fdb0592d423503da04c12d00d6da343f910b974d33f9ec70e6a556939f7b2847

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29/09/2024, 01:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fd83950533887a3a85ed1b03ae3860c7_JaffaCakes118.html
Size

72KB
MD5

fd83950533887a3a85ed1b03ae3860c7
SHA1

c85d14ee60c7579df174e3c8f6543ae35e9ea95d
SHA256

fdb0592d423503da04c12d00d6da343f910b974d33f9ec70e6a556939f7b2847
SHA512

2d57ab099f468fc182413f5b2ebd95380517f45c8b58ca8cfedf6d3bb534d0284e1721dfb414f9a4074f07acc4eb6f92c32a14f399d698ece93dea1fe161c656
SSDEEP

1536:owgr8VkeO3xADRuH3SyP1+YR+Dpod+hnaS6cgRrztH28:IeO3xARyP1N+Dpod+hWVtHV

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4484	msedge.exe
4484	msedge.exe
224	msedge.exe
224	msedge.exe
2272	identity_helper.exe
2272	identity_helper.exe
3572	msedge.exe
3572	msedge.exe
3572	msedge.exe
3572	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 224 wrote to memory of 2480	224	msedge.exe	82
PID 224 wrote to memory of 2480	224	msedge.exe	82
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 532	224	msedge.exe	83
PID 224 wrote to memory of 4484	224	msedge.exe	84
PID 224 wrote to memory of 4484	224	msedge.exe	84
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85
PID 224 wrote to memory of 784	224	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\fd83950533887a3a85ed1b03ae3860c7_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ffc28ee46f8,0x7ffc28ee4708,0x7ffc28ee4718
  2⤵
  PID:2480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1784 /prefetch:2
  2⤵
  PID:532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2516 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
  2⤵
  PID:784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1
  2⤵
  PID:3604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
  2⤵
  PID:4860
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8
  2⤵
  PID:2708
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:3288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
  2⤵
  PID:3272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3772 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:1780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5576 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10480138209193653313,14126915282372884506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:1892

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3772

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4276

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
53bc70ecb115bdbabe67620c416fe9b3

SHA1
af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

SHA256
b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

SHA512
cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e765f3d75e6b0e4a7119c8b14d47d8da

SHA1
cc9f7c7826c2e1a129e7d98884926076c3714fc0

SHA256
986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

SHA512
a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
71KB

MD5
da52e38c98b0f2047abeb07609608ab5

SHA1
da1210caff36df73e49a0c271ff7d573c2d20d02

SHA256
726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

SHA512
35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
61KB

MD5
468446a7240461af44b59ebb2047c231

SHA1
47b7c525dc91bece99df0c414960b9490b986ba8

SHA256
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

SHA512
ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
23KB

MD5
8dacefa7bb352d2b95569393f3a5eb5f

SHA1
7ef7578dc6124de19dd7de01ba7b3be794496aee

SHA256
7862aaba2bb596deb55e5d756d15f3d5594934dc43fca323d3af5a623c277463

SHA512
955f24bc7dfd5ed62bbcc6a3d6406fb2611c16b1a0ff7525a130f53b19bca1cdbc7f14b1112b5be76268ecc90ea1707c82caa6a8eddaba09fc0dfa1bee82f75d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
56KB

MD5
9aea170ad0cd436d974afc1513f3b5c4

SHA1
f8232c587e63ed752260d2941a78a269c01c16a7

SHA256
13383bde9c3cca3b1b575c4fa92917d33fb77189c311169fd370aa8349536dff

SHA512
f426814d6a8986ec512d25de2de26d0c3c77c2c2f9e4773bba8830c75764460adc8924ce4bfd882b875fe64ab97a0d1c9bcf743cc7efc77bc9c3acf0a4bbf125

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
f1cd9829a59e3145674d1292b7505b84

SHA1
346915f407c529ec9fc95d56245eac1381ef8381

SHA256
c86c10331c7528708c715102b1071d4c6fdee414584e501528689f93d4b9c1eb

SHA512
37106f0144c9bddad6bfd0c7a0a8aa042aad4972f6c77a986c17181601721fc4425076cae1069a629eec335d5dc467be88fe0a2ebcb7ecfc71c80418b90753da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
4ee31fddf4617bdc31971b1b3d287ac1

SHA1
993978fa0fb62fc18b180c3ec638e9c727472c30

SHA256
04c8c3e0acbac69b3b4d00d11d88b7362a35b66f186386beff155448c12d2b6c

SHA512
26509b26e0bed5948d7f8f0f68be641cd7f96d1cb6a60473f65e89b3f0fae818522fc94437f6c0f45dfc6905eb16c35c2e37b47e4b525482caa80a59a4f3b446

