9b48e4f628d112b435e5fcfa0dda579ac8ea1ae294a6b8681a95f8995349ed06

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
11/10/2024, 19:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

367eaed612b6166214704ad7770a71bc_JaffaCakes118.html
Size

61KB
MD5

367eaed612b6166214704ad7770a71bc
SHA1

09052965281fe0e45c3573283d9bc8e1dc0b6132
SHA256

9b48e4f628d112b435e5fcfa0dda579ac8ea1ae294a6b8681a95f8995349ed06
SHA512

75744044b15419bf86c3edc454ea9b5a3b3f644d02cee7e07a6fb6a9c2e82fe50ada12d9e2225c2fb1b439b636a138b3c06acbed04e205d29e4034f14fdeca8e
SSDEEP

1536:MOGkGi0URophNltmolxD3zXKUsPOzr6dgcuAyzqih4OiQd6oeGBKMPSa4HCneiWY:MO3opvTzXKUsP2r6dgcuAyzqih4OiQd1

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1168	msedge.exe
1168	msedge.exe
3424	msedge.exe
3424	msedge.exe
4292	identity_helper.exe
4292	identity_helper.exe
2416	msedge.exe
2416	msedge.exe
2416	msedge.exe
2416	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe
3424	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3424 wrote to memory of 384	3424	msedge.exe	84
PID 3424 wrote to memory of 384	3424	msedge.exe	84
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1724	3424	msedge.exe	85
PID 3424 wrote to memory of 1168	3424	msedge.exe	86
PID 3424 wrote to memory of 1168	3424	msedge.exe	86
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87
PID 3424 wrote to memory of 2264	3424	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\367eaed612b6166214704ad7770a71bc_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeba1446f8,0x7ffeba144708,0x7ffeba144718
  2⤵
  PID:384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:1724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
  2⤵
  PID:2264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:4192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5952 /prefetch:8
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5952 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
  2⤵
  PID:1460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
  2⤵
  PID:720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:3528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,6373016004357146336,5448042000297678472,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2416

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3200

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2600

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fab8d8d865e33fe195732aa7dcb91c30

SHA1
2637e832f38acc70af3e511f5eba80fbd7461f2c

SHA256
1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea

SHA512
39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36988ca14952e1848e81a959880ea217

SHA1
a0482ef725657760502c2d1a5abe0bb37aebaadb

SHA256
d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6

SHA512
d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
23KB

MD5
c6ee151c95d5bd2339c67eca774449fe

SHA1
c2de7e4a87b91ddd246fee53b8274b35fc55603a

SHA256
65edc4727e2bdb04a0ad28564af17bcf3bd7029811429804d283c8f0e186ce09

SHA512
eb04604f00aba42cffeecf266cc7dbfc096708ebe615ed2141bd422585db26a12b54f9c22041c798cb01e4c3d3e5c70fff935b0c7a508fbf61f6201c3dc678b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
45KB

MD5
ede70f717200a59b4cb831635de913a1

SHA1
d4d6e893ac192b5df087e924ab3356852f8a7bc0

SHA256
c63fbcc69de230e4844cf735ccf668eeaf30e42126eeb464da39c2de6b0b0051

SHA512
b621bde28b90ba97c122677989d994cb5e88fd0906366af1a23ad3f9d9f3b7f2bbef95873f29100433d4068fbbf7ab798505e68deefc118097fc5f76dfc4b672

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
fe7c1bfc1e37dca1b9999fda03e5d373

SHA1
203ecf2b8da5c9c4860efe22c51327f4e3307512

SHA256
88da851bdacedbddb73ed9c3765b28f12401f5a8a6b08fe945bd0acc6bb98d8c

SHA512
a6f35af834cf3f0310955c348e3782d7dc8bc2400855cacb0ec2366bed336c6027c2c2755c929cd14c957c47c418486bde01d0fb3f6c8b00f6ce3dbdb415ce00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
880e2beeddc2ec107c333ccc939fd81f

SHA1
f126f76c332a942ee050264f55f80c5c0bd7dafa

SHA256
7be767cb2fba7ff492b0e82d7be2560147f9013e755a1779ecd00042a1c6798f

SHA512
4440299631ab6563fac4daac7ad68f22a63f18676637b8889c71c548aa9e348ca60044726fcc9b0052c135992df57454824ee4ff42d1d1bcfa8347fdc36dc0e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
31ed3993e65e9e24565d2e4b5f1136c4

SHA1
76fce32b871a71cfe030a105aaa5bfbfea267351

SHA256
f5ce4ee7d9b9bc418b54ea27bf1e199f740824749d8d2415ee787f47982bc856

SHA512
33d6b7419dba80c9571cca629339d857661891906fa5d0716df70d0063c854cbcc4aac7bca85b02f6cd3a01c250ddcdd229ad64d4df6c49da2f1ff8df1c0eeca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
42f1fde1206c0c417648478d00a417d0

SHA1
81f690d234cdad4c77fe395005f32703d2cd79fd

SHA256
96ed8f5863f39ad2979128faf60674b0eebcfcc7fcaba02fa8f0668051027f15

SHA512
a4929e260d7b7155080080a69d81bfeec9fb98d31097ea076fe27364a035895553ca440028dd6cd7e33104dc87be26ff27b962e56e0314e3a6c3c52497c52068

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
27aa68776b8a33d8d3d8f22fb7813f30

SHA1
7a397dc8d2d2dc07dd6339656656f3e1d40d32d9

SHA256
7db1aa0ece74f50e5d0ed06aa5df9cc977820557e25d03a6414115aadf1552ef

SHA512
72f082d3849b5b259e1033e935adbe698a70e503b3c545161ba7c0fbe2a72862949d2df518b16da6d0db6cefedb392cca7bfe8cc89f4c400eb7f751a28b441e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d1e5babeb27dba52f0b8362c9b106f10

SHA1
1ef7d13104c2a0999705c65624587105da160187

SHA256
aa4f266a8f3474733772cb395c5e899033e97485c9f29044f7530192adbc6c29

SHA512
d4b80ac71105c01a2bec64365ea69638da15779aed0925a374ab9ee0a2c9793694f349bb3d24a56fdbee09e1a97d12a3d58529a9a847b824540ba190e9e6e330

Download Submit