db6a134d40b38c4d144f0f933ba6c21e855ee94768fa0c2a5b52336a594ad30d

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02/10/2024, 08:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

09ae628bd2f75751dcdb9cfac420e395_JaffaCakes118.html
Size

189KB
MD5

09ae628bd2f75751dcdb9cfac420e395
SHA1

cef840fb9d95534aa66fa8bad166d6f1ce65219a
SHA256

db6a134d40b38c4d144f0f933ba6c21e855ee94768fa0c2a5b52336a594ad30d
SHA512

d7d958593e6be9237f3da214c5da6f5ee8dec27518b6b721fe0b543064a6328adbab43c7c2e0830d68109ee168973629ebdc66fb347dda853ce1f9cf10b82761
SSDEEP

768:pdolIg0zCwRjKTtvCcVFFz6cXrFlGFbOTcqXzF371CKTik/b1VfqP1M8f+WYf1jd:glIgOrxlOwIrQV+6YG5inBelRQ

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4724	msedge.exe
4724	msedge.exe
5100	msedge.exe
5100	msedge.exe
3876	identity_helper.exe
3876	identity_helper.exe
5844	msedge.exe
5844	msedge.exe
5844	msedge.exe
5844	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5100 wrote to memory of 4792	5100	msedge.exe	82
PID 5100 wrote to memory of 4792	5100	msedge.exe	82
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 2864	5100	msedge.exe	83
PID 5100 wrote to memory of 4724	5100	msedge.exe	84
PID 5100 wrote to memory of 4724	5100	msedge.exe	84
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85
PID 5100 wrote to memory of 3276	5100	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\09ae628bd2f75751dcdb9cfac420e395_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff815d46f8,0x7fff815d4708,0x7fff815d4718
  2⤵
  PID:4792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:3276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3148 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:3772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
  2⤵
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
  2⤵
  PID:3548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6740 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
  2⤵
  PID:612
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7704 /prefetch:8
  2⤵
  PID:1764
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7704 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1
  2⤵
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
  2⤵
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4088 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:5264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,1141055425140320224,16247803765213117966,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1864 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5844

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4336

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3944

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
23KB

MD5
c897f8479da25ec570027594f1b4db24

SHA1
81a3ff06cf35a87e697fc4733966dffc270ad06b

SHA256
7fd05e325904c9c31e435d5c65b9b4ffa11a9116d1df0282d6cd7c87ef6f1dbc

SHA512
b1c1c46810c3bc5c407f7d30a9d74db8242860965d958ffc5bfeed35b1204774843775ae81b8c414ea89322d00d7ab97313965e20cebba588edf13b9b8dcbc10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
61KB

MD5
529a606ec93821f9c2706ebe993e1ca8

SHA1
9add401d95927c2000b81e9d023440ffb2dab103

SHA256
df1283cbc0a6fe37a59059001208514d5b254b59be8074b1ea0e7cab49e43e39

SHA512
bc789553300e2d22a71b3d146e9bcdb963bde8263fbb9e1d6a3fba5ac68432360fd27d41e66f3278666e639e36c670453082a8b9bd3770728a87acf742414b37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
51KB

MD5
472e2a19f882c6fed5c028d1f1631d25

SHA1
9c510c41e1484bb0640431dcde45ac2b0da64963

SHA256
7b9f47188a24669585d7d6b950d7fbffd1ac3c2893d48293fec56013eadc31c3

SHA512
60989cbd93e9deceb36c4ae851c92b2ba01717554bf5243e1875b659069030b43f409c8d06ea227b1759f96fe5d8841651e09adcd81a3696b8cec5f7509c6667

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
21KB

MD5
08d5c11cb110a483e48e0b175df458b3

SHA1
75a35f5c1d5a0b2a81b6abc8f110c203718a9bd4

SHA256
a569acd6a94ed9246c265775647beb93324715afa03a820b15c589aa648b2800

SHA512
31c62b168a8f149f277ba9041b31b696ccbe0da18b607c06d0f7b5e0c6e7cf0b32d22494b5ad15deca5ebf4b64fceeb439164d605761337ca73626c1cb689e9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
102KB

