\e0004deabdbdaf9b95f9d941e0666789_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa928946f8,0x7ffa92894708,0x7ffa92894718
  2⤵
  PID:1376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:1228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2444 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
  2⤵
  PID:4704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:2256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4656 /prefetch:1
  2⤵
  PID:1392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:3036
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7020 /prefetch:8
  2⤵
  PID:2528
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7020 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:1
  2⤵
  PID:2588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6204 /prefetch:1
  2⤵
  PID:2648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6628 /prefetch:1
  2⤵
  PID:3412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,1379908987305303927,15895229466847793609,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6000 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4424

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1284

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4276

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9e3fc58a8fb86c93d19e1500b873ef6f

SHA1
c6aae5f4e26f5570db5e14bba8d5061867a33b56

SHA256
828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4

SHA512
e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27304926d60324abe74d7a4b571c35ea

SHA1
78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1

SHA256
7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de

SHA512
f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
23KB

MD5
a0423f1305547bb6b8f5a4fb1a9fc2d8

SHA1
092dcf1fe57e6bb53821eb754e04188ee70602d5

SHA256
6add651cb411ed9ce9a17883c1522920a6ee3b4eb676f5b411e72d1a5e7de6e8

SHA512
b8487c60b40d332e562cc5d4fc7c515e3b3c2c82311700b788905754c1376ce6f0da650583545a4691d51f04ec5da0c0204997214d167c85b788d4c85236c4c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
fcf5dba6b0afc33d43f2a0faccf11fd7

SHA1
cc2480b6fcc322b1ef2f060a5bc561d8ce57ae85

SHA256
b8c8b47309349e333c6100a6d267940f059606c8e67ace23f5bfa64d13f46827

SHA512
92937919f6733774c5f91bd353f99026169d6cb5cd4652753a956b0f6c9e0729c21599bbd0444296fc0204e298477b4ddd589ad98b553762fbf419765129e78d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
8c79a137bbe5ce31a524c42453d643a9

SHA1
7b8b83d1280012014d5f91839b076106bcce1648

SHA256
7bdf9daccf5a935a2cb20389b78f79ee2205f8216a176c45beeadb9060bcefbc

SHA512
1eb0ccfbec2d01757571cc489b3442b8a9e4af679aac1283988496a4c7e6b7477c7c56300a3c53ff565d3af3111088f3eb2342140a642060d70612151322295c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
eb02e6ba95a172d6cd609b94c0314f2b

SHA1
5065963254fd47faaa3b29cdb016b94602feb918

SHA256
9f5ea55df47a62bae367e81087f906d7153daba367f0d3a566fbc114f856885e

SHA512
75263940b3d4eaf07976d43fb7ced43b9e1990a4862a979c22d55c93765f27042d2ecf8822df2925fe97d3e4c25524548157b9bc03faf878f6aa2d5f03088122

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
759fc75c7bd389b3cb1ead92305a08e3

SHA1
764fba1cb475d7d373779d614c1410778cf16a0f

SHA256
610a400773fc3ab820156ef6219e5d702b190c79ed48f751669629a5eb9ff5cd

SHA512
d8f7eb1a1dffacd0a0da3592ab488829dc5f771945cf01410afe72318d0887cddd41e6ef30958e42c42174baa4b8774ca30756216471555eb5f6662612320155

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
7ca34ceb09f5e10fc3a049ba0cdfad69

SHA1
8c30ee1ab26b2e3d01ae71e05c2767af631bf478

SHA256
cad5e28285afafc2599433129799b05da4520a097ae14210ec767b084d760158

SHA512
f58012f5c42ced8d57d92e77182bac979c0d3e84b0ee5386dafa7333644e745fced67bc1ba8505a363ab4a8a7f6f9a96bf88108e2bf39959f265e3a95c152730

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ec624a18af257ab03115ca56f151f73c

SHA1
8cb7be8c92d2784b8929142fa59714dec54b26b0

SHA256
34b084c956a5924db3d7992abfdc6efb2ad2e541850d2c0b7edff6fa83c618cf

SHA512
a265f4e7aa6a15b7914c1543e333adcdedbda863ac608917454748c6222f3c4cb0c4b97a7a8b37debb6bbfb57238f78dc234dcc8cbd4e1232d05313343eccc20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3a1b5e0b4fa4040175758b939f44f1ab

SHA1
b49578b8e96de862e8ef931b21724bef79581d04

SHA256
5d4a74e99bb0a898420ebf4b4e79e5eed88310d1ab19431a02210283577079a6

SHA512
b5b08b928dd21e5beebf60b6246ea05dcc04f2b8f2e2c2babd54256d6c5e8b98aa17ee6c9f0f4434613c616c3f7f37ed35be46f57a16d5b4c537b97c872a328a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b85cf29d9e86c94fee1f65f1c3fb24d6

SHA1
ce8457ac833e4157be27d71e74df1e1f172d4208

SHA256
0441d8cb77d3c6706bb540fdd28fe38a81415368124f7f9e94b091d12814e26e

SHA512
fa6bc89521c1b99613d6e9e731b5f04e40d8605ffb6eaf5f021f9e7aa6787ad6233590f5f4b8bbc5dad691bab2148a267ae7fb6ccb996d596f4c5d8d769213e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
330f08a7c39342ebc15c2856be7efaba

SHA1
2197a687463bbfc7fe6866b69273c1ad22e4abc4

SHA256
547518b38da6a37c8c7d1731d669a009f309cc5eb71cc2a79173d34f2c47392a

SHA512
b58e3113057586e043d71e94d0566270339d524b2e2d410e82cf479395a4a634d83a65e4e7afc7d53ab057737d1dfe919c0c177e2aee8f531d2305a3229dbd4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
ab4c6bce639e70c9c79f3d5e8a5937f7

SHA1
bc94a23db68261dc57888f17c177cdc4d46b6078

SHA256
b3dc7be5c05170dd9f7bc2cab4a38706b908c93db7c1cc6cc78efcc07a9cecaa

SHA512
a61d715bb5ffcb9d300fed003a4ea349bba9031ee87bc19d8b2f6899917d5aaf80ddca15f0de0e85e6cfcdef159fe6ec35565f3484334547375ea104998af8f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5805d7.TMP

Filesize
203B

MD5
5674cf48040f3b68e939301d8eb46a17

SHA1
693da62991e62e82bc8783a3e2097c374e7f4a0a

SHA256
e3af79bd0040a9489b3cdf56abeb4b51d8581e1df90ed62a67cb922790cc602f

SHA512
617ac8e930c423f747f704418f3b70eb4be153be86ecbcc7c25a436fe0b8b8e86fc4afb550e5465bf2c1abfc3eb9df4ff39d5423054590fe9c8e05cf2eaa5e2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
8fbbdae476542fcddf90578b4505d2a4

SHA1
6f7aed63456c77c2800943814bf9297188672dc5

SHA256
6b5c9466f2f8881752decc348fc3e16cfbe847b2cd8ef38fb7470637729a068a

SHA512
ec0c8028e5d626b1ce451ee5f8dca7374b6c8aac13bd19d3e37f1b030496d54c0b9e996793baa860f311b0678ec641652b18a6ad51c8a8fa5b82debd5d5b6cc3

Download Submit