c3593a76fa53852c90ecb0eb9277a1433290b60b72793d26c6c267502856d986

Analysis

max time kernel
145s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09-12-2024 17:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

daa3bbb5ab7f2a3001c82fd38ee0421b_JaffaCakes118.html
Size

192KB
MD5

daa3bbb5ab7f2a3001c82fd38ee0421b
SHA1

ca0dac9af8fdb742bc86d19181b073f41ea6ca68
SHA256

c3593a76fa53852c90ecb0eb9277a1433290b60b72793d26c6c267502856d986
SHA512

9b830ad34e7ce752c0ddc79af9ed7001acc1e55a713943f64ab54edd09ffe3b52a767cbdc0715b87215bc291ba2fe1d59b48d558d02cdddf742106144dc1a5d8
SSDEEP

3072:4xDNvG8rm/GXmNJUNBVTPQUe+E5qanTLIWQmA4hb/tF2m3ngw3ATRRD:WVXmNJCpvD

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
4156	msedge.exe
4156	msedge.exe
3388	msedge.exe
3388	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe
3388	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3388 wrote to memory of 1508	3388	msedge.exe	82
PID 3388 wrote to memory of 1508	3388	msedge.exe	82
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 3360	3388	msedge.exe	83
PID 3388 wrote to memory of 4156	3388	msedge.exe	84
PID 3388 wrote to memory of 4156	3388	msedge.exe	84
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85
PID 3388 wrote to memory of 4996	3388	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\daa3bbb5ab7f2a3001c82fd38ee0421b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff7a3846f8,0x7fff7a384708,0x7fff7a384718
  2⤵
  PID:1508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2248 /prefetch:2
  2⤵
  PID:3360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2504 /prefetch:8
  2⤵
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:2404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
  2⤵
  PID:568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:1092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4196 /prefetch:1
  2⤵
  PID:4128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
  2⤵
  PID:664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
  2⤵
  PID:3804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,11619372441737404464,962468200801734103,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2988

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1416

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4804

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fab8d8d865e33fe195732aa7dcb91c30

SHA1
2637e832f38acc70af3e511f5eba80fbd7461f2c

SHA256
1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea

SHA512
39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36988ca14952e1848e81a959880ea217

SHA1
a0482ef725657760502c2d1a5abe0bb37aebaadb

SHA256
d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6

SHA512
d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
23KB

MD5
1ed76811af8c6ed01b3d356f3bad9a3c

SHA1
8eb6ec720c89345a37f37c519a7e60453ff256d9

SHA256
52775526647d60d401b7d0ac7ad728e621edc59c4b9f6bda497ba5fef48239b4

SHA512
24cb443881a4a4fca319827e28b6aaaa5f0402867c49adeeb2c81dfa469dc448c2397e1e488d23ad2af0ffe0cbb63b8d866efdc2a8ed5dca6b4cbc4f9084499a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
20KB

MD5
4b3121a05808b99aa6e0cc12924f77db

SHA1
ee5805bb76c384d1e1667aea2976bd2f4f94c7cc

SHA256
e4fea32bac89d9ad34b13a25b0b4da1321920b2c6be2cabb75ff91bf6109152c

SHA512
9b83d55691b41d2a45a542d163c1b6a47208969720ec1fd15233f29ddcef2243e79895cfcb008767f91b3d1cf3a6288248e8b1ec50027eb96db04cde56cb2605

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
819982104519f7b78e3750fa52b9e666

SHA1
474990795ca7a98f02168f21007d59133e91f028

SHA256
3db14faf195a0ff56bf109e3defaa24272adfac252685f968fb5f5e238654ba2

SHA512
ddcccc6f04f459b5ddef2c6f2f4f49a0a669af4fd9b76f1c4974aa9ccd2ecd016cd692360495d238900df3a0791cb231c679963151c197649721571c3e004562

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
1ac620b3aaefa8d3f8ffeddcf226506a

SHA1
10e1e17d132d1c8c4793eefccc2ce6d73d455b7e

SHA256
c07a95dcf3116c377aeffc99b042083bc05f1440103f0be38276b16e4ed3fa95

SHA512
66882344f88bddbd7cef34ea6548028d1317769183e7d4a48e292df9db4de82190e7342ab66ae73ff0f455cbb03c4ff5af6c66b71b38492d4fee9873e6adbf34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
5bdda2ebdc7edd4adfd88e01ff6cc1fb

SHA1
30b5bf4306e35523c2779a8a3ea427d2f7a0a710

SHA256
c768aa621a864bd79e30b07afd70ab42441f4e633c9b252f9c980508fb6686bf

SHA512
12ee7b1b8bc662b5cd79e5f4d65205b2434175a65905a2f0caed908ab5f07e512ae2cc356923651b601c98c182bd55a371a451d275c139a5ecff06f059fb46b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c814aa6e05e89b8e8822e951e6c09d1d

SHA1
38a26a00ec155c2f029fca1bf149e959f424e22f

SHA256
de9abf6c5b6198754d62bab7c2a640bc1080ac1ec5f9d2e8655db69fb6d6f2f0

SHA512
0f5782bb215d8b28a719fb76e0f8718d23fe6873bd1aeace273463e7d0a476d83d2ef01b9b8be9c0c8395e77e0e28a2ba6a06ee481d2617001e5af4f930e6140

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
16b3bab6c5d43479eeebcfb1ae485643

SHA1
fab803457272976035aee94c3e12cfa0e1c3bd4a

SHA256
12b84051c714d860d7bfdf89ebea8c6780dab9e5df70237abb0206364f502f5d

SHA512
c9b7fee01865a51e2446bb6cf2fdc9bed2a93c715aa853c72c4352f2b580ae45d88cc0560dbe1f896fef8b6083d3f17a7f96381732817f3b614d3f3506f54742

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
8610188b230869ebc6e674283b55ad89

SHA1
3672614407acc694f43fee5b85d7c1320d06805c

SHA256
949a8e5110645c529f7abecce6153fe58c6049c839872e0df1146b42428a6404

SHA512
ddc8c7a6a73abdd2a7bc58f73e73def940118841cdaef5bd53cef37861ee0aa3605c5786e15c57033baa043a335d35ad4b6f4041962b76124ffd0abe46e0c0e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57dfa2.TMP

Filesize
48B

MD5
017bf1b977a431d440865d852bb3fd7d

SHA1
af9f379bfe277e0f5c1302573a1e28b642b430ee

SHA256
f329a9428afe45519dcb152b90ca08e1ac539dfde78409c5525f136b446c4527

SHA512
669a4adc2835aa0b997346a46396112f29c71331155b3f5ffdcb8971002bc64c705aac4373bf5a8128a2f261793a1d64af3d36571c5efc8f30dcc8a65e429868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
bbfc2519b118fe7cdfa49e599f700366

SHA1
8201b467b982526639d75145099bd478e6ec2d22

SHA256
05279e3147bdd262e6e5b235b776e2da3796d30103c6587996896f1f486616d0

SHA512
6296cd60c23d1247dd333a72bd742dae4f3b156b59aafbfbde743ed868b39f94501cd5bf94b05c260f8adfd1463e6d470789f8b2ccc7deddf1bab92785a90b72

Download Submit