0eb41cac7234c00fc125c548395da41159953b00780163a0ab4dc2e102aa21bf

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
15-12-2024 10:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f38952c2cf05ec8d5aabd3140775e379_JaffaCakes118.html
Size

180KB
MD5

f38952c2cf05ec8d5aabd3140775e379
SHA1

6c4198a8f065448a450a15b4d76a719cae32a127
SHA256

0eb41cac7234c00fc125c548395da41159953b00780163a0ab4dc2e102aa21bf
SHA512

992756b8c3e17f6430849da18b7ec785812509476a9da03d81b7e05c5ff21d6f85408787889bd021f73643f46e38cbaed51fd6bbf6c6fdaee64b2970330a377b
SSDEEP

3072:VedxbjvG83mAGXmNJUzki+JZgfdGJ2PtMZKmBxYfVo:VeHYXmNJWTHtRfVo

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3524	msedge.exe
3524	msedge.exe
2932	msedge.exe
2932	msedge.exe
1520	identity_helper.exe
1520	identity_helper.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2932 wrote to memory of 4424	2932	msedge.exe	83
PID 2932 wrote to memory of 4424	2932	msedge.exe	83
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3228	2932	msedge.exe	84
PID 2932 wrote to memory of 3524	2932	msedge.exe	85
PID 2932 wrote to memory of 3524	2932	msedge.exe	85
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86
PID 2932 wrote to memory of 2188	2932	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\f38952c2cf05ec8d5aabd3140775e379_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd7eb846f8,0x7ffd7eb84708,0x7ffd7eb84718
  2⤵
  PID:4424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:3228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2924 /prefetch:8
  2⤵
  PID:2188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:1012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
  2⤵
  PID:1736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
  2⤵
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
  2⤵
  PID:3248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:4448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
  2⤵
  PID:1364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8064 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2612 /prefetch:8
  2⤵
  PID:4432
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2612 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:4212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1
  2⤵
  PID:1264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4088 /prefetch:1
  2⤵
  PID:3604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:1164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,11438327187158369348,18405096706737788613,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4684 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1272

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3772

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8749e21d9d0a17dac32d5aa2027f7a75

SHA1
a5d555f8b035c7938a4a864e89218c0402ab7cde

SHA256
915193bd331ee9ea7c750398a37fbb552b8c5a1d90edec6293688296bda6f304

SHA512
c645a41180ed01e854f197868283f9b40620dbbc813a1c122f6870db574ebc1c4917da4d320bdfd1cc67f23303a2c6d74e4f36dd9d3ffcfa92d3dfca3b7ca31a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
34d2c4f40f47672ecdf6f66fea242f4a

SHA1
4bcad62542aeb44cae38a907d8b5a8604115ada2

SHA256
b214e3affb02a2ea4469a8bbdfa8a179e7cc57cababd83b4bafae9cdbe23fa33

SHA512
50fba54ec95d694211a005d0e3e6cf5b5677efa16989cbf854207a1a67e3a139f32b757c6f2ce824a48f621440b93fde60ad1dc790fcec4b76edddd0d92a75d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1e8aeec3-928c-48f1-a114-710fca7f5905.tmp

Filesize
7KB

MD5
5d56d68e0cba38dfd7ae1ca1661c1931

SHA1
e54e3e4e816a282b2172021aae74e02c0524ca85

SHA256
8ca0e858eb57195d8bc174dd418ca4f0fdcbe9687a71672455e66eb7fb85c12a

SHA512
ffcf9557f092bd21489bf765c9b956ec86adcc6f28af062d1c15c1f5aae95587d12018bbeb3bfb5fa3131cb05097e96b651ca6157b067f7967e22fed2cadae00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
23KB

MD5
1ed76811af8c6ed01b3d356f3bad9a3c

SHA1
8eb6ec720c89345a37f37c519a7e60453ff256d9

SHA256
52775526647d60d401b7d0ac7ad728e621edc59c4b9f6bda497ba5fef48239b4

SHA512
24cb443881a4a4fca319827e28b6aaaa5f0402867c49adeeb2c81dfa469dc448c2397e1e488d23ad2af0ffe0cbb63b8d866efdc2a8ed5dca6b4cbc4f9084499a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
58KB

