4827c53eadb7ad9d06202039366e9a26a92ec5bad9a8059e41a65d0eddcd700a

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29/09/2024, 09:54

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fe4839f33bcce5d56090d085c792f02b_JaffaCakes118.html
Size

15KB
MD5

fe4839f33bcce5d56090d085c792f02b
SHA1

3a4e0f036e6dc9186eafe256ef49f95619b68a83
SHA256

4827c53eadb7ad9d06202039366e9a26a92ec5bad9a8059e41a65d0eddcd700a
SHA512

20be7a80e518a99135ec25507a2ace7af557ce8afdcc3fb3c61d2cfa8fea304668f79909f0c0fee71db389cc58d7f57d76790f882904fc2acebd4e120e7e36e0
SSDEEP

192:Nh0pze80VhrXL9/x2Zz0x2DLXq18uuTCSxJ4HZSDT4yiWXJcrpRYlP1T9CUCKgfN:NBlVhrXL6Jbq1FuTx59BRu8TrSn

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 11 IoCs

pid	Process
1776	msedge.exe
1776	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
2524	identity_helper.exe
2524	identity_helper.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe
1812	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1812 wrote to memory of 4108	1812	msedge.exe	82
PID 1812 wrote to memory of 4108	1812	msedge.exe	82
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 3564	1812	msedge.exe	83
PID 1812 wrote to memory of 1776	1812	msedge.exe	84
PID 1812 wrote to memory of 1776	1812	msedge.exe	84
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85
PID 1812 wrote to memory of 1000	1812	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\fe4839f33bcce5d56090d085c792f02b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbda7c46f8,0x7ffbda7c4708,0x7ffbda7c4718
  2⤵
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  PID:3564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2428 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:8
  2⤵
  PID:1000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:4172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:1116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
  2⤵
  PID:4780
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5536 /prefetch:8
  2⤵
  PID:4860
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5536 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2628 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:3296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:1440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1808,5551214811958510925,5047298768446750089,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1256 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2992

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2336

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3540

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\7fb4dbfc-4d28-4314-bf66-7b8172060bdc.tmp

Filesize
10KB

MD5
b7ffbc936d7214efd1019adcd0698312

SHA1
27f869ae86c858c178ac1d07e1687fd58210c643

SHA256
cb529cdea8c0a109cd50e50a30002e5992cc7b13a2875e6265789119e5992b19

SHA512
c6082f44095d5f8d0d6337cf645fd5b05beeb748c6c5e04a8ec748d7d6696d29c9aadb866ba165893d8dc03ce880fea68470de37e14f348dfbc95d02017d9171

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d4829218222c8bedb9ffe89dffd37095

SHA1
aae577f33f413ec3d09f2e7ff5d9cc20a602241c

SHA256
49239b229a2519583ba5d6de3702480b8a8ebf3cfaa8945100dbab25fcb02b7b

SHA512
03e26a2e3de41b8a829b5543da504c7d7ccdc4c112d629efcac24dcda23acb50a52b5b99572b5efb2a01cf392a457cf9fac85663b3d63f7606be00dba218f8f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
15e9c4b4eefb3e1c08a010e748e10f58

SHA1
3172378f2c7a00553ce086dbf53fcf3126c5a724

SHA256
07b56a769467e8b57f9b7acd9d32da266ca5000803758c18bb6818ac236c7000

SHA512
811058b539e914a812c88543bb6657de736f691d18d6dadb5e1f6ced286780fb334dc5f575babbcf4fd2dceda30d1bf4004b374c5775e7f278346b100b29eb7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
c26ebde2211e983bb6c3b44ee2960687

SHA1
077c53d25aa5c37f8bc7f332833b37e26e67d2c1

SHA256
6aaf3f138cb40db1a55cc7e837e7916087e67f35914342813517fdb9c932d9a9

SHA512
2027014897e9e31cc922481915774218ea41e9eb97a08afb0707b727042bc89639899e7b1585ae0bb410378a1d88c55cb22fc59bc4f272557c7eb34959931ba2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
989B

MD5
7fcff51e24eebefc64abf40700ad7882

SHA1
5fd74cc8a039e2e335fc1aa10f2ac881fd9ffbb9

SHA256
cd78f744a91b4025c325f834f4d82ddd84cd89889913c9344f0962feb53b027e

SHA512
11e2a61c948a030c16fd046b3888ae52093e5fcb40d71cc89d39c74b7cd9f2f05d57343d86ffbcd8a9d77411e6f76ffda352547450c5f32a3a661a8bf2edcf31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
67c94142f30131fabc1b4dbead545a34

SHA1
2b6ab454306f0d90af415134a0598abdddad6f25

SHA256
a99d7cab52f9ca4bc86cf82dc6d68ef8727f4a0202251683ee57d82a4b3ea540

SHA512
cb2c341e43451d477a214f6afe1896c5ea95970552d2ea99b370a5b0e0feac32b38c5bca772e0b1b6a742c34d889435715752a9763f2c17b380da300f23bcd31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7b79ac26b202f94ba98f846f3b26f9aa

SHA1
f570f8e37f745061dc59dacbcb5c7a68a032353b

SHA256
6bbb0123d11041787ab34347c77a90f081d821fe352e82bf8a0d6d09ac4af507

SHA512
8b0ef6bbf6757ec05949bc3775517d3188ef10c4040fbddd0c57682ac55d773624df73a87bcefde5744bdf63c0d5b78d160cf2a5ac718ddadbd12a0f02758ad9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
86e246a8d2dcc22b6d1ccfd5dc116eb8

SHA1
701450ddf6ec5a8a7432cc72a05096fa521a0d1e

SHA256
460f8f3f602addd661a8f2f57a3fcb9c356fb41d34721ad7d8d8408d16636758

SHA512
c8b81a6e6fd90d40a13f9244fff71f912815a3c9d47f324de4a2e77bf5d92562e251a9b1069f6a0e48625a2578b28bde1f65c794b03f05c9b622bd90b860fafa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
594e662e0ac775cba0758b335b7bd116

SHA1
6feafa7f01a4cc0900571ce7a46966b99116dc89

SHA256
c0f285371db28ce97f246c75f2f310d06ae38205e3becf58f102c19734f56e4d

SHA512
e451d9433252a2b3317eaa754398f41719e5b18519896dc5aef8e2c8f4fccd9fef016355b3b9c392f3ff4f9b55fda500cc5205fa3274a09279e51d5089633cbe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
7915ba0545666aa5833cf9f9f86d45d6

SHA1
743ecc319bc2a54973582d4a5198042a48fbe8db

SHA256
f8fcc045da13bde0f5dec3ada86342105cbff34ebc2442bcf51e8ed509a95b20

SHA512
a53036251a22cdc95579ea8641c5574f1dc1f7dfd0390f00ebeafbbea0c1a2c0c3e6dba23bbbb8d8e2c77a3e1e816ccfaf84a97da1c334019c8df1414999d1f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit