3410bb18da6cf3c6aeaf26bdc26ba14e9b1d4569a1ea3d97b91da0b1350f3a99

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
04/12/2024, 18:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c3d24ad73af4c66119bf3cbda525b741_JaffaCakes118.html
Size

69KB
MD5

c3d24ad73af4c66119bf3cbda525b741
SHA1

889303df5c0f945b6f8f9ce14a403abba1b15107
SHA256

3410bb18da6cf3c6aeaf26bdc26ba14e9b1d4569a1ea3d97b91da0b1350f3a99
SHA512

4d3135dec95ebe9be5491c5154284330908bcf9f167cf38a66a581cf23ec1023b29fe27055fc9cbf72a783b4edc0da2dbdd4958742278f07eb82ec13d5de1eb9
SSDEEP

1536:2wgr8VkeO3QGicEcSvyBjBO+vI3aaKaS6cgRrmap06:aeO3QGicEcMyBjxeaa/gap06

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4284	msedge.exe
4284	msedge.exe
4876	msedge.exe
4876	msedge.exe
2880	identity_helper.exe
2880	identity_helper.exe
4788	msedge.exe
4788	msedge.exe
4788	msedge.exe
4788	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4876 wrote to memory of 2184	4876	msedge.exe	82
PID 4876 wrote to memory of 2184	4876	msedge.exe	82
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 2956	4876	msedge.exe	83
PID 4876 wrote to memory of 4284	4876	msedge.exe	84
PID 4876 wrote to memory of 4284	4876	msedge.exe	84
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85
PID 4876 wrote to memory of 2448	4876	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\c3d24ad73af4c66119bf3cbda525b741_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffed61946f8,0x7ffed6194708,0x7ffed6194718
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
  2⤵
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2540 /prefetch:8
  2⤵
  PID:2448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:3424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6208 /prefetch:8
  2⤵
  PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6208 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
  2⤵
  PID:3396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:3384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
  2⤵
  PID:4068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:2308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2168 /prefetch:1
  2⤵
  PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:2092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:4088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6108 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,999620478747641693,13054173182910761940,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1260 /prefetch:1
  2⤵
  PID:2444

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:920

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5080

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fab8d8d865e33fe195732aa7dcb91c30

SHA1
2637e832f38acc70af3e511f5eba80fbd7461f2c

SHA256
1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea

SHA512
39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36988ca14952e1848e81a959880ea217

SHA1
a0482ef725657760502c2d1a5abe0bb37aebaadb

SHA256
d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6

SHA512
d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
71KB

MD5
da52e38c98b0f2047abeb07609608ab5

SHA1
da1210caff36df73e49a0c271ff7d573c2d20d02

SHA256
726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

SHA512
35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
61KB

MD5
468446a7240461af44b59ebb2047c231

SHA1
47b7c525dc91bece99df0c414960b9490b986ba8

SHA256
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

SHA512
ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
23KB

MD5
1ff53dae34c4555156d935d6455b5e8e

SHA1
7b0d480ae156810635d33de2750d7de405c41c62

SHA256
b60890e621ee1f1885e164572c092e6dfcaca3d7c7e2b6cbf65b5acbfeb6a998

SHA512
103de10e245e4eeddd8611d30f62a74b16b364b5aa90c866c1d239649363e42cce013d83520b7e3fe2c17ca709421168f78736477e124dfa841dc021f512bd1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
22KB

MD5
facff96b5e015b49797bbe0e9ecc4f77

SHA1
d832c9564437f49d453f226811da37c3c02db4ba

SHA256
6c9a1602ce5868c43955e4c7c7bced6860006cf8b990457d3aa22ea2fb276b45

SHA512
f5cbe185ad4e967172dfe10ed683341b967d776f8ca560cf28261a8f1345f719b25766a9873f89432d22ee3011d79d5ab83ed7288cda8f82939e88254faa6685

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
55KB

MD5
22e3aeb2dc35b9370e8672dc495392fe

SHA1
a444dd4c85b4bf47ac63ac6d56d3899002f6da0d

SHA256
008c470da179addceef06eb9652f4f798df4257f0dc87b55adb337340f74aaea

SHA512
5e283847086bbbed02bb3755bb981a4a5767b4e08c9d2fe86dcd5e96c50fddce3f6c99e3c77fbc5a51dc112d33772947b821a8da5b5642275bb2ea9b6cdab695

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
47KB

MD5
0e53568484f8eab0056b4ebdb07b005d

SHA1
c0eff64de11d1d863a10cb9930f7fd4fa955e0be

SHA256
f0f643bfc9d61cc1f0ab82e08af494ff912d30bc57188ef7ab80fb749f5f7791

SHA512
22716f5812e0be638b8242b640b2688d92b6fc45679fb2951d35067ada54f3ad707d892e54b422c67b178b6f9526cc431948a13d3ee8a05faa3119c483160281

