Analysis

  • max time kernel
    145s
  • max time network
    133s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/10/2024, 13:12 UTC

General

  • Target

    0ad37aa8b2529241d8757eb9e87e85ae_JaffaCakes118.html

  • Size

    6KB

  • MD5

    0ad37aa8b2529241d8757eb9e87e85ae

  • SHA1

    d22eb85861a2f31ae7bed588ebf10a09993d544d

  • SHA256

    acfba7ce2fbff75405eaafd4f7ffafc0401610e8e10a95561b1c210b5cd4f36c

  • SHA512

    4ab6585bb5411d2d8cb63eb50779ecd1ccc786616a426307234bba93993b2f8e7f15199f3c94fb3fafef87c8329b5d671551f77670a242aff03cc04cefc4f6da

  • SSDEEP

    96:uzVs+ux7yiLLY1k9o84d12ef7CSTUQZcEZ7ru7f:csz7yiAYS/Hb76f

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0ad37aa8b2529241d8757eb9e87e85ae_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3844
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffae1746f8,0x7fffae174708,0x7fffae174718
      2⤵
        PID:3108
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
        2⤵
          PID:2068
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3688
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
          2⤵
            PID:3680
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
            2⤵
              PID:4288
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
              2⤵
                PID:3840
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 /prefetch:8
                2⤵
                  PID:3064
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:3284
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
                  2⤵
                    PID:3104
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
                    2⤵
                      PID:4908
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:1
                      2⤵
                        PID:452
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
                        2⤵
                          PID:2416
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1900 /prefetch:2
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:5108
                      • C:\Windows\System32\CompPkgSrv.exe
                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                        1⤵
                          PID:5076
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:4856

                          Network

                          • flag-us
                            DNS
                            counters.gigya.com
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            counters.gigya.com
                            IN A
                            Response
                          • flag-us
                            DNS
                            counters.gigya.com
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            counters.gigya.com
                            IN A
                          • flag-us
                            DNS
                            analytics.hosting24.com
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            analytics.hosting24.com
                            IN A
                            Response
                          • flag-us
                            DNS
                            fc01.deviantart.net
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            fc01.deviantart.net
                            IN A
                            Response
                            fc01.deviantart.net
                            IN A
                            54.185.91.11
                            fc01.deviantart.net
                            IN A
                            52.13.151.103
                            fc01.deviantart.net
                            IN A
                            35.86.47.99
                          • flag-us
                            DNS
                            fc01.deviantart.net
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            fc01.deviantart.net
                            IN A
                          • flag-us
                            DNS
                            14.160.190.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            14.160.190.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            14.160.190.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            14.160.190.20.in-addr.arpa
                            IN PTR
                          • flag-us
                            GET
                            http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
                            msedge.exe
                            Remote address:
                            54.185.91.11:80
                            Request
                            GET /fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg HTTP/1.1
                            Host: fc01.deviantart.net
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 301 Moved Permanently
                            Date: Wed, 02 Oct 2024 13:13:03 GMT
                            Content-Type: text/html
                            Content-Length: 162
                            Connection: keep-alive
                            Server: nginx
                            Location: http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
                          • flag-us
                            DNS
                            orig01.deviantart.net
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            orig01.deviantart.net
                            IN A
                            Response
                            orig01.deviantart.net
                            IN A
                            52.26.23.167
                            orig01.deviantart.net
                            IN A
                            52.33.77.108
                            orig01.deviantart.net
                            IN A
                            54.190.123.115
                          • flag-us
                            GET
                            http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
                            msedge.exe
                            Remote address:
                            52.26.23.167:80
                            Request
                            GET /2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg HTTP/1.1
                            Host: orig01.deviantart.net
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Date: Wed, 02 Oct 2024 13:13:04 GMT
                            Content-Type: text/html; charset=UTF-8
                            Content-Length: 0
                            Connection: keep-alive
                            Server: da-redirector/0.5.2
                          • flag-us
                            DNS
                            58.55.71.13.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            58.55.71.13.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            172.210.232.199.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            172.210.232.199.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            11.91.185.54.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            11.91.185.54.in-addr.arpa
                            IN PTR
                            Response
                            11.91.185.54.in-addr.arpa
                            IN PTR
                            ec2-54-185-91-11 us-west-2compute amazonawscom
                          • flag-us
                            DNS
                            167.23.26.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            167.23.26.52.in-addr.arpa
                            IN PTR
                            Response
                            167.23.26.52.in-addr.arpa
                            IN PTR
                            ec2-52-26-23-167 us-west-2compute amazonawscom
                          • flag-us
                            DNS
                            95.221.229.192.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            95.221.229.192.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            28.118.140.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            28.118.140.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            50.23.12.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            50.23.12.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            198.187.3.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            198.187.3.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            100.209.201.84.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            100.209.201.84.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            30.243.111.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            30.243.111.52.in-addr.arpa
                            IN PTR
                            Response
                          • 54.185.91.11:80
                            http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
                            http
                            msedge.exe
                            735 B
                            686 B
                            7
                            6

                            HTTP Request

                            GET http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg

                            HTTP Response

                            301
                          • 52.26.23.167:80
                            http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
                            http
                            msedge.exe
                            1.2kB
                            439 B
                            8
                            6

                            HTTP Request

                            GET http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg

                            HTTP Response

                            404
                          • 8.8.8.8:53
                            counters.gigya.com
                            dns
                            msedge.exe
                            128 B
                            129 B
                            2
                            1

                            DNS Request

                            counters.gigya.com

                            DNS Request

                            counters.gigya.com

                          • 8.8.8.8:53
                            analytics.hosting24.com
                            dns
                            msedge.exe
                            69 B
                            124 B
                            1
                            1

