a3405d104d6060dc70b98c881b9d15762e647fb44574fab89bb3ad56e629e4b3

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
13/10/2024, 14:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4079e073d77b5b2fa5bdda19dcd2c207_JaffaCakes118.html
Size

13KB
MD5

4079e073d77b5b2fa5bdda19dcd2c207
SHA1

2ec5306ac4432f9f81c19025040f8db901f515bc
SHA256

a3405d104d6060dc70b98c881b9d15762e647fb44574fab89bb3ad56e629e4b3
SHA512

15f19134159df4bfade766f6111550478319c7115240b460e77e4d96b8bd3a3d06ba35dba4ade3cb94b27309fe7215c03c083feeeb247e0f2dc8232890652a4f
SSDEEP

384:4yyuxcrktmDL7b2A0xqARaePXg1LVabTS2V:HcrktQ7b25xapobTv

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1792	msedge.exe
1792	msedge.exe
1296	msedge.exe
1296	msedge.exe
2196	identity_helper.exe
2196	identity_helper.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe
1296	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1296 wrote to memory of 740	1296	msedge.exe	83
PID 1296 wrote to memory of 740	1296	msedge.exe	83
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1692	1296	msedge.exe	85
PID 1296 wrote to memory of 1792	1296	msedge.exe	86
PID 1296 wrote to memory of 1792	1296	msedge.exe	86
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87
PID 1296 wrote to memory of 2152	1296	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4079e073d77b5b2fa5bdda19dcd2c207_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a7b946f8,0x7ff9a7b94708,0x7ff9a7b94718
  2⤵
  PID:740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:1692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8
  2⤵
  PID:2152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
  2⤵
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:3100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3904 /prefetch:1
  2⤵
  PID:4584
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5892 /prefetch:8
  2⤵
  PID:3340
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5892 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
  2⤵
  PID:1044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:2236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6156 /prefetch:1
  2⤵
  PID:3676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:4012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,9243731033611974276,11269861473654745028,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2272 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1632

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3312

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1196

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
85ba073d7015b6ce7da19235a275f6da

SHA1
a23c8c2125e45a0788bac14423ae1f3eab92cf00

SHA256
5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617

SHA512
eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7de1bbdc1f9cf1a58ae1de4951ce8cb9

SHA1
010da169e15457c25bd80ef02d76a940c1210301

SHA256
6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e

SHA512
e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
215KB

MD5
1585c4c0ffdb55b2a4fdc0b0f5c317be

SHA1
aac0e0f12332063c75c690458b2cfe5acb800d0a

SHA256
18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5

SHA512
7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
71a271e76db38713e7b152e8cd948727

SHA1
d81c5c7f4aa66da22b4794e8a950bf2212389f6a

SHA256
a014f166f57e27ac736dd749409e87fa342f9f4568059add600ea60178fa7b27

SHA512
2f85a45d165262a7777e243104248e3d370ca568eb57bba120a235c72377538a2927875760ef85d2ece9bc6b10311a83f56ce5521e67e91e0c4402f072bfaae0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
020fb95ecc9b1d6889aa1cbc4b7dc609

SHA1
14c6e69c1828ace97c9bf00ba9ce918e354fbbf3

SHA256
6a2616f9e9de3c2ba74186ca365d748d83feea7994a12c28176b3fbdc4e0e5ec

SHA512
d64d6c40de508aa5bc2de9b1969a878869e43b3ef893c8d55868764f94c84306e9918db04329182fedccb90681c584a68115f678fb41e680ec9002bfd0086bf6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4e417fedd8a33b11ee1f8ee19eee943a

SHA1
e144f06d4341164e01f4e21224cea25844072e8a

SHA256
3b86af04b1c21b2d7f7ee94e76b744706717e12f464298eca775c14523f9b72d

SHA512
e685c2d09fe819ce4bc86ff2e6cc8fe34cd19099a3cf8654bc5a14c663a7d0421cf5cb47a0304830ad0aa331d9d19dbc0771fdcbf5fe8e995ef1a2dedb499420

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
91aa3d67d96ddd4f70e532b747e5c332

SHA1
bbfb520a632d8d5836f983380b261b292abcf26f

SHA256
79d5e673be64c182545154cf900f692ce1c1e7a2959dfad6943764b59eb39ece

SHA512
55d0693a0529875dc9b776f4304a545677359c9c59a7737e36c61e1a832cd36c8abb0baad3d3a4866f8e5d324e401b01fee0ba8b1b42b2a13489fe40885b0164

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f022c74e72ffa81dfca976f68a1ccd7c

SHA1
44174e6c683f293e056aa0612c906e796173a5c8

SHA256
05dfb6da2b016ef16ffbff6fa8810439b91c3df79d20784149e18482691f9f4e

SHA512
6af0f1e2060bc89ff4d6e14c16d8e38053ed8db1e9ec53320c7693db37dcb08c0825e35cc31b5a1ac09a96ab5918263d4df784493a916bd70909aaddf6762a4b

Download Submit