6414e247a98cde32c979df83a8328814e0698fec92e072ecb1cdff36b94e0bbd

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
31/10/2024, 00:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

80da2ef7466d202cefb3f36e087ee84d_JaffaCakes118.html
Size

216KB
MD5

80da2ef7466d202cefb3f36e087ee84d
SHA1

b880026efdb081618ac58fd9cdaca0167f481c61
SHA256

6414e247a98cde32c979df83a8328814e0698fec92e072ecb1cdff36b94e0bbd
SHA512

767bc8158e65b035ac2ad3de674e3ece07f5accce95ff985f8c935fa002da3c7e379c60404449516d3fb23e9505a09a57f88251cc4bd6e2b13fef12cb2045eaf
SSDEEP

3072:0MUkSw1iRYmRB7asDUUDMfDr9DcKDuaDZ9k1MY3kBD9biUacDcQwLK/K9odTh1Pp:0MUrw14Gwa

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 11 IoCs

pid	Process
4084	msedge.exe
4084	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
4936	identity_helper.exe
4936	identity_helper.exe
5964	msedge.exe
5964	msedge.exe
5964	msedge.exe
5964	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe
1104	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1104 wrote to memory of 4236	1104	msedge.exe	84
PID 1104 wrote to memory of 4236	1104	msedge.exe	84
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 5000	1104	msedge.exe	85
PID 1104 wrote to memory of 4084	1104	msedge.exe	86
PID 1104 wrote to memory of 4084	1104	msedge.exe	86
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87
PID 1104 wrote to memory of 1592	1104	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\80da2ef7466d202cefb3f36e087ee84d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8736146f8,0x7ff873614708,0x7ff873614718
  2⤵
  PID:4236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
  2⤵
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2656 /prefetch:8
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:3960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
  2⤵
  PID:1944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
  2⤵
  PID:448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:64
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
  2⤵
  PID:4808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:5500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
  2⤵
  PID:5848
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7376 /prefetch:8
  2⤵
  PID:6044
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7376 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
  2⤵
  PID:5252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6896 /prefetch:1
  2⤵
  PID:5592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7628 /prefetch:1
  2⤵
  PID:3748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,15013009881671599360,5137514249004857629,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4872 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5964

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4368

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2364

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
99afa4934d1e3c56bbce114b356e8a99

SHA1
3f0e7a1a28d9d9c06b6663df5d83a65c84d52581

SHA256
08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8

SHA512
76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
443a627d539ca4eab732bad0cbe7332b

SHA1
86b18b906a1acd2a22f4b2c78ac3564c394a9569

SHA256
1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9

SHA512
923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
2cd019efa329490d6a6fe09dff0903fc

SHA1
9a027b8fd254db4a6a95a6cf5a9214468e710fb2

SHA256
4cbeaf8b816b48be95fb88b6f0378439729019c7843fca312e4b2882b6be436f

SHA512
dd8dd8419e23e93480aef23922d8b7b041e60631a05127c90c3e833f3632b5a4615d6aec04dd1293c02a611aa85ebc5c92c2d0b02ca3dbcc48107e9985170ec1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
a80cc2909d7d07e24efaa6350c03f8c3

SHA1
176b7f9e024db334b73dc09b1aab4892ff3c772a

SHA256
97eeb260f963119d913b59235f4e07ce546a8be086a282e264838bbf0171d667

SHA512
623a085b0d819ebf84e1101e0d3588edaefa93ba568ef1e4bcf9afc5262866701ff5d0bc21939e1604282f8f7b35f70c4e2ec9d88c0cd6981dd4b840af7443b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
0e725d09ded8ea8e1ee0753eb4df673f

SHA1
aa1fe535fbc485d4f206ef29b82bd5865a5d040b

SHA256
33e0931b6294dd63b78158c6bf8dbbc847eab6936843d61899239fa672f15aab

SHA512
c83ebcd7512e208fb6c4925ec6da385245405ac1889ee327e57fde0221524a216230e2b8924b3805a4fa336c3375a3ec67023b7753fbd7b209813b8888e995eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
3148e99b1fa18e889a38fd131bca4b2b

