Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-10-2024 13:24

General

  • Target

    6aa93b2ea860efc8b58f880706fdba22_JaffaCakes118.html

  • Size

    245KB

  • MD5

    6aa93b2ea860efc8b58f880706fdba22

  • SHA1

    022e5fddf89392972a677e040391b8f206903dae

  • SHA256

    77de49d10cc69673f99c73f1b7885b8029232d9c305cfb36af09b1964ebd960d

  • SHA512

    a15935367651bc4214e1838f232ba69ae8ebbf5b3a1fbaf93f2ec615f378a546ffb6ae4b31159f82527d3266be846cfd93a01493f2261cfba40438fd293b6d35

  • SSDEEP

    3072:e5Y8Njz2S81Ep2u/boSEmRdsJrQo+mhseroQlgjWb9DpcMlkeZAalXJ2R/I6t5EZ:v8RGSEmiQo+mhserNthEYZ

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6aa93b2ea860efc8b58f880706fdba22_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1168
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb346f46f8,0x7ffb346f4708,0x7ffb346f4718
      2⤵
        PID:2812
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
        2⤵
          PID:3064
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:404
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2548 /prefetch:8
          2⤵
            PID:2396
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
            2⤵
              PID:4668
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
              2⤵
                PID:4044
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1
                2⤵
                  PID:4152
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
                  2⤵
                    PID:1508
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
                    2⤵
                      PID:1492
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
                      2⤵
                        PID:5028
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
                        2⤵
                          PID:4084
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1
                          2⤵
                            PID:440
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6388 /prefetch:8
                            2⤵
                              PID:1416
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
                              2⤵
                                PID:4072
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2244 /prefetch:1
                                2⤵
                                  PID:1536
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1
                                  2⤵
                                    PID:4964
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7336 /prefetch:8
                                    2⤵
                                      PID:5060
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7336 /prefetch:8
                                      2⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:2288
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1
                                      2⤵
                                        PID:2720
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
                                        2⤵
                                          PID:2804
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2308 /prefetch:2
                                          2⤵
                                          • Suspicious behavior: EnumeratesProcesses
                                          PID:5700
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
                                          2⤵
                                            PID:5756
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
                                            2⤵
                                              PID:5848
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3516 /prefetch:1
                                              2⤵
                                                PID:6056
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
                                                2⤵
                                                  PID:6096
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
                                                  2⤵
                                                    PID:1536
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
                                                    2⤵
                                                      PID:5396
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1
                                                      2⤵
                                                        PID:5276
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
                                                        2⤵
                                                          PID:5496
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,8648315060940231110,13198268672593398100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
                                                          2⤵
                                                            PID:2424
                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                          1⤵
                                                            PID:3084
                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                            1⤵
                                                              PID:3176
                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                              1⤵
                                                                PID:5000
                                                              • C:\Windows\system32\AUDIODG.EXE
                                                                C:\Windows\system32\AUDIODG.EXE 0x370 0x40c
                                                                1⤵
                                                                  PID:4876
                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                  1⤵
                                                                    PID:5680

                                                                  Network

                                                                  MITRE ATT&CK Enterprise v15

                                                                  Replay Monitor

                                                                  Loading Replay Monitor...

                                                                  Downloads

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                    Filesize

                                                                    152B

                                                                    MD5

                                                                    99afa4934d1e3c56bbce114b356e8a99

                                                                    SHA1

                                                                    3f0e7a1a28d9d9c06b6663df5d83a65c84d52581

                                                                    SHA256

                                                                    08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8

                                                                    SHA512

                                                                    76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                    Filesize

                                                                    152B

                                                                    MD5

                                                                    443a627d539ca4eab732bad0cbe7332b

                                                                    SHA1

                                                                    86b18b906a1acd2a22f4b2c78ac3564c394a9569

                                                                    SHA256

                                                                    1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9

                                                                    SHA512

                                                                    923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

                                                                    Filesize

                                                                    19KB

                                                                    MD5

                                                                    8bbe477bb3173a6c2ddd4a25d1eca249

                                                                    SHA1

                                                                    308169a262eecb316e056c94acb0d9a774e0c250

                                                                    SHA256

                                                                    c0b6b6b634eaefd55fbbdf97c243d79cb6f2647cf901c74d7e8df39565a07f5e

                                                                    SHA512

                                                                    c9d4194cc3a1ad929bb81652e8ba341b8ee28176b02640596431449eceb61bd6c6939b33c16f504e03daf5d90f286da0e3b1b82ae8739ee1a78ee19e1b22277b