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
149KB

MD5
9b14efdc87c7b8c52ee51d91a6b49168

SHA1
462706fbcec86ed96d0cea6063e93f5cdde4e2b6

SHA256
3feedc82398a65222f668ee576c1bcbcf6b4c914aa2c45b12aaf81fdd4a7e03d

SHA512
6f84ab8da3aea0a3b2f58eb263ab36937779cb0bfb3a4034e34286ad4dd09dd3401e64f70f570247ac356e54d88a6a830ace1eb5e13f2366132c7885c0d4ba73

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
57KB

MD5
a1b8016fa5ffb68ba274ce4bd9a47147

SHA1
1343975465136dfad1059a8a3431c35aabac1b7c

SHA256
ccdb3fb2340251638529c54c11e1788f01c78128e56ac03ace0828a35aaec4c8

SHA512
b63ae98a0618bfd0975904416fa905e076235ca0eadb5b62cbce5ba3c70f5cb2e2ff826a5c2c56f04b864871323de8ea8ab69513f0b974929c67067ce04b7786

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
75KB

MD5
568a0a3b3744fda2519ecf60dd2225e9

SHA1
741c58037e3144629826178011ada1d54e6ad27d

SHA256
e99d39072f360f635821116c62bcc650b8d05dbeef71ceadd85cdadd34868cc7

SHA512
ea7459e9b8df97e35db6761699f37f61421f24dfee897200e997585e7c68919897ce9255214ec742e96040fc94ed71c513f51490f6cda291147f18f42ba28cfe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
117KB

MD5
30cf7c95951497d5eaf42859841ef31b

SHA1
b002ebab8842f4d02b6baac85c052e2a26f798ae

SHA256
9376da1091a6c4e7283e75a5672c76868064f90d9fea60246cd1af3e7463589b

SHA512
bce4b87e798dccfa6821b5e390245842eedaec4cb53d415ef2eaacc91a91a19a4848182971e4bef4e9d148c39b3316c353f37cb9e574392434af6b8cb20060a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
41KB

MD5
9631c594f55c395f07b12046cb8fbf9d

SHA1
cd6532d1689166c19477923c73083eaaf8cd21e3

SHA256
a56a5d0f5f612bd39fb02fa1ff7a721a33fcb841f40c48757381b3b7c4a25726

SHA512
5d3bada46dbc583755c279b5ff3c155e15f16d51b6522752ab289bdb62b71abe1d91def5733ef7e77fc01d127508d07e2c67e731bde26a478c4780c8918ba105

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
81f334c7dab7bfb0af1290906bed4555

SHA1
9fb72d27052e2d9e0bcbeaeb972859832d468a70

SHA256
70150ba7bdabafbd183fdaf26483144db10f22085c406b9861c4df4464996ed9

SHA512
5dd413602e32bbd4b40486de12f84fc2a21e1ad87f159f0c0ac4d08f2a30809cfbf575a5f2b061124517ae89be6da21b31ee6c9e8035879c27360f7fb16ea6eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
eda2e0309389e14bc6b25d938ee42262

SHA1
ae0bd8c58454691a70d76cfdb31a4060bae6e1a9

SHA256
8f7555fb0689e3177daa5255c1aa3b372018297a91e0ed36fdbb279665f7b78e

SHA512
77aefb2e8e66b5031a4c62ff08812ba790fef0ab717b6c33e4f10a0afdd6dc67c0ae6966f9ffd010060451123052c9df389c0fca7b63e768d8ee7fa56e4c132d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
04eee226cc81e2f4162fb12b9174b7bd

SHA1
39d9b7ca9f86b599fd244c5a1586971af24bf3b1

SHA256
4217b8604b8085df79cfeb2bdf2042595a6392cea4eefb5fb5fbe638efd17574

SHA512
08f99a8144f9ab325bca3d98ca0dcd69050273db6d9c3c03cf1a934114569138bd9b3959aa2290bd9b9c92ed970bb1bd4d1c1f9bff97811477ad61e7060ba344

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
39c1064964472ba89ebe02beea0fbbb1

SHA1
3a67eb093c54a196d62856ec4ceb896780141713

SHA256
372b9b530f054e5a49a5f6170bd02a7221c506b14bbda3518356c62f88c0038f

SHA512
3866ad0dcf9240708786a9d3bd78129af71d5f46860c5a4edb26b3c28ff513a1172291c85d852a16278a4fcd903be490c49fa0633e3362fb01d705e1bb67e372

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b9da1a2962113374ecc1c6d6af6eaadb

SHA1
862e4570e3b10899705be2e952d2a684edc54df2

SHA256
57d320377128108f2e7b37b13520e63c40be58b226858fc464d435ca53c49ba5

SHA512
884f56df8d89239cfd1f6481eced757c19d416cb95a7cb61962ea736311c2914c87a2f6bb4dc2d9f7ab85699168a52fb4162bee53f14784fdcad376bfb27bffd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
343dfc1737b8d633021ef5368490364e

SHA1
e475e91da1e234aa751298b577860383d5b408a6

SHA256
a731fafcecb140384f902c2c5176ddc5268522502065620f57a1346fd65b5a3a

SHA512
aa829165121e78a3a218decc6e675fda1dda591936404fa2c985b758a330d39abe642edeeb978c22d17780a32777d1f72c0bc4ab096df50175fd14e312117ebb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0c02a8072405a3e1c6b1451523811e98

