e6f8e4f8ec0e7b565c6ae460ef118304ba958881a8e0fa2accf93945d953b981

Analysis

max time kernel
145s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19-10-2024 05:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5b001a557d24078adf69986ead1a0d1c_JaffaCakes118.html
Size

94KB
MD5

5b001a557d24078adf69986ead1a0d1c
SHA1

8c529c91c3b2dab3a5ed8b34fbedfd595577f9b5
SHA256

e6f8e4f8ec0e7b565c6ae460ef118304ba958881a8e0fa2accf93945d953b981
SHA512

a55c1771df660b5be0df2fad6dbdcf0bd16e813f4d196e16994fa659a50ed58b50706f70418d77971de5fca021c3ea0be1090a67e9f5df7519194428faab9f2d
SSDEEP

1536:Wwgr8VkeO3weWsU+lJsB70dbqDiy4dIASu06hI8EYgMOKaS6cgRrWQBrS:6eO3weWDWy4dIASShI8EYgMO/gQBrS

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2564	msedge.exe
2564	msedge.exe
1260	msedge.exe
1260	msedge.exe
3548	identity_helper.exe
3548	identity_helper.exe
5312	msedge.exe
5312	msedge.exe
5312	msedge.exe
5312	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1260 wrote to memory of 224	1260	msedge.exe	84
PID 1260 wrote to memory of 224	1260	msedge.exe	84
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 4996	1260	msedge.exe	85
PID 1260 wrote to memory of 2564	1260	msedge.exe	86
PID 1260 wrote to memory of 2564	1260	msedge.exe	86
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87
PID 1260 wrote to memory of 4812	1260	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\5b001a557d24078adf69986ead1a0d1c_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa4bdc46f8,0x7ffa4bdc4708,0x7ffa4bdc4718
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:4080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
  2⤵
  PID:864
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6908 /prefetch:8
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6908 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
  2⤵
  PID:2156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:5892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
  2⤵
  PID:5904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:5916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4004 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:5276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4624 /prefetch:1
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,18093903921271962388,6714579082489799657,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4804 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5312

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4184

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2520

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
85ba073d7015b6ce7da19235a275f6da

SHA1
a23c8c2125e45a0788bac14423ae1f3eab92cf00

SHA256
5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617

SHA512
eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7de1bbdc1f9cf1a58ae1de4951ce8cb9

SHA1
010da169e15457c25bd80ef02d76a940c1210301

SHA256
6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e

SHA512
e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
71KB

MD5
da52e38c98b0f2047abeb07609608ab5

SHA1
da1210caff36df73e49a0c271ff7d573c2d20d02

SHA256
726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

SHA512
35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
61KB

MD5
468446a7240461af44b59ebb2047c231

SHA1
47b7c525dc91bece99df0c414960b9490b986ba8

SHA256
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

SHA512
ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
23KB

MD5
beda68c7227c7a5a9f974b1c74d257a0

SHA1
8a03576d27c23e9612bcbb5b9e758e4535ee4c81

SHA256
e9b270df7c8655f05f8336e4897debbf71a38a69c3030f33031376b4257addb2

SHA512
4e178897f5ae13f1cbb2b374918e22b5b281a78e3362fd6125701776c8826956c06153147840b52aaf4316bc8078059f83ee4758d84cde70190bde8f1f36e619

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
39KB

MD5
5aad136827617c746d22b0ef44818ba6

SHA1
ace176d18c8967f60c7e715415c6ffeef432d2f3

SHA256
a9dc2e5a77676b1b17c0a4fc7e4cb6ac5b8b51d598a209de6c8319dcde14b51f

SHA512
553a8e2935dc2c3d28bb58a69e7f853eef757b06841a16f63491c421bcb4f650ccc8a11ac12fdb68fa11679a4e8f06d02689b575ac09160e471f804f52af2515

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
54KB

MD5
7cedccbea0d756b3a68703a24d5e500d

SHA1
ae882d970b8477cba25ae1357a0a517609dd73e2

SHA256
18e3493ef16f3c20a640d128d203ec4cac8e1b2147d7996011fe58b846dde724

SHA512
c094739bba146608e1be8661e29383d779bde2333ca02e49de3821b5ced0bf9b0653fa871876cf8b24a110a7a5cc8953bdd6995dbad2fc746cdbd57df2130d55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
275KB