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

                                                                    Filesize

                                                                    32KB

                                                                    MD5

                                                                    dc8c7092c6366ba7cc8f3e317e9bd170

                                                                    SHA1

                                                                    77a2507044c17599c9548e5b6c967ed46643bf3a

                                                                    SHA256

                                                                    93fd1b31d4e1b3782528056019b8ab02f0e1fdacc7cc7ad8a3d5f8d15a3ed021

                                                                    SHA512

                                                                    9aa9847c60f9f0491703d374b6f5f81022ebd73cda8bb8a03ee55d71258eeecf3815428e3e71a2e25448f780efa097d1e097e8b65a41d69678277dfa3307fc2c

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

                                                                    Filesize

                                                                    42KB

                                                                    MD5

                                                                    101f2295c59a6c129b95bb68093aed06

                                                                    SHA1

                                                                    12f5843daaf99bdb874dfebaf10660c54ede2120

                                                                    SHA256

                                                                    9b59525954d9da17ff56cac0c0cda55bb6c4df6b7550fe68565fe0d24a963ac7

                                                                    SHA512

                                                                    f5e54b7609a1884253f1d05d9245def95b3721e1163ddabb6d32f5b31f824a218c60533eef25a6f91d8ae6fa314128ae258fdc341cf9a4f36bf378e874b5277f

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

                                                                    Filesize

                                                                    56KB

                                                                    MD5

                                                                    b8ec78bb4e16e36b4c33cf015b97bc25

                                                                    SHA1

                                                                    b3abaacc58ac0883555e56b6f4c41505bac740b1

                                                                    SHA256

                                                                    df39552da32d628c1bc5e288c1d2c01d043ebcc56d4b9cbe7adfb9f798941ffa

                                                                    SHA512

                                                                    01c6d82468a436a2b32f8121fd569fa5009233cd2628b8158f68a16a1228990c7b1f434496fd68d459f6cf84f47bb9570815e2e19fb11d5aadc4c7d4c6951464

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

                                                                    Filesize

                                                                    23KB

                                                                    MD5

                                                                    3035e2a02940ee3c5dc9839419e0bce2

                                                                    SHA1

                                                                    80dbc3c4b3481873283bed088d5c35fa7f0eb4ec

                                                                    SHA256

                                                                    8186c075828dcbcb36bd940bf9cd681eba6872e49a3c23fd7ea6a03d24cc3942

                                                                    SHA512

                                                                    e20e6ac8a0a74c161348bef5b69c93ced4892ebe5cd35173a057fc7eb7f7e958290fcaf22e10413c4d6b442d33679eb82f26cb5ca4f252984ecc6f0c4b179095

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

                                                                    Filesize

                                                                    48KB

                                                                    MD5

                                                                    070a4ed814a1eb3ce6f40d5c5f095096

                                                                    SHA1

                                                                    6037b9e6e679b31ee5f2b28b5cd5cb8982bc7048

                                                                    SHA256

                                                                    8fb466b37ad64bebfcff27fd80f4b50818ad5fe6a12b0a326c91e450a21ccfdd

                                                                    SHA512

                                                                    44772a053c1009990c24b654e6da16a99f740c3c57407f54efd3b570d0932565b6faa5af19b094ac58b27a5def4f41c2d191f6dad1e185e168f4a0acdcef1686

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052

                                                                    Filesize

                                                                    98KB

                                                                    MD5

                                                                    c94f545b30412bd8e2c80c5d5880cc68

                                                                    SHA1

                                                                    7f9b2d2f067ea2806d8e54de365db753b920bd8a

                                                                    SHA256

                                                                    c673a928541f4788c7b32c813821825e57c50059c4c5eac61b788fc62f06c441

                                                                    SHA512

                                                                    4ee4ca26e5e127089f9eecde230ffb979f5c2d37154bad1bab7387ca67d98dc05c027e63d2835d2a3637dc4c37ab0dc1ae3992188fee488cb761afbed7289254