SHA1
8263c48c3b8059b6defa14c130cd74f5c3ea4f6c

SHA256
b3f22eb8aeac271be7720b71d05184b0a98ecff73e3a42379e928ffe3e2bd800

SHA512
7de1b42b545c2ee2256d3b1afed33d4f613ed664147e0a292390eaabb31aa6dc61f03e79efb529251ba1f88c97cdf418f9504c803978000994e386d14539ca4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
212634466b2908359876eb29d7062dad

SHA1
842f0a0a19ced37964ec3f1b0cbf0921c9bd5fab

SHA256
0c8e24a5d89d1f9e850f8ae2b309bdd2dfbc3234430a91551489f47fdafed867

SHA512
c4fa6db652f8829311a1d0522081308716ff866b614455f6cb580bbbd4777c4de61c6627209bccd01e03e20331915b3b0ed48b3cd136c02777923137e1a76a38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
a3b2a40ea68b3e52af2ecf3c0eecfcc6

SHA1
96c3e710d9e39f46fd48c133271b6a8d2f7a3b83

SHA256
f15e27a7db0856e43aaba3b4a76eb8aff049c5b30f6d1bff081ec244dcd5e7ff

SHA512
a23d93f58a58292a7ad52da991697c06cb83ffbd5c9ae2b5f191b92c50b5b91fe42332a3f1fcfbbfafcd2e52c0a7d41549a0e7629228232195ef1188415be3f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
985c376bcea8c68d56c79a9de3a398c0

SHA1
d8a877e3dbdf4b5dbcba6286eb532b05d97a8cfd

SHA256
db6f4515f100a33c701b09564f18f8733769b037c1356f43120cb501047f3cf0

SHA512
fdc8bf0188b9f0943b86642838a11ec9143cd916d6e9503d04670dbc68c42fe53a4402b50670e3dc86384071a6d5e2cec75a1482d5c13e0be4aa3fb116be4dcb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
ec2d8c7251bc90c7caa03b2714c3a75c

SHA1
5243989aa6152d3165abc2889f6a60bf2603b080

SHA256
f7075ab8afc3a1142a9d0f9e84f47e66bef5e8461b68232321214a2ed490725b

SHA512
9702386f35c8a14821662635a6c3d9de708cf29af50bcbba5fd768a4d12bc4e1fb3ed3990bd004da39039b00595e65ec99e1e868f84130b47ba6814e2c046cb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
40109f97ac790ccbd03e775abfe12a77

SHA1
95170ad135c609708551f8f1dce593217fa11ced

SHA256
84b4e292043949147493dc6b03f5f540ce87a870440f2f0f63f5c0302f544bef

SHA512
a1219c576e0edf94ca1d57317f7c45b3f0fba8a14126c9eb285229d1db3ca8e4f6f9903fd48c786176cfecae148bc3dce40a29425669f68666097725c529f08b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584b5c.TMP

Filesize
538B

MD5
26f18ba2883e7d5b5c2cbfcee5400c25

SHA1
f9ce1cac45813f8825d4431e41549e5e7cb7f61e

SHA256
43530d719fbcd15927a091368131b96523abe0283fcd204b1b21a84c15b9e804

SHA512
dcb6cb5b31893e03dd6844fa2efce656ab8cfc8c54b340a330e99506a9b03fa67c387ff5443ff93e488b1e58e516f99986b591e6424ee42cdca91a99c9a1645c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f8ee476d1ed2bfc04e366c0a7e8cb060

SHA1
0159b19ab0658c1c9d3700f255cd098976ebd5ed

SHA256
ba0647d6cd790185b4c5bb257bba371f8fba0fac125f2f1a8ea38a9be0c175a1

SHA512
8d4dfe2c4976b8c541cad9411e192a0e068264e520a10604149800c44371114379fc7201834b643f1361eab45712d69b08194b81e93cacc6a54459c6ae070f44

Download Submit