SHA1
3c1c8b8c0ba7783b406deea3178b6c96f8a9eadf

SHA256
3408fd6a27bc739d578d10b4055a5db058cc5d2ce12d4c754020a36c1f2d9ec1

SHA512
363301e885dfcfa946ecd0d50edea25c5e849c45e0c1c63366a57e1fa320dc7ad45befc5baf35b8a8cdd334b545f3496146dff694c0bfd1988072efb4b438ef5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2d81843d182772d2fd3d33ed1c176b07

SHA1
2730ee41098586396a94ece7778137ced94d2d8d

SHA256
d83da9c7381170bfe23b409ff9dcb55b3066e29563f0e450062a6765e1d43589

SHA512
39dc9fcb60f0ebc6eb302e6caa23cbea804dd23bd387de32d995c65f43eb3a97537ed38de75e8edc9e7a7a4c3d08abeb58efcd673f38fdaeb05f1fe99a66dae6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7839d0b011d2d7cf1f0a0c4998fa0773

SHA1
e9d9e22536ebc3f8cc864e222e15aba172633de6

SHA256
b534add90cfa35b7a58e8e3f83d4c84d369d049de4f67ad1805d298ff2fecb9b

SHA512
86757a552d2b573b588de28b18fc67bffd30122c22ab57545da467fd3ddbc4a9fca819c395435ff5ba01c935538dc7114e1edf8cfd7df22222441aec9de21364

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
33d06725900389af56ae8ebd456ed0ff

SHA1
67ba08e7915089ed9da4855c671da4310eb6db81

SHA256
a709c012c6f2d2b42efb2b458f05d2b81f97dc3fc25d5b2ff18892d56c41451f

SHA512
5c0e0bca15f8861ed0939ab91bfb556ee3431c0184d2665108fe126b38576b8bd536ab0ae1826319f5efaa5004738271224819d83eedff025628aa0eae4e5d74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
707B

MD5
b1df98158354306792e2fad20c8a4b61

SHA1
64008a54875eb67f3d8143e79b4b9d4d10693a0e

SHA256
9186a4a84bf2ae966aa44991c769f7644e477aacd18a6615907a4fd03d3a5048

SHA512
89877cb65d71087949ee5ef2c6cf5ef45c5c4a41faee5872c6d630cd73ca24eaf10b256c664fd98e2e2f9641f61cdc9db6da77d51835f703fe7fe3dcd9b84c1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
707B

MD5
2a7a2a1e6d2bdd02b5a54e266288df2b

SHA1
01f5c31c968b520427184f06abf0d46169ab6bf1

SHA256
0b4c17b049d388c544795f83bbd8685bf96eb43bcc38d8f76e1930f0e132b4ed

SHA512
e3bab2a56c86d7da559398a534f2c99c9a0ddf575bc1807641b12ac68ab88033a35e1af6b301a6aeae70d3f779db7c8c772c3382482dd96fac3e7865b5b2b60d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
707B

MD5
a75fdd35859cc89e380b698434214a59

SHA1
4917319fba4b14667d4766ba088047c1e2e452a5

SHA256
2363a324197ce28a80e0bc2a408736ca253185dd1410b811775da24a5b8407b0

SHA512
c2fb4b34a3c6a749540a84400cb48726cb1270fa9afcbb08042e107c417c607ad60c26b2b1bf4175d034855d538ced25f4d1258ce677a0597ef017f0ad314145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587d0b.TMP

Filesize
707B

MD5
bb695793cbebdba98beb492a858e7d07

SHA1
030ee59b37852a29f1c4f3f8c49dd1dea53240f0

SHA256
362df9356ea16c44758dcf467ff886de0acfa5e7ff413916c6a784b45918c2d1

SHA512
f353f3f1436525925b08487d02a53503b971e2855ccb2929e48bcba72af6675426a024555d38ef1f66a0b285580cb80609cf082a9dc5c02a0bb83a37f42f16b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e9b5a5d1-4750-477c-9baf-5ba1b161a927.tmp

Filesize
6KB

MD5
6d398ab4553eeda8b9791e0089f78e25

SHA1
506d37c04e055608d8f2188e9d449614c4b8cc2b

SHA256
a8063f5d31dff78569cb4b93d51b185d75c55d84a192098eff6d7419d7bcb07f

SHA512
1198139471ce13e548262183488f0a84136548e42e1b060d7b72a657b49036032a6cb25174a2d44597ce1e695e0364657f21af0a82865fce2a5e153c4c9edfd2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
31b6c03c4227ec0a8745877c44fa5e26

SHA1
8b66bbebc77894ff7d22a84839e0459ca51a9880

SHA256
dccfddc9ec760e3af18e839d2d58dbd0e8fc32b89a52b5b595cfc8a46db59b42

SHA512
551d85adcb3df36ba77b9d15070f7f16af31c1d425f174a2ea5e21e809d7769da18ce784831403fb8744e2d32da2008960283b5abb0bbb8a67a7b8a01c80515a

Download Submit