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\05ef4af4f1483df1_0

                                                                    Filesize

                                                                    211B

                                                                    MD5

                                                                    de756abde25fe331bce07462b2dfe1ed

                                                                    SHA1

                                                                    0bd035e80ce3bb6b88c8c4719a065c3c0595d020

                                                                    SHA256

                                                                    e1b8a95ab8d0e508137d563f0d2da4be05210c553f5f52158d96bb05eb553692

                                                                    SHA512

                                                                    a7f26402d53f5e4bf250ef3aeb515dd8244a43047fe21e5d4f8d8301ecc72ddcfffeb90770b9676ea9f85ae450a926ab79673e0d7696047bfcb6772ec10e3143

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\05ef4af4f1483df1_0

                                                                    Filesize

                                                                    19KB

                                                                    MD5

                                                                    6f58314a7e81c823c954e53e2db9d785

                                                                    SHA1

                                                                    37d6fbfb0f3947964be29d990dfbea989805cfa7

                                                                    SHA256

                                                                    89c9a40ad72736a48c6a7aaa0253aa39cfae0f8880cf2ddc8ba0c66de91a9816

                                                                    SHA512

                                                                    af0d7a133fc18648f3ae16e87b5295b459516fcd673e5d8246a4a1820382cf8c2ea836861e4745c433638ef198c01ab47d1b0f7240cbb0c9c94fac7aeaf2ac1c

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\09a56f4fd5be915a_0

                                                                    Filesize

                                                                    211B

                                                                    MD5

                                                                    b7e96cc3ab501c3caae81aac369d871c

                                                                    SHA1

                                                                    95280c91ef177b6733fbefed062dcae95e48c197

                                                                    SHA256

                                                                    b77707d885743a9201433c4e436314921c1e8157ef4229b087d4456c8048fcab

                                                                    SHA512

                                                                    5064d085626260b0abd08322813e6cd7e4f59b05d90b3a291121100d1c2222d278e422f2f1f041f08c98c83ac9636c0b7fb5540065d2fb71a8065ca86ea83695

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\09a56f4fd5be915a_0

                                                                    Filesize

                                                                    26KB

                                                                    MD5

                                                                    cd35f463a795766c43f0066927297868

                                                                    SHA1

                                                                    e6a39804f06d709fd015fbf68039e7283b9a0be6

                                                                    SHA256

                                                                    59af92493648bf65955afa1faf511a240a1693c75695728d9f8996ba3e53aee4

                                                                    SHA512

                                                                    224389a8f24b8c3637d64e8c5556912923cba99753b06705741973d46438cad771289c3e364db913e2e67b6a8a8cab768892ca8e80f553f9c2308717f75cb54f

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\09a56f4fd5be915a_0

                                                                    Filesize

                                                                    259B

                                                                    MD5

                                                                    e5d0b0018184989e136373e3be86009b

                                                                    SHA1

                                                                    f13aee5ed74311617d09189c17b08ed97ce88345

                                                                    SHA256

                                                                    f1031e0b2ecef22062d3f7c7092f175c3fae28163fb6b82d3e08fb5b309f4d5e

                                                                    SHA512

                                                                    78386e50bd814095ce4f210c6b506950a42661256ad91809f185ff780282cfcce98add3823e9a580a63e2123dd99cd530d72d979d1a820927332e1c781614c24

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\695d47bcb374e76f_0

                                                                    Filesize

                                                                    148KB

                                                                    MD5

                                                                    c3701c66dba627271bc5fe1bbf62ca47

                                                                    SHA1

                                                                    7e524cd3be8819ca09bf88223d0cd29c502b274a

                                                                    SHA256

                                                                    2893e343b0c1f2adbd771d57642f4afdc770424e967e2b21993ac3aa767db530

                                                                    SHA512

                                                                    64ba84005cc59fdd5dfc1d10d6e6e41366765fe3f93127836fcc11ed871a1fa88fb4cf26f0c6d04fb1e071e090ac3198dbc43a8ca5d2f4bf1d7c9839b1937fbb