                            DNS Request

                            analytics.hosting24.com

                          • 8.8.8.8:53
                            fc01.deviantart.net
                            dns
                            msedge.exe
                            130 B
                            113 B
                            2
                            1

                            DNS Request

                            fc01.deviantart.net

                            DNS Request

                            fc01.deviantart.net

                            DNS Response

                            54.185.91.11
                            52.13.151.103
                            35.86.47.99

                          • 8.8.8.8:53
                            14.160.190.20.in-addr.arpa
                            dns
                            144 B
                            158 B
                            2
                            1

                            DNS Request

                            14.160.190.20.in-addr.arpa

                            DNS Request

                            14.160.190.20.in-addr.arpa

                          • 8.8.8.8:53
                            orig01.deviantart.net
                            dns
                            msedge.exe
                            67 B
                            115 B
                            1
                            1

                            DNS Request

                            orig01.deviantart.net

                            DNS Response

                            52.26.23.167
                            52.33.77.108
                            54.190.123.115

                          • 8.8.8.8:53
                            58.55.71.13.in-addr.arpa
                            dns
                            70 B
                            144 B
                            1
                            1

                            DNS Request

                            58.55.71.13.in-addr.arpa

                          • 8.8.8.8:53
                            172.210.232.199.in-addr.arpa
                            dns
                            74 B
                            128 B
                            1
                            1

                            DNS Request

                            172.210.232.199.in-addr.arpa

                          • 8.8.8.8:53
                            11.91.185.54.in-addr.arpa
                            dns
                            71 B
                            133 B
                            1
                            1

                            DNS Request

                            11.91.185.54.in-addr.arpa

                          • 8.8.8.8:53
                            167.23.26.52.in-addr.arpa
                            dns
                            71 B
                            133 B
                            1
                            1

                            DNS Request

                            167.23.26.52.in-addr.arpa

                          • 8.8.8.8:53
                            95.221.229.192.in-addr.arpa
                            dns
                            73 B
                            144 B
                            1
                            1

                            DNS Request

                            95.221.229.192.in-addr.arpa

                          • 224.0.0.251:5353
                            448 B
                            7
                          • 8.8.8.8:53
                            28.118.140.52.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            28.118.140.52.in-addr.arpa

                          • 8.8.8.8:53
                            50.23.12.20.in-addr.arpa
                            dns
                            70 B
                            156 B
                            1
                            1

                            DNS Request

                            50.23.12.20.in-addr.arpa

                          • 8.8.8.8:53
                            198.187.3.20.in-addr.arpa
                            dns
                            71 B
                            157 B
                            1
                            1

                            DNS Request

                            198.187.3.20.in-addr.arpa

                          • 8.8.8.8:53
                            100.209.201.84.in-addr.arpa
                            dns
                            73 B
                            133 B
                            1
                            1

                            DNS Request

                            100.209.201.84.in-addr.arpa

                          • 8.8.8.8:53
                            30.243.111.52.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            30.243.111.52.in-addr.arpa

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                            Filesize

                            152B

                            MD5

                            f9664c896e19205022c094d725f820b6

                            SHA1

                            f8f1baf648df755ba64b412d512446baf88c0184

                            SHA256

                            7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e

                            SHA512

                            3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                            Filesize

                            152B

                            MD5

                            847d47008dbea51cb1732d54861ba9c9

                            SHA1

                            f2099242027dccb88d6f05760b57f7c89d926c0d

                            SHA256

                            10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1

                            SHA512

                            bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                            Filesize

                            111B

                            MD5

                            807419ca9a4734feaf8d8563a003b048

                            SHA1

                            a723c7d60a65886ffa068711f1e900ccc85922a6

                            SHA256

                            aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

                            SHA512

                            f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                            Filesize

                            5KB

                            MD5

                            ae2ef4b720ee781621a487a75cd82729

                            SHA1

                            e3bf2906df0089a6ba9cc9b6ab0d7a3ca7162878

                            SHA256

                            67a1bff03a077042bbf7a94ac449c6c4876bd00896b169139d103e20e8794e4f

                            SHA512

                            39a8e3db8463eef9d131bdbaebaca10c1b788a7cf4e77c4c4cc55493b1cf9e438934a7f7fb06d1d0993bc7e84d3d02ecada56ba854b3a431fa162e7ed1afa3d3

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                            Filesize

                            6KB

                            MD5

                            e00d8f5edf2febd3802edcc3e1f202da

                            SHA1

                            14842a161ea93dc10c2f11877183aae952e22816

                            SHA256

                            9c4459fc9249453945a4e1f43d6aab46e9442e0cbce9e125d134b4d1cf95d2ac

                            SHA512

                            491ce7c210d4bbf9f13addb3874aa919b3a105c6f216a64900e3caaa63731772e6766e03d1822aad18a7acc3b2ed3a96b03ac11672a6e8623bf87590f4090f16

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                            Filesize

                            16B

                            MD5

                            6752a1d65b201c13b62ea44016eb221f

                            SHA1

                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                            SHA256

                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                            SHA512

                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                            Filesize

                            10KB

                            MD5

                            fff93528fda27983e9dabe2557639944

                            SHA1

                            b412af2649b22d6303205cdfaa68c4d4c4c29833

                            SHA256

                            7aa686adde1353152f794b2c6f6ba638f2a1296944e79c67de15ec6d1045390e

                            SHA512

                            c13c4d4ccb7c1b42a39ea65be7c0f3d7fbf7c2ff2bfea43974bd3e73e9c344c2a65738e20fb9d4c23b3cedce9edc0207e068e3b6cded91e90a1173b1ae5a4994

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.