MD5
81a59fb37117d6cc7d4fce23eca3514e

SHA1
dc2e3bff29a902369af6f2026e0e6c002849d2f4

SHA256
b18d1e1a49bf79bcde5793704cb793d6cf8cd9d0cf37b452d5e1b818679744c1

SHA512
e65155cd9d6cce833ac73e82f40b114a6d6c238c56748eca482ac276018e9533a0ce7158762d31c8c9c37c08b9269daf85bc014b174e715cd557a063fb7e4c24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
77KB

MD5
e78dcf7b11e68d8c546618e0a2fdbb20

SHA1
bab5b1cf89a72dfce80ddfdf4036d4bb7d15201d

SHA256
1e8dc439140f84f1fc7cb2163abc91cdfda24d78713b505cb57c5b3bd41eaf36

SHA512
cc2ae7214938f673026efb7a5607ad5cbe2400e1e4acbd9304942a7309b841704ed4ec0b422fc14d7fe1dda250fc3855295341549015c15923c45394b887a8e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
17KB

MD5
9a7dd9a35901af572b85bc2285c31570

SHA1
dbcecdc6e62bb59b67d353fbbe581b80fa73f996

SHA256
11f3acc6794c6a6ca750e20311a1bd3ba577403a8e4da9f3c126a37979611d33

SHA512
ce51affa26857732cd3396b080828f0b72135c08f3292f81bcd97f2969ec2c1c1914f59dc0389a8aa71189b174be97d7562fb5e4bccd9be72b96efeba63453d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
33KB

MD5
d37777717c7d1df5db3dd0c15811666b

SHA1
7f975c65e6ad79c425ed6518f09ae87d45480c62

SHA256
ee55e3621562447e937ea2f351b96a0eecade19fdc0724b121c6179924d6b2d8

SHA512
aaa02d1ec66c394528ab25241b07b04a6f99e9cb5780b0a7c87d6d0170a05b6e1723d97e1c2e43a8f6b9b27332533ddc0f955c2ad270602e793512e9ce3d447c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
42KB

MD5
101f2295c59a6c129b95bb68093aed06

SHA1
12f5843daaf99bdb874dfebaf10660c54ede2120

SHA256
9b59525954d9da17ff56cac0c0cda55bb6c4df6b7550fe68565fe0d24a963ac7

SHA512
f5e54b7609a1884253f1d05d9245def95b3721e1163ddabb6d32f5b31f824a218c60533eef25a6f91d8ae6fa314128ae258fdc341cf9a4f36bf378e874b5277f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
75KB

MD5
d0423d1926f9891582cb2d7a92d128df

SHA1
3fbc2ca2ab9f4550f0d1e71bb84f0c2fc883eb57

SHA256
8025cb16b5862fb9bed473a55155ed7e28018060548b106d001f921c63af9375

SHA512
4db6a4f730523cff0cfc3a11fd9b2ef6d4cb59b4812fe43b15d287ba68e24a477e8223f8d28a1caf964a6e1363f46f8a71a247a230818c84f47e9c64c0711cd0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
32KB

MD5
d5e7010be08a3b3b32d0f2e15f0db678

SHA1
07e63904af69c941eca8ad9c56a84bb372700f80

SHA256
7be914ad6e16c431f6b03f85e51d9ebd599b4c1ec101076e31dc112a0bfe0b3e

SHA512
3d7d5d0337c615abc00f027223f3ce077badb608eff665e417134631c62828bbabe931498f52f77d6d3efbfe66d1d342f4a7eefb4fcbbeb3030e671f349700d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
20KB

MD5
d35069a726e91cbb4bddb37625c2e967

SHA1
2e42a7cc045e4dee24bc38d559e444f015c17f4a

SHA256
5fba16dca8cfdc08b8455cf2f88ff64dbe70619bc86d410a564b298c5f109d21

SHA512
83d83637dbc83322189222d87e45e5781a757b972cb1b0e5004d99f1439332d4606a607740280e9031804ccf60c734a040c89bc0972c85ae9d139cd500058b2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
115KB

