5b548d7f460636a2b0012e0f16147955be8d2de753a00813a09a3e104d63d431

Analysis

max time kernel
145s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
11-12-2024 22:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e38ad722c9d1cbe3000ffc3fc8afc6b0_JaffaCakes118.html
Size

64KB
MD5

e38ad722c9d1cbe3000ffc3fc8afc6b0
SHA1

e140485ded744bc37b38217fa8b7647e932324bf
SHA256

5b548d7f460636a2b0012e0f16147955be8d2de753a00813a09a3e104d63d431
SHA512

221a6611b16f7f8069574b4dd4a8a8d5de687a319d61a4705db6755dd2882bc5a776d71ecbb964077f6d95572b23ed29e769532b9ef6ff5deb4bd97d0004e10b
SSDEEP

1536:ApTJXAUeAJQJ1sm7bXR0hB1bKC7pd7CkgTLKNcIHkyUFZlQPtKls:uJzFm7bXa3UC7pckgT+REyUFZlpls

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2812	msedge.exe
2812	msedge.exe
3248	msedge.exe
3248	msedge.exe
1868	identity_helper.exe
1868	identity_helper.exe
2200	msedge.exe
2200	msedge.exe
2200	msedge.exe
2200	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe
3248	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3248 wrote to memory of 3308	3248	msedge.exe	83
PID 3248 wrote to memory of 3308	3248	msedge.exe	83
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 4444	3248	msedge.exe	84
PID 3248 wrote to memory of 2812	3248	msedge.exe	85
PID 3248 wrote to memory of 2812	3248	msedge.exe	85
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86
PID 3248 wrote to memory of 3376	3248	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\e38ad722c9d1cbe3000ffc3fc8afc6b0_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8640646f8,0x7ff864064708,0x7ff864064718
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:4444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:3376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:1176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:2856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7124 /prefetch:8
  2⤵
  PID:1692
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7124 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1
  2⤵
  PID:2140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2824 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
  2⤵
  PID:3756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8556937127059141146,12671863255245386478,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5916 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2200

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:536

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2872

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e55832d7cd7e868a2c087c4c73678018

SHA1
ed7a2f6d6437e907218ffba9128802eaf414a0eb

SHA256
a4d7777b980ec53de3a70aca8fb25b77e9b53187e7d2f0fa1a729ee9a35da574

SHA512
897fdebf1a9269a1bf1e3a791f6ee9ab7c24c9d75eeff65ac9599764e1c8585784e1837ba5321d90af0b004af121b2206081a6fb1b1ad571a0051ee33d3f5c5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c2d9eeb3fdd75834f0ac3f9767de8d6f

SHA1
4d16a7e82190f8490a00008bd53d85fb92e379b0

SHA256
1e5efb5f1d78a4cc269cb116307e9d767fc5ad8a18e6cf95c81c61d7b1da5c66

SHA512
d92f995f9e096ecc0a7b8b4aca336aeef0e7b919fe7fe008169f0b87da84d018971ba5728141557d42a0fc562a25191bd85e0d7354c401b09e8b62cdc44b6dcd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
23KB

MD5
1ff53dae34c4555156d935d6455b5e8e

SHA1
7b0d480ae156810635d33de2750d7de405c41c62

SHA256
b60890e621ee1f1885e164572c092e6dfcaca3d7c7e2b6cbf65b5acbfeb6a998

SHA512
103de10e245e4eeddd8611d30f62a74b16b364b5aa90c866c1d239649363e42cce013d83520b7e3fe2c17ca709421168f78736477e124dfa841dc021f512bd1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
154KB

MD5
1794e209c784b5f1d14e6b9b3dd42fdd

SHA1
1c41e8364a39722c8c3accf6514af18534a0e883

SHA256
3306123926341119d694833ebf674b28191c67910f2835f7430dd9527a89143e

SHA512
78d17b622edb2ce77f6fa1fcc9ebb89465693a353ea97facccba6317c39d714468cb7d1970f47b67bffb0c923eb9b40dc3b741991d1d216eadeb979a199c3f09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
9e50067fe491924aeec9f9ebe198ee9c

