87b16eed5bc54f16b37799d8c996fb2b8a7303b55cc31b17e66736bf12fa1977

Analysis

max time kernel
148s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29/09/2024, 03:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fdba0266b2736a86ef5c6ef169844dd4_JaffaCakes118.html
Size

295KB
MD5

fdba0266b2736a86ef5c6ef169844dd4
SHA1

7431435ddfbfc0e50efbea2422dfaac6849db375
SHA256

87b16eed5bc54f16b37799d8c996fb2b8a7303b55cc31b17e66736bf12fa1977
SHA512

0d4dce99db38469c69c939a01d0f42423099f6503cc549e0d251804220e92941bb6fe82376a202f4f4c00ebcf0f82003d153d36dfcb4342316f32b590a7c8afd
SSDEEP

6144:hcjJ/jXmNRnXWD55TMRiKgoNM2qncRkR8F:6jXmNdXeqRiuNNRkR8F

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1456	msedge.exe
1456	msedge.exe
4616	msedge.exe
4616	msedge.exe
2932	identity_helper.exe
2932	identity_helper.exe
5012	msedge.exe
5012	msedge.exe
5012	msedge.exe
5012	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4616 wrote to memory of 824	4616	msedge.exe	82
PID 4616 wrote to memory of 824	4616	msedge.exe	82
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1508	4616	msedge.exe	83
PID 4616 wrote to memory of 1456	4616	msedge.exe	84
PID 4616 wrote to memory of 1456	4616	msedge.exe	84
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85
PID 4616 wrote to memory of 2916	4616	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\fdba0266b2736a86ef5c6ef169844dd4_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffda94d46f8,0x7ffda94d4708,0x7ffda94d4718
  2⤵
  PID:824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:1508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2416 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8
  2⤵
  PID:2916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2104 /prefetch:1
  2⤵
  PID:3944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:4312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3784 /prefetch:1
  2⤵
  PID:884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:4912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3740 /prefetch:1
  2⤵
  PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8096 /prefetch:1
  2⤵
  PID:1068
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 /prefetch:8
  2⤵
  PID:4288
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
  2⤵
  PID:3036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,6782484011088951834,16032675096145406447,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5344 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5012

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3388

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3748

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
53bc70ecb115bdbabe67620c416fe9b3

SHA1
af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

SHA256
b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

SHA512
cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e765f3d75e6b0e4a7119c8b14d47d8da

SHA1
cc9f7c7826c2e1a129e7d98884926076c3714fc0

SHA256
986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

SHA512
a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
23KB

MD5
c897f8479da25ec570027594f1b4db24

SHA1
81a3ff06cf35a87e697fc4733966dffc270ad06b

SHA256
7fd05e325904c9c31e435d5c65b9b4ffa11a9116d1df0282d6cd7c87ef6f1dbc

SHA512
b1c1c46810c3bc5c407f7d30a9d74db8242860965d958ffc5bfeed35b1204774843775ae81b8c414ea89322d00d7ab97313965e20cebba588edf13b9b8dcbc10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
45KB

MD5
ede70f717200a59b4cb831635de913a1

SHA1
d4d6e893ac192b5df087e924ab3356852f8a7bc0

SHA256
c63fbcc69de230e4844cf735ccf668eeaf30e42126eeb464da39c2de6b0b0051

SHA512
b621bde28b90ba97c122677989d994cb5e88fd0906366af1a23ad3f9d9f3b7f2bbef95873f29100433d4068fbbf7ab798505e68deefc118097fc5f76dfc4b672

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
696B

MD5
dcd93a89090a9bbd4c219d01417a0b03

SHA1
539b6775b53fc04834967175ecfdb7cfaecbb373

SHA256
8a28a775c98d27ac712c7dfa1d02ce7a20c77aaa66317dd024301a9141787d8a

SHA512
bc37346d9bf0b99f8c1cfbdb5ba81234da283c3f01f9d9121d334d38337efbd86ba162e65caf7b2bc99d3bcabf91b86117ae5d35565150ac12f9b328687764a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
a4a195a2d688df829b8dd06a08ce0a9f

SHA1
447c4ad9c105ebef8087833417772b4874c8bd95

SHA256
26ac8a0982b0cbe2f0e56cb8eb108847aae797914a4a884c5da973c91d75c14e

SHA512
6875f052a738df3dacdee88da1f53477b08d084475d2595665a5346a2678477beb27b6359d629417d64e703fa487971a372968ccc515e6b9b9ed93cd9e74b73f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
0511d4e4bbb92ee6c4e770ab51c5ad1a

SHA1
804e055aa092b3b133d3121150cd80a108e24a35

SHA256
352b58420aff4cbf19127ac13fc41bd40c5895e4a5f4e8d6891b27b67aeede00

SHA512
1277c50e088a6f3a50812edcc5a0e3004720e67e076ea7fecf904f7b550d7c96bfdc1ad54c229d12d2dd3bff9a6a92db5f436208dc8df4c5e3cd226b07a58964

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
45cc05dfe58d6a075a6591763a40bc9b

SHA1
33eed6a70f7968ceec7f057b11e18a81aa1272ad

SHA256
615492de62358fc7fee9f8c48e796b8cc8230c6bb4afc384e8a6b4bc6167bca8

SHA512
6d7a1907ef14ccfde3c410a46bea3b5c0049860b8b35a9dae2b586261ab08924a6f448ea07868a39de7e5d531efe447461d12bd3a01f0f3384d554706abb0d4b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
456e909bdf07a30886e4f05c5fc320ff

SHA1
353b20796b9ec2e62411de7287ad9fddaf976af3

SHA256
4f8d7ed90a3939c816cb0de078106025d6128aefd1ae8b7f4d7ea2ef330fa092

SHA512
2a148d80c4965093150c6d97910a5f794303561d04fc43de333a8965772bd02f1923a49137796e82223484dc59e0a44ebf1d22ede6f7f28ad22852c2e2957602

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
7f6572dac1a3e57268e8a8a9f369c394

SHA1
ef18de0a4a8c5853047c6bea00e2fb071c0d677c

SHA256
2f7486252e62d531adbc5e8a854f9f09d7d07b4f5f7aa14a7a70d26e47e2a518

SHA512
b64451f349a1cc41e2fd6446393a7545b73e512860fab04469c1b09dbe2410559c04e2d18c989c890f1309529d2dfc9b26949986eaa113301cdfd1d6738458a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c9fb8dab-8386-4242-af79-39101e30403a.tmp

Filesize
7KB

MD5
cfea697e5db8b571a061e415eda50035

SHA1
af8c7c6980e8955d63542390eb3a00d2b1c683db

SHA256
bb6e7d62ca9e6157157e3032effef0147f3d0ea8c1f605ff0a7d76eab6e4ca5a

SHA512
33972a1dc719397e62354f207d41a138bb492c077ec7fa657d8552a05f5c8c84423bb2a4afbf64154f0eb3195f08deee8e116243490cf303de907194422da84c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d16f7a3f9bc8314c2af9f17aba00a708

SHA1
efcc40235672ee49a554a3b75bc0d3cc0f390441

SHA256
51acc65538eed66289bc882b11f5e158a54581cc93ce5f52274e76df0740465a

SHA512
aa6cd9d6caf5d2e88dadcc9ab1622f6c643a836a5ab0a6bf1d90668c93f8ba057786c94ca7c101b71bfe5a637e60812b0834d42bac5158d986bd1cce04196d9b

Download Submit