MD5
4e3b6af6455d4d44be1c63a654bc5079

SHA1
ae1a035747a25df844cc71ac860a9f5ce7251a23

SHA256
384976c29cbd3f199acb925161865e81fc50cc9cd8248546af5014ad9e59c4d6

SHA512
ce82325dc69ea00e02681ea1d1bd1364e1cf64b23f87faef6bf63169c8b26ef79042ab16e2390a8eb21093da4b0c59eb42b05ac782c2d503f4af493e86bbd076

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
126KB

MD5
4b4c16e108b7e32ce88f3946a560e4cf

SHA1
5f9cf4e3cf0231826b3c94a6dd3b46015d95447a

SHA256
d6c6d9393f5a1d74a9851135c16630d1d74421494ce2bf3ecdcc2b1c9ba90bba

SHA512
fff79e4dbb351b5fc623dac68fbb3ccdcca0f417afd98d5c58069fd638b569d8bd7a1a674edab9ac820db01f3c0eb1a02f98114082b0f17d6b5d199dd4ab22e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
136KB

MD5
873b9fc3cf048256f674d7e5a8690a73

SHA1
27702be82dbee6ec58a929bb5667c634731379f0

SHA256
65e826f667260c767fcfd90ff548cd6313c40bc47b5d8899464d25df12a09b51

SHA512
aa700c6e85e95bea0a5d690c4d60fd46d7fa591a7b7bbfe7fbd4565aaa4bb698aaf92d79831abaa1950eb6bc73cdd3fda1e9e1fea2c3f7ca8159795a296fca41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
213KB

MD5
f942900ff0a10f251d338c612c456948

SHA1
4a283d3c8f3dc491e43c430d97c3489ee7a3d320

SHA256
38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6

SHA512
9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2f3f791b8fcea203_0

Filesize
204KB

MD5
4e18cddf26c97ac742fad6fe766eb6a2

SHA1
ed3b19391f7507ecea4d57bc105c690b08484da3

SHA256
d7aa61053cf4b6b8bc243d5f6e9824216061a067bbae42aa78653d79ea4b1a6f

SHA512
4da814d382d6666bfbc084d150dff2d80cc5950ac16f7b4df0a8c32b25812f52bbb3a9d90521c6a9769cfc38449fa73dbc8b9ff215f16930eb24d81c1be84874

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\68465fd36bcfa5d6_0

Filesize
278B

MD5
d00ad9c354e3203cab995f0ac792074e

SHA1
59a7d31f0532e08371c724b2b54b084ec3548388

SHA256
120205b88acbcdc407c9fe967130f29f0372e406e7de4c74a017359b09543db2

SHA512
a73f95ce24dd29aebd208a94669b61084f001ca19e6f965b022ae3d73938573a092e647325264405235eea2d8a9224aa2f59bf3d4ddcf606189306f74b784ed0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\98379fc2d79995b8_0

Filesize
161KB

MD5
926f42ba66f8f88c1b68625938e0fb95

SHA1
3232e8f33455735c843011e59b14d3d7315793d0

SHA256
d8530a92030f3efa73766e285484f8cd5ccc253b5523d4692e4fe788b926234c

SHA512
c5ab743cb916f2594175d4bd4c487b624ad27afd328577e002bb447b55e633d9afaf3f9082e1d4cd3124b3a564fa47cc67283fe123aec3f2eb2f6a8107125c63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e5c3b2d7ac7e66a8_0

Filesize
395B

MD5
2166724c7b03983d13898b803b7a12f0

SHA1
c660cb7b2bf6833bf0ae7f2558404ada127df426

SHA256
b51c9ce7c03bb0f40c3d6eb0fa9e98b19badccefd55a0f5a718de570aa620cb3

SHA512
dd37f138178aefb5144d5667e733a26560e5496b7a655f3a12c892f0f301a4db9352f09290ab66ae995a2a08fab83c35d5f0f223e4fd61b60cc1ecc32bc1041d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
fc03395dc18516722857c1b2b9502328

