1dc2e0e22f61d1f2dd0308251416b8e0e46474f1af6eee9d161d002766226c7b

Analysis

max time kernel
145s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
14/10/2024, 23:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

44bed8feceae7ac563d9d4b43571772f_JaffaCakes118.html
Size

27KB
MD5

44bed8feceae7ac563d9d4b43571772f
SHA1

d1a7839ee5a5abd403adca341c92af5837cd9952
SHA256

1dc2e0e22f61d1f2dd0308251416b8e0e46474f1af6eee9d161d002766226c7b
SHA512

f58438394841e9492f6009a84f894b656a45fd050bfe14505bcd46f7d77775c464130e9ef197e256dd43dc22b5fa8f673c6b221e02ae162f386000b1692f90ea
SSDEEP

768:xcIRIOITIwIgIiKZgNDfIwIGI5IVJ7SqIRIOITIwIgIiKZgNDfIwIGI5IVJ7SZwj:yIRIOITIwIgIiKZgNDfIwIGI5IVJ7SqZ

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4008	msedge.exe
4008	msedge.exe
3880	msedge.exe
3880	msedge.exe
856	identity_helper.exe
856	identity_helper.exe
1740	msedge.exe
1740	msedge.exe
1740	msedge.exe
1740	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3880 wrote to memory of 3020	3880	msedge.exe	84
PID 3880 wrote to memory of 3020	3880	msedge.exe	84
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 2672	3880	msedge.exe	85
PID 3880 wrote to memory of 4008	3880	msedge.exe	86
PID 3880 wrote to memory of 4008	3880	msedge.exe	86
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87
PID 3880 wrote to memory of 1860	3880	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\44bed8feceae7ac563d9d4b43571772f_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa6dc246f8,0x7ffa6dc24708,0x7ffa6dc24718
  2⤵
  PID:3020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2208 /prefetch:2
  2⤵
  PID:2672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:3904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:2060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2004 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 /prefetch:8
  2⤵
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
  2⤵
  PID:1112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
  2⤵
  PID:3068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,2296703811613240337,12536396442640658563,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5416 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1740

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2944

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:704

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3364

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b8880802fc2bb880a7a869faa01315b0

SHA1
51d1a3fa2c272f094515675d82150bfce08ee8d3

SHA256
467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812

SHA512
e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ba6ef346187b40694d493da98d5da979

SHA1
643c15bec043f8673943885199bb06cd1652ee37

SHA256
d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73

SHA512
2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
c6d22b3dd89fe2bb607e9cac58f0ce6d

SHA1
6ca895b1cb5edb71566bf39d9446815091341826

SHA256
d0381524ca2e98670e41042111393a90ceb93507b4c0e29e1a26d3afb367bfdc

SHA512
96d20133ec88d723dc94d3621125be21ff44e34573951d214eebd6519a821df65ffd3f0218e855f2a36c0221fc8788e374c101e66e79593d0f5edac76d01c56b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
5991c4c4cc0765638e3f1ed927fcf424

SHA1
7290acd2f11ad30a5be3a50e9a8ae4f02cd70f74

SHA256
e0df9cfa80906119c86b2f917db555c6cc0dd1c9e3cbe3a249eeefd9d6d6daa9

SHA512
233e674188481f09a6e36918b7ac22cf55bca59b31fe45e1fd208dc80802ce83b708e853b3b2c3c19aee50327cf4c03968636d72d76f6adee8ead01b702752a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
1110d745ffc7c8e1c0574f0e1e5149c1

SHA1
61da3f40bc83ebaec13b57e0df2dd6a01497e93b

SHA256
afa46ab35e678653dd67607c5b386293709b3560e4bf198e79f65494a2558420

SHA512
49987a838b6554bb9aa8a9fb760248f9da67fcb4ca5a2b75bdcced3fbe51c6e4bbfa1e0658b87d4c79b0ea2ba169b969142207a2e05a8e7d3212aabf24658fc0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f294df6e0bf953cc7bacb83c6e3b1471

SHA1
b91e7c9e6a9b130095211ac6d0ab78bca6797810

SHA256
51b4d4a249a07d4456d88638fccc4688700a9213221d6e5803c0bce567208ad5

SHA512
bcdf19d39d6d961a47f1956311d8858cb70f73fcbf8617c6ea86ca5d3b2734c5b9659b7a7b0a00cca4b267a586f37e08182250f5c09dc8cd31c37828acb1f675

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b6eaa536e8d7cdf854882d7c65b5dae9

SHA1
dbd9d49dada3a4296498aaa2867c7b34528fd17c

SHA256
1a02e364d986eb8dc2dc01d9e2b4a6499607f48c431c51c81a4fc1a342219902

SHA512
64c81a07d4e4a5003c17adbfd77c018b5a34f6f9d69b1f1f4bd4cb2fdd5b651b52051a547c20a0dce55947122629b46fea554cacb8f294c61a4ace5c1bb4ee1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
94a6c31860179ce48ce4553c5eae12a8

SHA1
08c4cdc373d0568d1ba04ab1573282d0b8ab3560

SHA256
81bd9b4d390b5998caa5a88eed7f3bf1219d5d29c53df2f872addf3941178502

SHA512
7ac3ecb73cb7f0e0e4b5c0e4f6a6da2f7c8c9b90412414a467ee4fe1c8eb49e737c5cd429052b5d8bb9dd7611660f1441e2dbbc3dd3afe5c58c61e6c4663fd95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
854aebf043800bfcac1a494bfe83bcb7

SHA1
8d082560298df4f1811f595c7b82eb90767edbeb

SHA256
fe1feda467bf07687d26736ce1f939e6279b7c273cadf0028f4b40247145fa2f

SHA512
153c932f9bdf10430123ae49d9bf4f51d50e82ec44e03db77b4ebb57562d8525fb1a369020b1086e6d31ff92c85f0ea88a1bf62d23f24c5c8ab639da95a40fab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58b263.TMP

Filesize
204B

MD5
8a8cdc645d644d355930adff85ef7033

SHA1
9052f4366f5e38c159dc1595d78c142638a6124c

SHA256
2bbff8268902ca61fc1229df50c987b0c51e374db741da7b231fe90e5a56bcf3

SHA512
1afa76a5fe3840c7020a2d55bfd5b7cf91219d56052f0e0d03b50cd7fe746847a926d3e1a21692e7c5911cb05f542f4f678dcacfcc96fb21a91f1edb3132ef4b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4ece6c9fe78516eba097b71291d45ddf

SHA1
2c7c2af8e0b4cc82bbcaf667332b83649e096da1

SHA256
4abb0e64eae1847fb350c23d74f7ea58e632c43568de1f1ff2932285062a9100

SHA512
e5bbd2e71fb6a6b57210fd946f6e7fc7669e2595c0ba8fdd11b9cefc61a70e950c76f229b7e1b93d0a83fc9ed777e5182dce971489c482d3b861b72a244e7455

Download Submit