Analysis

  • max time kernel
    148s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-10-2024 11:16

General

  • Target

    6a38c219fd48ef4612bfe08918016a00_JaffaCakes118.html

  • Size

    76KB

  • MD5

    6a38c219fd48ef4612bfe08918016a00

  • SHA1

    86e27ab95ecdf378bfee7647dff17a48395be58c

  • SHA256

    1d018621ad6a0d415247ca71145c72e91e86b240f743997a53c9f299447841f5

  • SHA512

    dc33a1b7ff2512e30f79b9e5eefd9bc2eea39491eae5b4ddba7a7fa6ec6bfcfc59f1fa7350934ed4747d9d985530695316cc7a64cdb0b71b948b92eeb5f29ca9

  • SSDEEP

    768:BWwgvQO8s4/KJ8HO3xriZGPejixF5++ttfWaS6cgRrhFt9BU29bxzR:owgr8VSeO3xmZuJ51NWaS6cgRrhFt9Bt

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6a38c219fd48ef4612bfe08918016a00_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4932
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ffc5a6646f8,0x7ffc5a664708,0x7ffc5a664718
      2⤵
        PID:4284
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2192 /prefetch:2
        2⤵
          PID:2520
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3508
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
          2⤵
            PID:3892
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
            2⤵
              PID:3708
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
              2⤵
                PID:3172
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
                2⤵
                  PID:4680
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
                  2⤵
                    PID:2088
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
                    2⤵
                      PID:5104
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
                      2⤵
                        PID:1708
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6868 /prefetch:8
                        2⤵
                          PID:4040
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6868 /prefetch:8
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:5220
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
                          2⤵
                            PID:5232
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6432 /prefetch:1
                            2⤵
                              PID:5240
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1
                              2⤵
                                PID:5512
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
                                2⤵
                                  PID:5520
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
                                  2⤵
                                    PID:5192
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
                                    2⤵
                                      PID:5200
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
                                      2⤵
                                        PID:1708
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
                                        2⤵
                                          PID:5408
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
                                          2⤵
                                            PID:1804
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
                                            2⤵
                                              PID:1924
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
                                              2⤵
                                                PID:4392
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1
                                                2⤵
                                                  PID:4312
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5700 /prefetch:2
                                                  2⤵
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  PID:432
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
                                                  2⤵
                                                    PID:5688
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
                                                    2⤵
                                                      PID:5992
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
                                                      2⤵
                                                        PID:5988
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,10438696664640570384,5101730483894344537,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
                                                        2⤵
                                                          PID:1096
                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                        1⤵
                                                          PID:2532
                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                          1⤵
                                                            PID:3792

                                                          Network

                                                          MITRE ATT&CK Enterprise v15

                                                          Replay Monitor

                                                          Loading Replay Monitor...

                                                          Downloads

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                            Filesize

                                                            152B

                                                            MD5

                                                            bffcefacce25cd03f3d5c9446ddb903d

                                                            SHA1

                                                            8923f84aa86db316d2f5c122fe3874bbe26f3bab

                                                            SHA256

                                                            23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405

                                                            SHA512

                                                            761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                            Filesize

                                                            152B

                                                            MD5

                                                            d22073dea53e79d9b824f27ac5e9813e

                                                            SHA1

                                                            6d8a7281241248431a1571e6ddc55798b01fa961

                                                            SHA256

                                                            86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6

                                                            SHA512

                                                            97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\33a072a2-0788-4e0a-9442-d60856d9634a.tmp

                                                            Filesize

                                                            203B

                                                            MD5

                                                            c2642128cb5c53ba56d41889d6e8b924

                                                            SHA1

                                                            da898a1ed817a07a94c270ceac48baad0d099404

                                                            SHA256

                                                            61ea3ea0c76eb593d6709f651cd3bea85149b94930f6ad37433814d76fe19bd3

                                                            SHA512

                                                            71c43837b930e266686c4638b8ec7779bbfb605e35d5e52ef63f513c332f2cf7b1afda4e706355ace9b0ee5bba333758de6ecdbe8fb3435ddf9d7fe3a763b8e3

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

                                                            Filesize

                                                            71KB

                                                            MD5

                                                            da52e38c98b0f2047abeb07609608ab5

                                                            SHA1

                                                            da1210caff36df73e49a0c271ff7d573c2d20d02

                                                            SHA256

                                                            726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

                                                            SHA512

                                                            35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

                                                            Filesize

                                                            61KB

                                                            MD5

                                                            468446a7240461af44b59ebb2047c231

                                                            SHA1

                                                            47b7c525dc91bece99df0c414960b9490b986ba8

                                                            SHA256

                                                            ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

                                                            SHA512

                                                            ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

                                                            Filesize

                                                            35KB

                                                            MD5

                                                            aeeedfb5c652fe157e093e3bf5bbdd10

                                                            SHA1

                                                            549e91287fd28e50fc3a13c4d32188609404e173

                                                            SHA256

                                                            efdcf4b39ba18c96804ff82a6ee1533cb789958de5a533a261d2d078bee4a1a8

                                                            SHA512

                                                            a277464695732e7ae94df557c9eefa1544df9ec233786ba83386f52021995848d24f255ff49920e50e403d9e3400fba28e69be6f4d8b631473a99647162a8693