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                    Filesize

                                                                    768B

                                                                    MD5

                                                                    3b4df40ad5aaf971e88a3565b0a0ab3f

                                                                    SHA1

                                                                    f2b6511ff28b29f48a9197be0e231ead742f0277

                                                                    SHA256

                                                                    c43ca2a789b9d6e9f1847c577e248b798e3086d0e6ce0a784a032b4bae66f624

                                                                    SHA512

                                                                    98ee32ca4b98fb12181ec46155816032a878e2f209d6f2be39d1a72d366b26f4461ddd357273eded10431b562835ea77d44fdd1f886164a415c0cc199f17cb8e

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                    Filesize

                                                                    1KB

                                                                    MD5

                                                                    cba6716c56d9a4549a07138f9562d82b

                                                                    SHA1

                                                                    6871d42bd4adfd6eec76c1c787ae687cd2694e01

                                                                    SHA256

                                                                    4c8959382368c846f8106b6c16152a7851375ce973967b6ce625647b2b3bf561

                                                                    SHA512

                                                                    a07dde5594e126ceb7b63ff981340ff042e900031c89e1f2f173cc5916c45954d4d3ba23d7c401b9e6b59888ac5806871803113095baa65591a53cb7e9fabcd1

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                    Filesize

                                                                    648B

                                                                    MD5

                                                                    924506bb4fec00700cf741b48dbfdbc6

                                                                    SHA1

                                                                    c47a6316211424c59db94b437b39671195745918

                                                                    SHA256

                                                                    2eaf4340e18b547fd743009c766c36b8bfea45c031a454444487b4396445700f

                                                                    SHA512

                                                                    79cbcffcf0f510f11f903baf61185a9f72a59b0f00232b7a7e63eba4d048095215efb24c1527fc1f19931e7bd5d6ea9da8a2ec36bd018ebbada21420aa6253f7

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                    Filesize

                                                                    96B

                                                                    MD5

                                                                    a3aacb0e67f4f08c3d94f29665ef1072

                                                                    SHA1

                                                                    1dd976c26c98394c03b118f4adcd2ae976cc0018

                                                                    SHA256

                                                                    5d87ee3d983582eee655b6255d7e4f433861c15091a37a5903a3a86e2e3886f6

                                                                    SHA512

                                                                    47e754ceb583c1d9ac45bd266651cab58359e66d8298feb4a97481b590c46a2fc20fa66b83ee9cf91707a05bd656ec2e271eab04f927ec7b4c308a7f503ff45a

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                    Filesize

                                                                    4KB

                                                                    MD5

                                                                    90068237de32546bbaae7f95925734ff

                                                                    SHA1

                                                                    f6fc27d186adda04980501e86cd0360dc819f431

                                                                    SHA256

                                                                    97e1f2bdb4215259bd7d487426e343ac95fe33846d40e24f44921a884734f577

                                                                    SHA512

                                                                    35b6db69635f210c94254c8a13829571203192611137e0b54bce380e292a0961954f6ab852affc7e1ced5bb01dd6206228503d792ef4edf52eb8240d247ba3f4

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                    Filesize

                                                                    6KB

                                                                    MD5

                                                                    38395b9861bd78a548e87fcc43982c18

                                                                    SHA1

                                                                    bfb97387918a43bef44e63c19e31797a6055fc0f

                                                                    SHA256

                                                                    1739c8cbe74e03eed31ebf7645ad384e13c2f295cdad025a5f951a0cf527aec5

                                                                    SHA512

                                                                    8bcbdf6513451da0f5fd4da8439175616da0499fe76daed35ed039257e1261f996d8bb782d4ff32bb53223fc0296c2c6e209744b8943742bb85134bd16535823

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                    Filesize