MD5
84e3d54be3ffd25a24bf3a514490b86c

SHA1
490f4a059114c7704703a7c67d193083f551ea1a

SHA256
dbae2441d55a51b1d10c5591a2ab27141b3aebff8e75816a3a4b107fcde4b6f5

SHA512
718ddb866adab289ea6ed942b18ee9d74c185d5739c642340b6ee827265e3fce63b768021aa182a8fd540b4a1f82f555dc9e668c4cd187566fe19336bc3464e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
62b21160e6ebcfcf6f6003e4f155434e

SHA1
82303dd9fee17a68df8d94f19cfa010fae34d2f3

SHA256
02417a220333dca642cfa92029997be413b7fcc97309e39392bdb07f032c5755

SHA512
54e460d9132eb029784a9c0894246717a9dd8f5ee9ff048b2ae861efedd5db207bd459ac6ef973ffd078b15f81c086f5a3f7ebb7e829bfca40e6f37ea8935efe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
689aa906a408bef5b715e4a8eecf2cf5

SHA1
2ad2e029f564bd17094cb1a9c6458a0ddb77420e

SHA256
881091cbc8e9c578a4dc4c45ec0a2fd3dbf4ac2bb8875078033785bb2565717c

SHA512
608aacb08e97cce96f839cb387074973c7429058956cd04b26875bc563729cfd7cf0738e63686aa9041ff70b6b1abd6a22e72c7a33de792d1d8954f937b138b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
18af6ccfc02521b43cca0a9224254695

SHA1
af8610ec307bb6c93aef003be47678a63917667a

SHA256
9b5857ec408c8172a50416efd2b841e7040a2f04af44c8508afd4ff11b3f1848

SHA512
d6b2def148997b1d0db15681df422047c38794acd10f423aaa196fc88158f44d31ce2f26f77e069c7cde6adaee43538ab4c7e855f16e302dbb95b3a95718b8d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a1163dd85701fb88c492b1c2553724e7

SHA1
744fc2cc24036ba9305c77decd4198dfbf695c9c

SHA256
07351c37da638585dab4a3d6ffe7ea912259f7da7e0920fe1e226ba58d3cef84

SHA512
330d2caab446b4d1b591a69daaaf436513e7cf8708f5958f79a87fa275fb34e6bd2c52f0ad4cef2259efd46275ab4ebdef967f277a33dde0e8742b29d29c0906

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e316bef330aaa987e67364f3d265db86

SHA1
b9c05d3af3638c88b5ce1b8b08cf118714b584fa

SHA256
6fcb282b8f86e102fba16452a8570f4e9c634cfb68d779f2f126c590d6e0adca

SHA512
bdb9b379474d27b97742b0425a976b7722f1be380005200d309c02b331aab37d17f39750dd543ac6241175080db1e8c181e28af3fbf89f939cd1dfff8f9055d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d42cc8840ac9d464f97d4a6345fb6701

SHA1
6491d7a678b9bee80707e83eac9d9d884abb9104

SHA256
2993d44aa1665338296bd2009991fbc017cdb513de4f12d4ace4126cc8974647

SHA512
b3ad261146d52225245f9aa519e6b24516820dc9f17d7698fc2c9890d73500e63b997fd4f6989b29c0d02dc72b3f1f36b5d7cfde6313fef9deb52bf4eaada497

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
604addb02c649f8348ddb7f811ac7b16

SHA1
685118b7820478df3af2a5a0a3f783ca8c870a8a

SHA256
7b690bcf550e4cf64733066104f9f763b14a72a023f8e27ab9fc39e63ebc16c8

SHA512
61937ec60d315d822313bd1bb349abc867f7967606127f88831250161df90fcac3ccbd181d142b2d68dc0bbd4239bc65ca27d854a5dc78406872eedab2751c26

Download Submit