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9a41a5b412f496802714a20e3919108f

SHA1
5c6037b945788c26b18cbb61f8844a41ade00af5

SHA256
87454f5445851438f793ca9a8de9fdb146b1d0abf1292a8206c9b1905bd7cc47

SHA512
48fc31ccef630a85df1883d0bd7a8787fc36fd60dd0fe3fbd6131c049dc315cd0a881a7c4e61c2f3b149c4671d60b3f414b908b2cb196ca76d27dcacf5425bc3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c0642be42cb09156b9369002fa05056a

SHA1
49fc0772701d5efd9f1ccdbfb53953440f6dad1a

SHA256
a2574d640970583ed2c492f58d4d7ca68652bae39f86f30d22204484ecb94504

SHA512
b7a40400232380a959c1a7aca876db000adbe93a68ee8a455351e891a48c82b9aba3d80d5ae1968d5143a73d87cdeb32598c54c0f6dc561d08640f45f132efa2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
539f7cd54644af6095c95bdb328162e4

SHA1
9c6fde4824cd24c0e7f4744e393cb39cc4f58e58

SHA256
b4ac76c23766c28c32a0596fb00d57052b615e1370f375e7e9a86956e1751072

SHA512
bd1e3573b1345551549619d2354a3e87de194cf40a9979cacf1bd24c118d6cc4a926f4618ced8882696bf330e0db9184ca29d70b3259932481d20bc71ae3703d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e2b6171d32b7c4e1c5af162d9a671c29

SHA1
1fea8718c867f629c6216d972538dec90d07a9d3

SHA256
8cde077749d070bcdce731d1b19bc5b25905817e142e1a4ee2e93c830bc2601c

SHA512
8463b87774898f0cd676a71d8d8e1bf6ae94309829f131a4ace86f71f94cdf2c085c852605561984deeb4d6379d2d9e2912a4e1428a1a4e2a0b5adeff9aef9d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2289aa73a4f42dc9e32035177b808fc8

SHA1
696cfdcafcf445e34ced51cdd6e5a595d73ae3ae

SHA256
1260dac909d828da07b4985d9858ebfb85b147f67f19f1d19364823da202c313

SHA512
0e948de9f23b7b72fc9632d8adbdbe7cf84b6704d685c7fbf0837ccc818b65ff9407e30d5ab800472594574b16a128bcd8725714b64168db3718f7fb32406e16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
29459309ef2d09309552a7d061e31f07

SHA1
26377beb950ad134f5de329f0f697f79127b92e4

SHA256
ada9edf0c5763787c75bbf44444ef336affd4433dbb01a4b343a4fbec971035a

SHA512
57e178aec3c1d8e5342038f9bd90ab31a41d14b658525e8c2250551d8765529ac6766083e014e6a2a6e4071c2f5a4d98369dbda5b0f69f9e966db7b3ad384199

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
c41043bb4400fa1c50b0593516c8c3ff

SHA1
0d9b1d9aaea4718912c1cb333333ab04766a9b62

SHA256
998a6c6d06455d9b981d5d8fac1aa5dc1776cdf21b433041cdc13ed14d859e22

SHA512
36a249468477a63f303850e370af19660695ece7a0de8f8a4bafecaaa397ef2828a09be41334192db93e18f56330e359d480df240eb4be021e6509301e0b2875

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58d3c6.TMP

Filesize
371B

MD5
c7d3313d2ada890dadfadbacf702cf0c

SHA1
c10a398efa07119273dc86e131d4ddf8c7ea4930

SHA256
c75e6b08e49f4c73f5d40699a719898006cc60a334bf782f33a50ac56975299e

SHA512
1023d4a4b6e80719b9e05f3d952bd2a645e2fb8751e0b07a66b35b07c7accd62f17e31908b5e72a507b83bb5cce8a833991ef4ddf847b8d3c6814514ee03732b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
39eed98d45862321c3f4cb3e10d8ae3a

SHA1
f23ee19f13073bbfb3c674ee7c9aa6ba65e7b0b0

SHA256
60515674553751cd6c802fd14e5d31ef940f7ed8c90d3fb9a09c04205d86957f

SHA512
6501a9d27316fc2c7f7ad034a46e6bfdb18732f4b33a5e5acae3c2fa8786f5fd97f53dbb3b96f0b3240cfb274d50773f398bf074b46a2a3972c88fc9269a2476

Download Submit