                                                                    5KB

                                                                    MD5

                                                                    56cd9c3d1d3a488bfb5c6734ffd1ee23

                                                                    SHA1

                                                                    bc7ac270f17041d2c3eaa628946e1d0ff9c9e9cd

                                                                    SHA256

                                                                    b76335dcc2e764576ec0c93aa4f08b6929d500fdece0bf931710c9facdea7773

                                                                    SHA512

                                                                    45e09fb9e24a9ca288df4d466d987be55784a15f2d50f94aa12388bd23947c59a5450fba2de25508cd1bdea035fce1ea78f78444ce2c9dd527d37c7486357fab

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                    Filesize

                                                                    10KB

                                                                    MD5

                                                                    8ebb0d042dab192913d9507ca6117607

                                                                    SHA1

                                                                    71e434310e99fc0cba81640121dbf95d3b5cd25a

                                                                    SHA256

                                                                    cbfe88050108e9be25f54f54597ce6fbe78f34860908fa013cb5e796f6228354

                                                                    SHA512

                                                                    89a504c3ad37d6d7df9dae2c502881a791f4f7f267860ce3cf3c5e14df56f0a4d0aab72ea2d32319ab78fbd7b4f2a1dab4a57d49158460879eb21828611ccaa3

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                    Filesize

                                                                    9KB

                                                                    MD5

                                                                    13f199e43fbdc44bca3c4ffbde78a47a

                                                                    SHA1

                                                                    acadcc929014c7086aaffeba45a32615e7605d2b

                                                                    SHA256

                                                                    2945f5357da128091983cba8074e1d414f4929ca3748fc09c5794c4bd9a5ad92

                                                                    SHA512

                                                                    046734a52506decc573b78bde78ed12925c409cceb4d584fd739dd173fbf42b42f8ccb25987faaac6d90a44bbc5f6b471139229fe0310a126cf04a5973a0f39b

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                    Filesize

                                                                    7KB

                                                                    MD5

                                                                    462f45328edbad93f407ed37cd71135a

                                                                    SHA1

                                                                    9906c387f7391303d0dfc46e02f1f3fb60cc9999

                                                                    SHA256

                                                                    8d7206fa5a216d7d46af96effb05250ed4dae3e34ecf86139932f943d6c501fa

                                                                    SHA512

                                                                    5d9185a9842b21c5ca2700ac55ad5af74e649e8a9001b810544ad26f11cdab518e7df4bcc1ede5dcf79fc4475a5041ab8fe6aeeb01236731a3165da181e8b14b

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                    Filesize

                                                                    8KB

                                                                    MD5

                                                                    7314bffcf4035c87593bf24623cbd52f

                                                                    SHA1

                                                                    13d036c1021300f6e180c7c167793e741bc6ad5f

                                                                    SHA256

                                                                    17c6e8c79ebf4e85cd8216c69abd7601c46754af1e3be934bd4a9777ce723573

                                                                    SHA512

                                                                    ab963e99cf2b4373472fddb477a1bbe7cdcf7cbaa7c85d1423aafb8bb40fa49ca8640eb6b91afd93ed355e49883c9af61a24c175a281b8437539c07391b38d12

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                    Filesize

                                                                    1KB

                                                                    MD5

                                                                    2156d6af7116c3d5c78c02309f1d32c6

                                                                    SHA1

                                                                    dad201e6236c89a1b4c6557cb2d13d6ec1e61c9a

                                                                    SHA256

                                                                    e8b8c2982b089d829a2df0a6e517535dcfd4b942f4228b62a819f00f9c6a6e70

                                                                    SHA512

                                                                    b459592411a09fcf21cd703d129378327d2029a4c4e287e4d64146a15d67c28571e6f91a4f98ce86d112ef456e51794a6674f9f9ce39718047944dd88a7c5f05

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                    Filesize

                                                                    1KB

                                                                    MD5

                                                                    39cf0e5daa46c5f527c894196c987d6a

                                                                    SHA1

                                                                    29d73e71364a5939d1a92f23ec96a42a87eaf374

                                                                    SHA256

                                                                    aa9c3f98115764214c9c4a46e11e87b6d2e11b38ffd0261ec924a3689c9b1063

                                                                    SHA512

                                                                    85c28971e522b868305d7b9a5c4371d00978f7eb699a2ae716e62a117bf180c3270365f060a8a5874ff850fc280cc1a2f8ba2508f8fa0f6a9a65e9344508fde3

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                    Filesize

                                                                    1KB

                                                                    MD5

                                                                    567e5254f700234d5c9b83f012512d5f

                                                                    SHA1

                                                                    d7315fc8dd3f6d88f59fd10958f551b1c3242e59

                                                                    SHA256

                                                                    86934a448c4f33f3eea532a3be3f61bbc93ae243e65cf9a99e7893aaeace674b

                                                                    SHA512

                                                                    68d275320f8381486d630caf149ba125ea6508d385241535d83f539f09c8fb51482ce8796f828405adc8e2784f5ff62514e30ad49fc695b9349c1b0bb5598112

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                    Filesize

                                                                    1KB

                                                                    MD5

                                                                    b6aa6133a562df65fe543ebd7d73dfd4

                                                                    SHA1

                                                                    39c478852916abeadc1a3614cbb513caf7cf5dc1

                                                                    SHA256

                                                                    64ce36395a26828dea041988a92ced9a9f280b46b06c3ba068abbbd220af8a84

                                                                    SHA512

                                                                    85af369a2cb79772474825e002c9ccf9d5e990936cea28e6d335ec12a806961670f44a086a902fa85ee0b2cbcaa18b6621b3221bc13ae5311054d5e4c1f39b51

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587cad.TMP

                                                                    Filesize

                                                                    203B

                                                                    MD5

                                                                    40b934c5a76083f8ade5cd6dbb695c3c

                                                                    SHA1

                                                                    f2cb649146533128fe4bdcd096246855ae25a092

                                                                    SHA256

                                                                    e658346759a3d3eca5dcaf60ef3cd20aee10c65693f74d500ee53b280f2479d8

                                                                    SHA512

                                                                    71f2faac6273c2c652eebf67c3add4aec5b5507ee4e3bf0985c35119a9270e66afe56ec27108bb3bd1691e6bce60d31f306e19973f4c829b59219b41e1663d2a

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                    Filesize

                                                                    16B

                                                                    MD5

                                                                    46295cac801e5d4857d09837238a6394

                                                                    SHA1

                                                                    44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                    SHA256

                                                                    0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                    SHA512

                                                                    8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                    Filesize

                                                                    16B

                                                                    MD5

                                                                    206702161f94c5cd39fadd03f4014d98

                                                                    SHA1

                                                                    bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                    SHA256

                                                                    1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                    SHA512

                                                                    0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\debb5687-e1bc-45ec-b7a5-fe8652cb7fa7.tmp

                                                                    Filesize

                                                                    1KB

                                                                    MD5

                                                                    1f8ef5b079af90c65dc4542fbedc356a

                                                                    SHA1

                                                                    cb0b1023193aa0a3352ed931185f0564a6eb2f6c

                                                                    SHA256

                                                                    5550040e76664e1b65f9aec53e6e14c01c8c18fa56b7a920a1ea3c68ff202a25

                                                                    SHA512

                                                                    e641786a865201469ed955203430ea4d646489e1adbc7898cd40fbcaed63fa89e4a267a53ea190b5b3dcf9ba887cf4ade3ef8a8e133c1e758177f000aa2f03e3

                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                    Filesize

                                                                    10KB

                                                                    MD5

                                                                    6ca67c5d471455696e5b0e278106aca7

                                                                    SHA1

                                                                    8c22d144545fe2eef750f1361eeea78cf5ca3f36

                                                                    SHA256

                                                                    3c8becc01efcece46b1065040cc6df91865d1219aaa8a9ddd97d06b6c0b7f959

                                                                    SHA512

                                                                    8b650e659c59cb851a0f5424ef571617b420b28b2b5a78b3b9cbc4816ee58bd34e53f028f1b5f4f9a2b9357bf9eb84a049afc19930ac86fb91ecb9898d67df94

                                                                  • \??\pipe\LOCAL\crashpad_1168_BQVTJDYIZXEIJYES

                                                                    MD5

                                                                    d41d8cd98f00b204e9800998ecf8427e

                                                                    SHA1

                                                                    da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                    SHA256

                                                                    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                    SHA512

                                                                    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e