6fe23d2f77aedf363927046f9d91ac7a01aa1cb478e389341d3cb3cc3de1c935

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240910-en
resource tags

arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
submitted
21/09/2024, 18:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f06ae50dbd0f7765af1d501cfa959f22_JaffaCakes118.html
Size

17KB
MD5

f06ae50dbd0f7765af1d501cfa959f22
SHA1

a66b8082ba24bd408682ad559d3b0a97f00cec40
SHA256

6fe23d2f77aedf363927046f9d91ac7a01aa1cb478e389341d3cb3cc3de1c935
SHA512

b9acbb2b2689128c0c06d34518a780e33dda73bdd23deb63ce176cefab010a11161bbc737a5a24d9c3da20b298b52a0c7dd994dd87bf04a570762ab59e29e324
SSDEEP

384:Rf7R7sHbGDYwWNQmss/VwRgpxVwVCkVyEV3VzVfVy8V+oE2Vy77+IWZnORCcUaj9:RDlAZs6zHuPrFhtlVfEse+I9dgO

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4792	msedge.exe
4792	msedge.exe
748	msedge.exe
748	msedge.exe
3000	identity_helper.exe
3000	identity_helper.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe
748	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 748 wrote to memory of 4164	748	msedge.exe	86
PID 748 wrote to memory of 4164	748	msedge.exe	86
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4884	748	msedge.exe	87
PID 748 wrote to memory of 4792	748	msedge.exe	88
PID 748 wrote to memory of 4792	748	msedge.exe	88
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89
PID 748 wrote to memory of 3956	748	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\f06ae50dbd0f7765af1d501cfa959f22_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff90be046f8,0x7ff90be04708,0x7ff90be04718
  2⤵
  PID:4164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2040 /prefetch:2
  2⤵
  PID:4884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2652 /prefetch:8
  2⤵
  PID:3956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3080 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3104 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
  2⤵
  PID:408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 /prefetch:8
  2⤵
  PID:2340
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,6155401359519913831,5371350091296833461,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1888

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:700

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2780

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
db1ed3bbcaa8e96c29a0b57e72bf0319

SHA1
9bc11860837a2bcdd048613ba8dd76d6d77d32d9

SHA256
7c7db5dde536599fd7ffd4dee8e03ca0f6680e662022869057b09a4635b9b87c

SHA512
eb7375877e9b51ebcf8cfc62cf822fdce3fdce837fbbd00d4d54c52c4f67bd82408e4809e1c92f32e9f3edc9e6726910f752fbeaf14704745688b0239405e6c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b4b5eaf7edd9d5391ddfdb694e0cd888

SHA1
d1f92fbd238c4d5fb6861a83153893568d514586

SHA256
1d5fc1e6da67b60df30ee83dd11359ec3dbe0c4bdddff2f2f862fa9c4619d903

SHA512
1b62d5740572b1c17dadcb83d9e0017d6a8ff94cc64bc024cc47fa92a8180f7c2d18bef79ddf5cac8a9a97ecefd8461b06665e522acb0c5857dac1a2838fc048

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
23KB

MD5
2f24e0f5d2c2997a89fb4a8d943c141f

SHA1
99515bde1a5bf72105116ac902ccf3db1dd3df29

SHA256
60c9ecaf27ba56d7c35aa78c329aa7dfa586e6c71ed3cdd0019ba7e767b18aaf

SHA512
0f4c5508dfdcf0ef63141df8d29c76e219d2ec433d59d37d7f17e110b455f24235fd0bc4f539ad5adc368285536d73f57dc4e21e3201dfd5753e76789208989d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
a6fe8662a3758148dcd97ee98707ff78

SHA1
c773afc3bac648afce4c9ce207d903e7752f6e40

SHA256
50c1eefd466d5678fdf6d641609643d812099aad4456995f0a1a4e190641148f

SHA512
fdb872cf88366bc64601e609b1cd8b5c2236c0af1e6d45e5b31b48c09cec9eb50d3ecb24c9d05990caa964a8206abc7aac0a517ea6e0cf785d1dd2164f89ff90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
29767822f80057540e5fbfdc1dcaf061

SHA1
eedaae1d38afee7e12336e43df3eed661fcef860

SHA256
f9b5a0ab8c124a89b904efcf02cdefb8aae3f1ad4e1b5be6e85d635c97754dd8

SHA512
05acb2959190a1fe9b18992aa9c31502d92df311d3abcc8072dd3cc32c6fdd123e338a491bf5781fcff73a3992500b055c12793e780ec4f0ba89d2c5fe490fbf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
c39b7f9ecad5223d95190f5d6c67d81c

SHA1
aa537f61b75f3683a00fa5424914eb8b6b3b4897

SHA256
16cf3475cef5499dc213a6fec522cf3649953cdc22e27bab7f5feaaa3a0fb7f4

SHA512
ae8b6e9f31ed008a34a9edf7c37e6800b04b8d949e058da0a4d9b5413d7f46aca0e3765d1ec1df480c5ae24d138ae7f85b48d0b33d33aac8b02cf9a5f4b17bf8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dd889b707be51cba09d1800ae50c13c5

SHA1
721e1324109f1f7b1295cef0a897dbcde9bc190c

SHA256
fbc72a6cdaa8d1e8905b2def34d63f96f56041796965ed45e595823c98657335

SHA512
c5088ca25b8c7ef385cf8e9ba4aa8c99a5ec8b7b3cc70648ddfb2f7f4e6c1e347586ffd6c897beb97ba2aa20b15de3bedd77cc6e7ff86777e152d81b45e01ebb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
667163a51c015838ea77383efc534154

SHA1
3987ec20e3a755e6850bc3bf7c0fac866102b884

SHA256
c64d3200c8caab57db43c54d1f57d68e91ae23e78dc40d650d9f94b2e8a83e5a

SHA512
4ad632b5ed4a2201e4bc3b4df4bc67abedd4148d6bbd930b5a6f0ae90d1e787feb44033346d54e470f954007ad6a4a4ac8825121528a08a721e2650da5c85266

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
941ea4c983b3cf877ce6e1aab38f2794

SHA1
c4fcce581d0660a0c96d0579aedb528a8168233c

SHA256
3d4479f291d239eec609801437c1962e41e19c53a3eadd2f95342167fa7ad342

SHA512
f47836cc619ea50f24d3804a697bb562781e812a65285959d7dbce53db8945cbbab2f9b8290ba2bd9925f620858918ddc676c082cdadae8444a9751d642a381b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
acc2b9e7ed5ff798722d94669065719f

SHA1
d92bb1f05f4dc3810dd90032eb61c2c9f06cbfac

SHA256
c3c4861c06336967d00f61985b1f23f6267d11f919ffd630cb25c4fb8b65bb90

SHA512
fde23978dbc636da7652fa13373e8c949094572ee8207e386f36800a9478228bec0e530722bd3d4f5912ceff1e323a2a552b03a329bdbc92765852ccd2f52ab5

Download Submit