eefde149c7f01d2c00439cfec4df9897290861cdf053369bc4025ff756afeceb

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2024 07:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bc514941a78139e978e14d199c486b28_JaffaCakes118.html
Size

54KB
MD5

bc514941a78139e978e14d199c486b28
SHA1

dac0a46a73d320221d7e425596a5372c3d4206da
SHA256

eefde149c7f01d2c00439cfec4df9897290861cdf053369bc4025ff756afeceb
SHA512

b02437f9bb2fe7f006f5728aebb91ca738537165ed8056a38714b0d17374cd7d2b437c6db1ad077140e4605054938d46aa67d5e8a3bb420689a71611693a91ca
SSDEEP

1536:Visy0D5Vq+EYKjRQsuHVq+EKE/oYY9kYFXowwRgh/UDgLd+m8p1zrqsj:Visy0D5Vq+EYKjRQsuHVq+EjP8Ld+31f

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 11 IoCs

pid	Process
2600	msedge.exe
2600	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
1124	identity_helper.exe
1124	identity_helper.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe
3408	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3408 wrote to memory of 1432	3408	msedge.exe	83
PID 3408 wrote to memory of 1432	3408	msedge.exe	83
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 4292	3408	msedge.exe	84
PID 3408 wrote to memory of 2600	3408	msedge.exe	85
PID 3408 wrote to memory of 2600	3408	msedge.exe	85
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86
PID 3408 wrote to memory of 2668	3408	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\bc514941a78139e978e14d199c486b28_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f29246f8,0x7ff9f2924708,0x7ff9f2924718
  2⤵
  PID:1432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2024 /prefetch:2
  2⤵
  PID:4292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2488 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2956 /prefetch:8
  2⤵
  PID:2668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:3352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:4136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:2952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
  2⤵
  PID:4380
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 /prefetch:8
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2012,9534136185492526320,11951929982621844232,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4772 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3148

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5028

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2240

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\75ff4a96-0c27-4576-b8b8-6d515b6eb327.tmp

Filesize
10KB

MD5
a62c8c37c09f6feae5925bf987f39440

SHA1
399fa633e19c7ec7e918c6e8cf3a2a7efd4e3ac2

SHA256
246831fdc34b8f2e0dc65a93b4fd2d3c369164c5ae9867e49a3fd6700bcb064a

SHA512
91f0edce2823f63aab04d1933b69a7514239ca489f634a2cb0d9e7d624a89c45da7f694feec115b592f469f4fe970832e2d0b9e29482ebd901d4560109567643

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7cb450b1315c63b1d5d89d98ba22da5

SHA1
694005cd9e1a4c54e0b83d0598a8a0c089df1556

SHA256
38355fd694faf1223518e40bac1996bdceaf44191214b0a23c4334d5fb07d031

SHA512
df04d4f4b77bae447a940b28aeac345b21b299d8d26e28ecbb3c1c9e9a0e07c551e412d545c7dbb147a92c12bad7ae49ac35af021c34b88e2c6c5f7a0b65f6a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
37f660dd4b6ddf23bc37f5c823d1c33a

SHA1
1c35538aa307a3e09d15519df6ace99674ae428b

SHA256
4e2510a1d5a50a94fe4ce0f74932ab780758a8cbdc6d176a9ce8ab92309f26f8

SHA512
807b8b8dc9109b6f78fc63655450bf12b9a006ff63e8f29ade8899d45fdf4a6c068c5c46a3efbc4232b9e1e35d6494f00ded5cdb3e235c8a25023bfbd823992d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
a120f8df3ab4a748048e501188ac6139

SHA1
eac8059f21dfb2aee8dac329e283a1298208f8dc

SHA256
2c7bf7287b666afb676cfec6d190207d058631676272b28bdeb26860d40d013a

SHA512
5f769bec2b2cb2840e42afd083542b5c608090182e9bd360a911af0e549c1e31b98dde122c6e98efcaeb4204e79d277ffa3a58b7e11d3630875f9f4859471980

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
29a79ff6447f35f3ac9918745f17cba0

SHA1
29af9568af4d314a75d0b4cb335d5e331d83fcc3

SHA256
9645669f08d6f26056efd8d2828b98eacb275c0d2fabcea6c9830612a23924e4

SHA512
0a005a63a02d9f5bb84cfb55cb0f6802f6675074bfb730775b051c0327e60e6363d2ca891f34c686c3d1935508b9c462936bc2dcd7e422296ef000110e4844b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7ee702834994bfe1ce04a0996ced39d0

SHA1
363c2e374b5b45ad09e6c5e120d0b9fb6d836dae

SHA256
ab25fbdd275701d74db9c7b87e42b387d7584c22e633865bd95ce2cf90c67eac

SHA512
9b39ca05298fe95d47bb009c4e0cc158736feae10a0b727faaef0d2745596c22f543565d70737d18201e08885cfcc3b01cd31ba50c76f6256005a866ffc6cc6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
2c8778984437f4a4739bae3121cb9f05

SHA1
fbbc2e9607c6e9b3d955cfac9786990d4912a006

SHA256
268c64ead3605595f6a79f1ae94fb2450dbd555992f8dbcb9aaa3f9ff0215136

SHA512
dde7b1cec1b0db5dd7ecf9ef884a3e1f4f3b60878e6eaac704f2f6c1429f6666772df253e61e2ba6f6f5b4093e25ccf20a2fc7cbb5193a97fcb2fd2863aecf67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000002.dbtmp

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit