47213e3710a23f90a311756e4e0e9998cf9781c6b5e402012370266a50b9b787

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
05/12/2024, 03:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c5a3cc3f4c0b8acc6d166a780d0e7ae7_JaffaCakes118.html
Size

149KB
MD5

c5a3cc3f4c0b8acc6d166a780d0e7ae7
SHA1

2804233fe02409e39beacd69fcdb5547b2fb68b2
SHA256

47213e3710a23f90a311756e4e0e9998cf9781c6b5e402012370266a50b9b787
SHA512

12559e48bfb49a2eba0c22b07c998c30d79b0b18e183dc7087233a8eacb9227278ebffd7f3f84d5c67d51607e9ecd987d26feb5d51286f07a74e0a09f4ab6482
SSDEEP

3072:efzdwcpk2iHzt8aN2eXiPQvwgfg9yGj8yTT10SyIBXWsfYgL3WluUU+31sNH6SSo:Vcpk2qt8aN2eXiPZ

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3968	msedge.exe
3968	msedge.exe
4396	msedge.exe
4396	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
2668	msedge.exe
4788	identity_helper.exe
4788	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4396 wrote to memory of 1788	4396	msedge.exe	83
PID 4396 wrote to memory of 1788	4396	msedge.exe	83
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 4548	4396	msedge.exe	84
PID 4396 wrote to memory of 3968	4396	msedge.exe	85
PID 4396 wrote to memory of 3968	4396	msedge.exe	85
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86
PID 4396 wrote to memory of 1680	4396	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\c5a3cc3f4c0b8acc6d166a780d0e7ae7_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffde2f46f8,0x7fffde2f4708,0x7fffde2f4718
  2⤵
  PID:1788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1940 /prefetch:2
  2⤵
  PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:8
  2⤵
  PID:1680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
  2⤵
  PID:3172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4800 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2668
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6040 /prefetch:8
  2⤵
  PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6040 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:4320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4136 /prefetch:1
  2⤵
  PID:316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,13123719260824767220,1878654420195829319,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
  2⤵
  PID:2576

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:968

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4812

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bffcefacce25cd03f3d5c9446ddb903d

SHA1
8923f84aa86db316d2f5c122fe3874bbe26f3bab

SHA256
23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405

SHA512
761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d22073dea53e79d9b824f27ac5e9813e

SHA1
6d8a7281241248431a1571e6ddc55798b01fa961

SHA256
86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6

SHA512
97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
952ee550637472f323f603b93d33dbd1

SHA1
480338760b85b7053d82d4dead397cc80d65a32f

SHA256
99e1e5098f48fee4c05d64f87861948cf477319e0e5e1582b4780ae22049d3c3

SHA512
f74f05427d721e6c2b568be6da07a11b5978a79cf83f86c4e758f7ed989a22f5f1b8031a1912e1e0e15d3dff56deaed272dab521d44dc60999d93ae187d1c563

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
9ad80372cdd25768ceb68c2f41208341

SHA1
7624a707fb096bbf059e239fc18514700e68316f

SHA256
c4e7f37546ead85e7dbb3b6b9033b687c511388752c19086a14d2a9c0994b69f

SHA512
91ef042ad50dd36691fe15fab046eb7430ca2f8143e8689db73dd45e476fb25d74cf767629ea828d9300e148219b1cebe085be2f5358393308d135989e61bee3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
9778eefb12b4c5cfaf8a96c76d339a08

SHA1
8e5fa52a0b6342ba44c824a1cbcdf6636d507192

SHA256
63cf9e9b4c8f9be7b69ed21cd8a2804b21193d155171c7481e639f789c3f3b00

SHA512
e225949169b135b599e7c35031f8ead41fb3604a409985e6da86c7d86a1d37352b6917574cd80411bf03ccf564ea6a44c57e24f439c34abd242c4b596681bde6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f3908d4932e330a0b669dc1560b6d07b

SHA1
55260894080b8a1a5429748b9b9d50d321e03396

SHA256
9e4e40101e4d3c1028cfabf13af4df97b99b0498bcba75e9ae62196ea54e0d0e

SHA512
3a249cc1895dfe6162700752456e0a0b2d04d8f863ee456bed6a6d48e9e050afd47f6290dcbad3c864731485a63e5b0dfe9734cf7bea95074f3286958d7453f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8791d944a9d0f2317e601156e2b0536d

SHA1
db24e8f8bf55802d37b73ac5d14d225e6a4ff884

SHA256
a10b7d30f764745b2249b38a7593324b6273e39efdb45e2651cbc4e45b9c21ff

SHA512
339e338a2bb19991213955f3bfa85209969c00f80f53b6cc9b67e11ad2de5459e5c4e3951aca8956c5dbb86b1babd44e09d325927e8d8a2b1188682fc120b929

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a64601df88d0c1b2c146b1b5d2fd5d63

SHA1
c6cd2a3783866f49219f84043e61e07c62ac3a62

SHA256
b01c37f50fa35452a329fb227a98c5ad6c3f3205ab2cdcb25c1f37b57e81d338

SHA512
839e6dcb034f03eade00f0e9f27c0d68761716005ea79ca57dd21818893c668ce284964e5c4621af81d0814e7b4088409e4bf701fba7d2033b8dd6761cb5f9c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b1b4db32a3f8a03314bd2c2d99d8c725

SHA1
baabf13817864de7e2e70805c9b75dc522ab84bf

SHA256
9fdc79f9270e544481f47b333ab9f2ff9fec27c9c092af6b56dfb93174d8643f

SHA512
0baae89f463898cfffea7773fd8c4875f1333f9a7fe923e8c83f50c168f2d7cb836acf06065b504f2d559a5113af85028bfdfa643546cd275285e94d18f2f6b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
8f4bc2708dd59c2cbe1011dfc5c5c0e0

SHA1
22603f4ebb95b9cbde8b2281223b0c2d349c785f

SHA256
1fcc4ff41ce8bb584829948e5dbf89f352b259bfea282801309a8d9a3dca75bd

SHA512
6e1196982055e55c35e0fb3cb00da83eae1958ff77f5c9c0ab91e1d1ba802959a119b1152586acfd734daaba8badffcc1e3f5987d5ea761559b1da1bfc773c81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59572e.TMP

Filesize
539B

MD5
e7b08518e286683c6333b84ad056a1c9

SHA1
65fdf14a63d411fa02ac8f1f14b4f642d69353ef

SHA256
c6be348efcd45447736600d2ac14c2d6be37d2793452d7e44a2525ad69d86331

SHA512
2e1331daf222e1ed780d635e722b6c101dd844fcddce588f806890af30f60b4436b47e1d938bf89c1f6db26058395d7b8160b18c80de8d259a188c26db435725

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\c2e72827-117c-4f51-b0eb-924329cec285.tmp

Filesize
10KB

MD5
36b98f10d6ac60cedcba94d96076f251

SHA1
3005bea26c25698d01116195f318b90efadb7e28

SHA256
a2a211db6d9cd5874a864c3c2b172a2319f9b4cb4e0e20b9756a06ff1435affe

SHA512
835e04145f0fe0fecdfed8a5367f9b07435452656573ba1fc6e60e664c953b385601e70c682637c6a356e3a70a0db49be2c867054450623e3cbb32f1a7daa78c

Download Submit