MD5
425e308bbc7596b08bcc89101e3acea8

SHA1
7234c0d1a14d4dca9b9b83c81a430a593d0d0e52

SHA256
a9181fa533a95e3e4f25b407f54f81190197f25e392ee2c6de85b9bbddf25b32

SHA512
ac63e7d17ee330abc03f434aa846a3a476fbb721a42032ae2c73e036bb7889fbce6eb7e0b567a9ae240f1a080c2f22ad1acd75c033a50fa7383609df075ced22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
2f0f42134c1d04b55fca14fd534a6cd9

SHA1
0a1643b31d9ab615711da6229696552b2ca132ed

SHA256
edd68ced8782dfb84d5e9569fba1146e9053c5cec70112efd58a9c1f88edc387

SHA512
f7113fea42fb26b9f5ba07379ed165898341eae93bf226ee49c9408a53c3f999372d567f7c577c34f4e9bd9d5967b9405ca7d93410f373c53aeab9a86790fd0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
39dbb4fc45d693e3ce4bcdf3ca053004

SHA1
20a7bf68956992b7d320a50def5def489891ce44

SHA256
aab9f2d88fc8ea27fec811b847e98d3776a4d0a52af63eceffbcd2d2a06da7a3

SHA512
895d113b56b47ec988ac92f34f54397542a27cffd48834ae65ea4e4d7fa2841e731103f0583e2e6f391226449d6bc5339dfb2cb0b287aeb699de62d927d90d06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
d29cb44669476ea9b065d1f0f3f5c446

SHA1
8d3fa592e74a9ba8b852378c82c56c8a3cb74392

SHA256
7c80687ead7369bf4e5bbfcb1e97a4edcf600403a5fbf0431718ded7496a2e68

SHA512
2868636740a6fffa7968fa1d015e56ff36895893b0f30c4b9095b0b31f30c4918eff9a079aef3701df150a5810814cce51a91481752f2dbdd9417ce5eff5196c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
7ca702c1602d41b0f0c345b9e02197cc

SHA1
e43f104873c12967fc5f555881a212d257c57390

SHA256
3bfb8cb96115528b048d62bc5ed7363e5c6d342ed62b767d33fa6722cfc70635

SHA512
8a85a3e0c6874753bc3a30e11cffc8ad8793194ef05d9532249d3e062d8f24330bc8d56193a4d6b68a0f4835a0e9ec41ce417fe0405b2b96819942c48730b947

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5ec17a561771e4119d400e07894ce911

SHA1
b23867f4a65215000edf719ca9493e78bd1c19a8

SHA256
3330251a640656d6574127961845e8211020eb62f89cd3cb755d3a74e54aef16

SHA512
9f8c4783e3709c8cb9aecb62cb5acb79ff8f689fd3c8291d2466ed68e1d9daac577dbcc7656ceb5e4101b0e3b441dc14fb3473511c25c1ee8e3d32be635a79fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0e907d9c708163bbc0c279a9db222cbb

SHA1
f1ae124bc8d9c4adf49006274b6a3493cd250ca1

SHA256
073a38f0c236ccea70ebb1c1808ef410be5b4e75a2c1cc279e1072b53006f7e6

SHA512
fc1167e1e1815c54fb48516b2c9f344add6890f88e0ae6617fa93f12b481e9c2a128b7cff24366588c0e62005ea46316e8f3a26684244b325830e81a28207c28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b8daaeb8ced2518e87d9f0fb813b6519

SHA1
867dfb8d87d30390defb2f61239a41650b0c4365

SHA256
ceabc50256dc5c2e02c6b5b11b0379477d1d0a8f0ead66f181e51c898a1c2956

SHA512
4ab1ff77d103b445af345df7c490bafdc1026c70469a53626fda86b5d57ad80a3ff480ec7d583d684190f7171ba34a3b57812e635981fb86ae26a6d80a104839