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

                                                            Filesize

                                                            23KB

                                                            MD5

                                                            beda68c7227c7a5a9f974b1c74d257a0

                                                            SHA1

                                                            8a03576d27c23e9612bcbb5b9e758e4535ee4c81

                                                            SHA256

                                                            e9b270df7c8655f05f8336e4897debbf71a38a69c3030f33031376b4257addb2

                                                            SHA512

                                                            4e178897f5ae13f1cbb2b374918e22b5b281a78e3362fd6125701776c8826956c06153147840b52aaf4316bc8078059f83ee4758d84cde70190bde8f1f36e619

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

                                                            Filesize

                                                            30KB

                                                            MD5

                                                            e99f1712e9ab2361d5bdeb29f499183c

                                                            SHA1

                                                            aa1ad85ed4ca152a807101ebfbf7636c49495236

                                                            SHA256

                                                            9d34a303f8c67d6d63830ae852e3368ec97c8237e82672fa2a144352d1ce9460

                                                            SHA512

                                                            686620842f086366ae8132128c7fd2e7037d2a319d975d5f633ba0160143567d10880e11027df2da4dbecb150991680c14a2773ba810c1560d69742344fa0e8b

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

                                                            Filesize

                                                            25KB

                                                            MD5

                                                            651759109c0101a3622ce3e8d4c98be5

                                                            SHA1

                                                            aa1838164412bbad08112a0895754c54ffd132d7

                                                            SHA256

                                                            01318a80813fcbf44ef73a52bdd7c85b69bef8edda8d63a247bf6db8e2068a06

                                                            SHA512

                                                            6313df038c265f147a5954d2ed69ea61431795e005cbf25dda05128adbe668a194c73322727c65201ccfda5ba2252fe9f6cee88b96485b85940b83254d0220e4

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                                            Filesize

                                                            75KB

                                                            MD5

                                                            d8f203b2035552bc109ca18129d0e91a

                                                            SHA1

                                                            0e05b046dc9ed4d7a7e50e28ede6a47093caec16

                                                            SHA256

                                                            17e9c7676d07cecdc4e7392fe1ba34f4271c576c0defae26e7476b51302a545f

                                                            SHA512

                                                            ca0d546fae68c1f58a4d3556f8fc114ba59642d8f9c6bf2a2ba2a6ea446ab01cc6944ee27f75e096d7d57ee14eaf4d13e5a5e355f23091c9f857c33ffd5c3ad7

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                                            Filesize

                                                            115KB

                                                            MD5

                                                            33c3faeacddf59e976122c44f9d16871

                                                            SHA1

                                                            421459761e4818a2d12877aeb3b507b8d1bfe3be

                                                            SHA256

                                                            3faabaaf9835ab20677fcbef1e7fcfc93e2b5ae3d3265d04bcc1bcd1e95d4abf

                                                            SHA512

                                                            d62c775dd4b51a929c0b54ef5b9086dc52c5178a6b6d0c4a4fb35f290e4794323a12af40e67cdd61aca81cbd0340deaba4c75474ed1326c21def2cae3ecdc8fd

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

                                                            Filesize

                                                            42KB

                                                            MD5

                                                            101f2295c59a6c129b95bb68093aed06

                                                            SHA1

                                                            12f5843daaf99bdb874dfebaf10660c54ede2120

                                                            SHA256

                                                            9b59525954d9da17ff56cac0c0cda55bb6c4df6b7550fe68565fe0d24a963ac7

                                                            SHA512

                                                            f5e54b7609a1884253f1d05d9245def95b3721e1163ddabb6d32f5b31f824a218c60533eef25a6f91d8ae6fa314128ae258fdc341cf9a4f36bf378e874b5277f

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

                                                            Filesize

                                                            46KB

                                                            MD5

                                                            7a7a882232c1ff94b2d394107f6186a9

                                                            SHA1

                                                            ea6590605d192f49de71c2f65d349236a5b324d5

                                                            SHA256

                                                            8779e0d3ed7c95141d156403a0f30fdf1ed42a318fb415365471a034b394d4cc

                                                            SHA512

                                                            880250481f66fd8eb0a0d836b74fdb531ccaf7e7611c673299976d673295155516fb2ebb919d2693fb9666be65db7e20f680287614b8b439dca6c854d6e7bef4

