ccfb6405885677d03aa2418a6c85e0095c89777ab08a2dee3c8cf63ba3db131f

Analysis

max time kernel
145s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-09-2024 06:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eac2827e0bb4024de58294d84b77f363_JaffaCakes118.html
Size

37KB
MD5

eac2827e0bb4024de58294d84b77f363
SHA1

f516ee03c80498ebea66f5516e6089f256b3ad83
SHA256

ccfb6405885677d03aa2418a6c85e0095c89777ab08a2dee3c8cf63ba3db131f
SHA512

b98ebfa1b08b1abcf7fa32e72e2a52612106826bff1cd1fd5fb22fa77fbef9bb811b3b0cc5c96b32beacec7dce15d2a9316b587ac26f8c514bc41562dfc1edd1
SSDEEP

768:4pKtNP3FcnOBvue54z3Is9xdlULXnlTZvJhRsgiY:OSPH5Y3Is9xfU/Jh/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4428	msedge.exe
4428	msedge.exe
4244	msedge.exe
4244	msedge.exe
3688	identity_helper.exe
3688	identity_helper.exe
716	msedge.exe
716	msedge.exe
716	msedge.exe
716	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe
4244	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4244 wrote to memory of 4204	4244	msedge.exe	82
PID 4244 wrote to memory of 4204	4244	msedge.exe	82
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 2444	4244	msedge.exe	83
PID 4244 wrote to memory of 4428	4244	msedge.exe	84
PID 4244 wrote to memory of 4428	4244	msedge.exe	84
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85
PID 4244 wrote to memory of 1492	4244	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\eac2827e0bb4024de58294d84b77f363_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff07c146f8,0x7fff07c14708,0x7fff07c14718
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2192 /prefetch:2
  2⤵
  PID:2444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2496 /prefetch:8
  2⤵
  PID:1492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:1076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:3068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:4780
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5968 /prefetch:8
  2⤵
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5968 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
  2⤵
  PID:4300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:4332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:1000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,16574607067351407553,2357806393197205781,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4940 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:716

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3132

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:312

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9b008261dda31857d68792b46af6dd6d

SHA1
e82dc88e2d1da2df7cb19d79a0346b9bb90d52b3

SHA256
9ac598d4f8170f7e475d84103aead9e3c23d5f2d292741a7f56a17bde8b6f7da

SHA512
78853091403a06beeec4998e2e3a4342111895ffd485f7f7cd367741a4883f7a25864cba00a6c86f27dc0c9ce9d04f08011ecc40c8ae9383d33274739ac39f10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0446fcdd21b016db1f468971fb82a488

SHA1
726b91562bb75f80981f381e3c69d7d832c87c9d

SHA256
62c5dc18b25e758f3508582a7c58bb46b734a774d97fc0e8a20614235caa8222

SHA512
1df7c085042266959f1fe0aedc5f6d40ceba485b54159f51f0c38f17bb250b79ea941b735e1b6faf219f23fe8ab65ac4557f545519d52d5416b89ad0f9047a31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
23KB

MD5
c897f8479da25ec570027594f1b4db24

SHA1
81a3ff06cf35a87e697fc4733966dffc270ad06b

SHA256
7fd05e325904c9c31e435d5c65b9b4ffa11a9116d1df0282d6cd7c87ef6f1dbc

SHA512
b1c1c46810c3bc5c407f7d30a9d74db8242860965d958ffc5bfeed35b1204774843775ae81b8c414ea89322d00d7ab97313965e20cebba588edf13b9b8dcbc10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
45KB

MD5
ede70f717200a59b4cb831635de913a1

SHA1
d4d6e893ac192b5df087e924ab3356852f8a7bc0

SHA256
c63fbcc69de230e4844cf735ccf668eeaf30e42126eeb464da39c2de6b0b0051

SHA512
b621bde28b90ba97c122677989d994cb5e88fd0906366af1a23ad3f9d9f3b7f2bbef95873f29100433d4068fbbf7ab798505e68deefc118097fc5f76dfc4b672

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
9c10559720f57d3b1badb6bda281184e

SHA1
d6dc947b2bf649e559096b10a32a4e19c1e97215

SHA256
6c54532415667ea2dab2607bd9c851aeda71ff015c7dfa8f962685d618a1bc9e

SHA512
d4e743243776f58677f942f202b290b8e39ac02c80c3cf96214dc9e2199fc44092bbd23faf4429f5370e908ddeb47fe48b67ad73ad7cb79908fb4832867b7100

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1019B

MD5
a6ec129ce5203b88f1328dfca0435b20

SHA1
551902e37d6dcfe4f398494d947c04567fc0c7e3

SHA256
6d7e30c8825b6de920144bb71193011b200eed0375c9d6d8c9a49e6b4208145d

SHA512
747a10de9a1621b07fc4cbf49e3a81303d7af48cf2f5c9337b6bc77dbb58a09db767f9312a17ea9bde77b59cb7d3cee2e4e42b6ccf3b17094fa66cffd71f4b7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1019B

MD5
69ba5ff34d6746de93a54fe94c5dead4

SHA1
7d64d7d712987cf313f56d1030a369d6fe36669b

SHA256
e45ee32b15cef9ac294055ce7af168059d8e56f3a1c2028303efa38266637262

SHA512
f6d71d3326b31404e29da1ad187bd7908c30fb90e09c23eb00cf4a5a0d1dae98fef9008162d31b3c84f0af144de27c03a2ffc696e21ff8f6bde38dc8fb4b3641

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d83965113d0516fea669a6a5332d237f

SHA1
79c4a315d20a7fcd71992f17673756f5c302cf61

SHA256
98a714046aa571eac7238d53f304e51bcba7f7a36e0bcb9dd437c2436425e00d

SHA512
43740ce2122bf9c332bc3026a3c214824612aadd6fef7af3acd4a981b3b4bd53d0c035b5b82b003f7a7a8789f53dbdff0b8007d7e7a6b6890bc6b790d6fec047

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e5b8a19f4c97e8857b2e9e6a956c5de1

SHA1
ecf3705db1c3ee4a68a4c81c79d797ad8d3451ba

SHA256
848587fc12748c4416e79de2134abfaf18bbeea96d4d847439f5ce74dcb5b470

SHA512
daed180c86ada1f882966ab686f07bba8d7ebc8e142f0dbf2de1f17263a99419f02a7c99a2ac3f6c3243136a25ce9859b17d58ee9a56cc073b37c9566413e3e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e00d060a93ee93a8e0197168b4efb070

SHA1
9203b2af142520d63ed61ebd4c2ad77a04555047

SHA256
a5c00f3f27db05ff75f572597a11fc5cb5f0e27aa443347c0b2d83b9c0ea6682

SHA512
1c797c66ec90039fbb86911e8e4af5ce4898302095c639a88670c9d2c12eac4d35e20d51289f8e23c02f91674931a4e08a92c56b859918ea5206bf6cc2a451c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
acd27ea27c704c5d7d223735094259c3

SHA1
5a163ec0765c5e0f1f0d42c6f7af93e151ed76fb

SHA256
d90828013e063e54d51cf83c474d7389b68c3895e1447c199a92805cee7b1f45

SHA512
971b8d6e8901d8cc99693c3c65941ad4c81845511d7cc20a0313c52d4e82a0d0459d0d019a2d748e0236d4de6f0c0fdd6c234bfa3642c98ae7d9530eebb833da

Download Submit