SHA1
928b7f8fdce3655120e2200c741e8ecc579d221d

SHA256
4f2f026c7eb58dafde1c4cf717fc85bb9c237c4d4367c575a9d335db955610cd

SHA512
c20ec3e34edf6f63783102f3e0a153d883492eb2120ef1134ec6a19ca68106d0790d04c1a8154a50ee3b4f06ddbeb34c3a7bbf79bbd815fc4b202822dfa6932a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
ad9230d1c770e6246c697da9ab3f37dd

SHA1
ce95cf82dc6c0d725b73327d4f5d1a72051239ea

SHA256
3c79a4cbc7fc08a9cdb0b3e0be37b905b33e114e98625631fb016fa5b7fa7aca

SHA512
f89b0cd006436dcbd421a3bce913f6fc93a344953f46b3c3e770f67c8add52f51558c49b5cb7a7411d1bcc800a03f9936af2f334189efe1984cd799b0448fc2a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
43926527eab13b7e1e3d558b5df713db

SHA1
2539329888c613312f1804ec8f5d33069e6e9923

SHA256
0cb477a8d88d45406f150cb859d6db74146f189858357a0945d1722565f0ebc3

SHA512
246633ff046ab3555f544192d66907f487f436cbce4b1f9b781210ff03279b91e56215796943a21a1abcf403a73a383e32036935779d1df1d3b50c1089fade6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
815df16c7ef4b50b6597cc5e2e1b38e0

SHA1
3ca8383e1841d32a2399fda51fb6f9636b75f9f3

SHA256
c8f65247f8db358d608d47c799e4df468a1b63bcbc0280e276d1c2fddf94912a

SHA512
5f436c08f5278ae523cab6df65bd1479e0a1bd740719cab6c549ef3c6bcd14db82af8ed0ce61a87fd8b61ed232fdec9745f3478719927b3e18e8e9bf1331f02f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a6b7502a48c401d69cdf8cf1015198bf

SHA1
7acbc3219811c166e3c2e8cc9b45789dda4237e8

SHA256
5513cb60bdbc9e5e43dec6318a2ba3c34091124f4d9da34ebd16bb34f7333b06

SHA512
eb8146a627bb221be08bcc5440fb5c037832324eb7d3189a5bd8ebf7d7585a348794b852dae71357fb64d88c959f7f81878b5d3a9145abc2a9d6f822b90677a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
95617b253c5aff739aca7d62928a2396

SHA1
9bdd31a4522291f92bdf8a0ab3ba50464225c831

SHA256
73f4ded099c142b14474f095d455c0269fe567fb0381e7a20580ab0672cc3908

SHA512
200ab8e146192fc9f827123862ba14dab6e018e611e99f2d1d783de7b815cf11ed21787eb0d588fda5467137f0fefca8349544ee10e8cc0b6350ca8acf794477

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
c1136e00a3ab5f457cc1c1c7a397eef1

SHA1
b68b2902447c822183583725a76f1642dc32503e

SHA256
ed6d04297b528d1af5289fd04fb1ed15c39ae54f607170507bf63344373aa61f

SHA512
6721eba7f250ee000635e8f548bc9c8dd90688d28caf6deaa1bccb16a7cf8e57013bfe9f989949c166d5b045427f60363845ebc2652b9e1803c5bd9a62467141

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
715d3810b3854e232f6a13e778dc2351

SHA1
2bc3cdf2351ab57279c020097a9125a53c3cd0a6

SHA256
4bb00df36cf6f330a391a4b6092ee4334763f63ab93b9d5b0a096f965921f51e

SHA512
31cd5f875650d4f2933dcf69c5fa5a821d9a0e12ff6c9bee5144956a3d573d5eaaf606a04186675859bb210dd2f4497e30ddab367b757427c63d9849504ddaec

Download Submit