SHA1
77b1e2a65d01e77ec155fbf16d22559394c4c409

SHA256
51486842998b82d2e3a1c2eed156e044b5a1e292d6d980e37fcb05fbfdbe3b2f

SHA512
4d37ad197d9de43aafb4937a1b86ee900b756282821c054b7a08b6f3e13b7265aa2d4197d7bb7d8be9df949a1d359b9f4c9220ce3a0bb8e54b78720dec09ac68

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c8b3051c67a3ddeee46d54eb5cbf82a7

SHA1
0eb05897f194f8fb4fc3b730507678b5805a8690

SHA256
54df665cd74e82666fbdda14616ef6f6d1d3f80bf71cb02d968ee3831719c605

SHA512
e3ab8400a1345c59763d9c40ff74f8e50476a8160dc4ff48d3efdec16a59ba8c0b1326dcc1e1ba82adbe6e0d19f312e49f5771caf67d58a323d36550875171fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
9a349b2d8dbc23687050063d02cabc2e

SHA1
407e7dee7a3875cb4d153a21893248b132d509a5

SHA256
fa340867093d69f1f4b478be5b0f9159fead1f025731891f91e65fc2a092bcf9

SHA512
b3dcb88a8d73ebe9cdd3f1be83c37071de307a4d477b552d3560896055dce55cdcc6a3d09ff1587b47c3a9128c154f6d29365e3495ea54dadc277b2432514353

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
1d567cf46b62d41a6eee0188a9add430

SHA1
672c300976223c75a398a3351ef84fcb7af5ad77

SHA256
7e48071122c2d64403262ee8a0e52340dcf8e939a4cdfd07311deae24a41f247

SHA512
a1559ba03aaf21a091b35f1b02d751cf7329be6939a31238a44c43fd9aecbe5fa2d4bd8823a39ecbe4867f9e538422ca2022d13d580bfe33b2109dcefc87bf1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f1e8886ea9c51fd00f19859b35059b99

SHA1
e969143fb4c9df4d6ab8055ac5c6894be51f5539

SHA256
ccbd2b3bfa706b6e11e5917a728e5bda4801a7e5dce3b531b75d91494b1d7d11

SHA512
6c58b47d0c95194178c4e2d9cfd7b6e8376c27b1c41ec75ed3cafa0866af79d5664f619deea17e03993ac76f61ef660c064f62ecc14c34e325615846c177c42f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8b43f4856d9039708070ddd7aa9a6792

SHA1
52c3fb5883d071b8c036121247b7878b824d72a9

SHA256
ca8e3be07a74636316d767b912bf2cc2bc0d1adaea3a430e97c8807a01400fc9

SHA512
9e2604c9942d0a26740abb343c42791de62c9611d805950c2a4d2a8f55a98e8461a47b6e013c90c1dfd84a625ac2b27607fcac3cfd7548ccebb2affc63b81686

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
05f66352f82980cdbff605d7596d42d6

SHA1
df1d9131140cd19e6136e7d779e98e57320325d3

SHA256
764d303c55d43c777c9ec381b94c6ba7659fb977c7318982d356396ac2778ad5

SHA512
8723d9f3d0993dac41064f86c6f68f1678fa2440fe28491480726e50b7703311125d5e6c44a9ae4f0af66414279b3eb110ee277ad0993a9a3bfcfe1a8d064b7a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5b02cf6b74b4bfaea86f93b7e60e7f2a

SHA1
5b6ea11adf3bde890daa459812e37d2177e9887c

SHA256
67ce384411f5c8dda5cc995195ae4733b5d8efae6fd7f87e56bfe671c40938f5

SHA512
01423e0b204da3ca83292705a500965e23e09d0087ea099931cb5e50c29fd3a0ee38b13f0bc74d6beb2ef1cdbd5c211fca00571284bb5ad51ca2a1949f6b836d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
1402b071f991e7c74ccf1a5cacdb393e

SHA1
08d63a13a138eda156934c0b52d5cf99cc624c9c

SHA256
b1c47cfc1173072c35158493e4205604bb5a74088ee48b8299a6a9d7445c92f9

SHA512
3296f23a350a6e8abbb32d08fa54281dd13872b918296506061c2e5cb32e3eb6534f57cc1ed16bb09e474009b8996011f7d934eab833a4f9d3062fdc871edb08

Download Submit