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b4d754ab909add7dbc58d3080340e99b

SHA1
6fd20e2ee6221b9e066ff88fee191ed362f365e7

SHA256
c2413b1f26fa1c97cf84f579579221d646f1b40b06d064de9e47364c2b9fe74d

SHA512
1713ee6ddfa9bd95e52800f49f380aaeedbabc02e4232e58ff1d1a624ee1da65cf780282210e008fc77e9303883138c6632733b483dbc5dea33d9de77f911239

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8619a99bd633b5d467c4b29198e59290

SHA1
0521c9933cf68a6708bb801090dd85d2ddaf32b3

SHA256
a69cb860f4d2cdd5e5a98c4c07da96968eefd34d0623ea72e68d6ac0010f9e72

SHA512
193de0c608882d2a02fca80a3a1561accc42f775a51ac7837cc4742376e2592a91e76e2ed1262039675ad68b9536219e21b42938ec4fb3e4db90f9874800ea88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8630857e9254f85d5b92996fa2d5cace

SHA1
5145b5b595a4c707638915a679efb5a0cace1736

SHA256
baac7184b5ac88ab894b240000efaf0e3f52ad519ea7960f217d5f58277286bf

SHA512
3012c33fcd73f3fa8d25dc5a61a0d6fb7ec834ad33345b7b1f0fc32b06a9ba0ef578d2fc40fb9d43e92e9431ecb79a04e6688983f6933d3fbeec5b85c5ccec9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
8dba0bf4de044ab2fa0c681b01241bc5

SHA1
45639a1b36462b345b9f17975d4f4c74c4367090

SHA256
2c52dd33f494dec255fad539359c06f9094d52bdd507502b638a22e3a2ecec01

SHA512
e63cf6b1a9973360c5a000eb1efed8d5c711c55dffde1b1c8803e746814c42b9a2feef941b1999f05c0b3616d7cc964962340b4e140455ee9c364b32e006399b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
9e7f134c2997708c7520161f63a2ed0a

SHA1
cb0bcf3f60ea63f707688364aa31398a48a933b5

SHA256
965ad46e9352aa691cf7cf141a30657d986e318d16450a22210a82fa33f77458

SHA512
c5c3ab6236eed8f4b801558c9a4aba72243f99c9e7061519f281d8ae48502d65c143cc1a466c1c9b73ee89ea9bc75d20b4d6fd5354e8216ffb6ea4265dff37de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe589efa.TMP

Filesize
537B

MD5
6bb17300d213adb17f299dfa12c458bd

SHA1
872bf07762c0c0063393203d6dbdc42f2ba9283a

SHA256
ca7aee3d2b131fc35e93e868ef8b2ed56a0ded77665d477e06dbb796e03f21d6

SHA512
4f293fe80623c46f985614a2f86982ed53d3edd0515fec7e5d21d5d5ab5b31ad3d12a6de6b9e4f7dc79fc62048beef5460ce426698bd909e160f20a597344d9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e50eeca3-0d37-4d4a-ab96-860a02908cd2.tmp

Filesize
7KB

MD5
9657a77d548acff6c233433f3ddd64f9

SHA1
f3f52badf0f7efd381578d1855c8dfa0bacd439f

SHA256
431b1a07e64ca6a17f4fd0cfb71bcfcac79d55f514322a8ddb0152cc6ff3ce42

SHA512
628710187727a401a1fef9e320affa3ae5425656ccb3a50caf56d3dd5f3156e298d9a16c34e14e9f875c33389b83becb647d875f0c4cedb14ba2d6cb66be3938

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
0ecc74fc047a70042e98c4a1f2cfcc91

SHA1
ac609d3cd74a67b254cdf7f6bc911869e013aa39

SHA256
a00a06311a3518127bff71e2ed139fcc62e0405eb6b09f913b12a5dc33e61f06

SHA512
c8f7507dc2c47c036498e5dae0bcc95320df679e9f0e6e4ec6b74e56fcded79dc476738a1397a26860e8cbd762d6610143d602f6a6e5f779463d7e02b7595538

Download Submit