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

                                                            Filesize

                                                            408B

                                                            MD5

                                                            23e60c8a4c8fb56d38eafc10fa1d0792

                                                            SHA1

                                                            31c8ee30cc873b7a6dc2b0e94c1b411751084400

                                                            SHA256

                                                            cd1f992e7246f28beeada6e34ab7d2d9be236f55fd34e24699fea6486f8e614e

                                                            SHA512

                                                            8463be21bd1ff7fd9e03b0106edb8e0dc08eb68fcaab547f5605988e06a998f6fd4e0581293515c46e4c51ad49d5c2ce68a78811514853893bcafa60c2190279

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                            Filesize

                                                            408B

                                                            MD5

                                                            a1bb383af304da29c1b4737e6073825e

                                                            SHA1

                                                            6bc7df661879b06ddd493a27a451eca1fd853ed2

                                                            SHA256

                                                            6e5cc0aca803dfae609f10733c57625a6ba45ab7b92bf9f20c85eaa5a2473874

                                                            SHA512

                                                            c7d1b885020a27cc3cb085b661253c6263fc8611b45b3f15866b93395d666763ac09f95abc88c0f21147a3dd7197126b68b32944f10619cb56ec3e27471f34eb

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                            Filesize

                                                            288B

                                                            MD5

                                                            e9cf22c5a9adf54daeb4c080a4ba7197

                                                            SHA1

                                                            9eb91e8f430aa30b8701abebb57b1246e9197149

                                                            SHA256

                                                            c15d1a55a3af5ff0efc221e02c7c5b4778c0c0a3b4569f2498db625053daa73e

                                                            SHA512

                                                            2eb864a4bad0d32d890ee5fb418f9d79cc901982b577036d5da645221209c86938223488faf95331f3adbf277190375256c2f5113a339730abadd47e124096ed

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                            Filesize

                                                            1KB

                                                            MD5

                                                            78fa40089dedb929510ac6219e3a2713

                                                            SHA1

                                                            a9891cd7b73b271fb994c5e01aa8e5bb3c20706b

                                                            SHA256

                                                            6c4f8b0145a86abde5f0a5cdefef35e54cc5d5aab0d4806a650a79f77b6f0276

                                                            SHA512

                                                            d412be7804322820acffac57f9f72a83b9a2a726dad6ddb5cfd0a1f9c2ce25e41c2f6b13acfe4514de0f99591f19c06a0c86c644570945325c61694bf41af145

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            5KB

                                                            MD5

                                                            c6b612c2b101b0b26fa25b1d6b54d6c5

                                                            SHA1

                                                            35ef55d96a3ecd06e96303e2a75ed3861d911981

                                                            SHA256

                                                            b010befb30111ac3c77590017f4625a548522f97c9902f2a3324d9f5e3872f01

                                                            SHA512

                                                            d275268a6aae5570370c80fad755acc190e21a05efd0e6969d6b914ba763dffcb07b76b3e1cdefb1ef481c15f36bde9b8953dc9f207929dc622c7d26b4940e39

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            6KB

                                                            MD5

                                                            7ea1e7dd5cf5cca818e9e8fc6a2ab8c9

                                                            SHA1

                                                            ef58f7d5a708f154d7b31cc2de4f2ab77ed0ce07

                                                            SHA256

                                                            b96373ac3f444d14858bab95356942b3eac2a048ef5ad9e982650bf77006822f

                                                            SHA512

                                                            aba578f276969034aa069709ca2361ef3576130192bbbf125c1855fe4664880b4aa364699c96c952b360753644fa0acb59cea0020eaebc5f7868f86df74e1973

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            6KB

                                                            MD5

                                                            295598c59625fc6bd00d36353553b559

                                                            SHA1

                                                            39e99e36362e992bf7e4e4611b8675726f79f97f

                                                            SHA256

                                                            346b64822fa103a88a1da22b335d16c3a93ccf9c3813927b0a0314887f78672a

                                                            SHA512

                                                            b76211fe80771d251630d0b37aa5385c74b45b3bc0cb1e3d7993fa0556ce3fa64ec83d29351065c26c24c28774252d1b81733984c4ca026a5da938d85bce848e

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            6KB

                                                            MD5

                                                            ec3c84aed262ea18722fb1c053e7ceee

                                                            SHA1

                                                            1ee1b4775b7a3def2628fa569aa33688cdee2d92

                                                            SHA256

                                                            89ae0df3656ff24be4fd291311edcb3263aa74a66ef6616a8b9777c1d59be341

                                                            SHA512

                                                            7b4de8ddc95549f25de0b9176dd573f2327ef446f6c2c4729aacbddf4b841ddf6acbd2dd057bd8d8e98fd5e3426303cc6b9678e0b415212c3125cd4d7f47f98a

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            6KB

                                                            MD5

                                                            a26a1152419ec37c90621e22dcb0805a

                                                            SHA1

                                                            27b9b05b859379082fbe765291ca8cdd3a214043

                                                            SHA256

                                                            5d0e4f5a211f51bb2771d316e63c874bd341a9de02bd902205438bd0ad4ca967

                                                            SHA512

                                                            85b9feddbc69a2ea8a55032544c12a64781125ca9be6dc9bfa5459257c8af1cb28799e544a5f02d69ed82042479c1026e68bf82f0c3f8b2a6cdbf9a5d4f97ee2

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            6KB

                                                            MD5

                                                            d4dc642a0daf2de0e63bbad51cf64a49

                                                            SHA1

                                                            4d4afbc9852ba9b5f60b13dd22dd557edbbad034

                                                            SHA256

                                                            7f1940c3ebc37a31afe549460915711518a19b3010e90263c563b0e9a90a8c0e

                                                            SHA512

                                                            304d03a84e457cbad9cab7db191ba69342c15da3f64d8641bf183ad2bd852497a70ca9f414663a1e40f86c34cab13bebe3c6bbd2c4366016f41f5d4e75a49645

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            6KB

                                                            MD5

                                                            fa8264f9e8a6e06f9f057b8eb93728f4

                                                            SHA1

                                                            9c71650e2cce06345cf99d1593bbb71682ca4e78

                                                            SHA256

                                                            60f9cbd6aff4a9d7e299adac1c0e8b043fc279a091eb826bb1c848d2eb45ec6f

                                                            SHA512

                                                            de89b47b27daa199f1efdf8d2b0db4384cdc4fe77a0477452984bd8f5d7d91176df7fb186ff260b02a84827fade7143933879107dbb339b62f7b82ea75fb944e

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                            Filesize

                                                            203B

                                                            MD5

                                                            bef57f1fbc7854ea39ce81e315d03c76

                                                            SHA1

                                                            ca0c9daf6f67875341d43ebff9df97f166308ba0

                                                            SHA256

                                                            30efbaaa7b9f87d75bb6158dd2f312855ca107adaa6bb6d63c04f4406e924718

                                                            SHA512

                                                            2f247d586de9a277ed3984ea754bf333e21b3e70bb51e651ed53ee7843089278e0f7d909ab83c1d6fed68eefeeb010323be2865ded022d2edae936e21194239c

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                            Filesize

                                                            203B

                                                            MD5

                                                            d184ab9f076bbc4f7a7808f85abc9047

                                                            SHA1

                                                            4a914586077be52133c620f785a2f550f35722eb

                                                            SHA256

                                                            6e88bba24cfdea18655113cd5bd9e2bf882c08646062370a7f326e45899684dd

                                                            SHA512

                                                            56ab88bf01fb92ffb97f78b2a919143a56458f828beab0d38fa9d5cc2e1d66b581dc12266ec6dc6938c264764ade11ac665fce71702b0f9f969cef08483367bd

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5891cb.TMP

                                                            Filesize

                                                            203B

                                                            MD5

                                                            a11d5b8a7507c881a01cf30181aa6afd

                                                            SHA1

                                                            5cd13f513208e8323d1c845adb51f91f29ba2df9

                                                            SHA256

                                                            937df2740e1315987e18e4fd246cd5c6a9a8d2352a1671029497c8b3f5db774c

                                                            SHA512

                                                            a07c017bf5967b991f2f3b5ff4f36263ccc28085c9f480eac50d4e59d95562470344f2a95605253248e7e3dd966267c946e9541116c74a47f8f5130696451a20

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                            Filesize

                                                            16B

                                                            MD5

                                                            6752a1d65b201c13b62ea44016eb221f

                                                            SHA1

                                                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                            SHA256

                                                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                            SHA512

                                                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                            Filesize

                                                            10KB

                                                            MD5

                                                            8548f0c5eabbaea3172e90da0bf54ef9

                                                            SHA1

                                                            e5fb4ab2f858423da9319daabb2f91d0ccb6a5bf

                                                            SHA256

                                                            cba6d437ba56fdfb32e54c2a374e6d11da35b96828458148e922662dae1ee989

                                                            SHA512

                                                            4b507b22f84e952fb40e0f6bca88e6c646f955e445ebb57a880a2d82dc29f665da318a93e0fa1a7e199c7235266aab74124cd43f88c2f71bfce1dcea00c9aa6a

                                                          • \??\pipe\LOCAL\crashpad_4932_IATWQVJJEJFIFUJL

                                                            MD5

                                                            d41d8cd98f00b204e9800998ecf8427e

                                                            SHA1

                                                            da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                            SHA256

                                                            e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                            SHA512

                                                            cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e