a1aa5bc849f86d2d56ca30514fddd062856e4e14544b0d6aa21e941d9f39df80

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
31-12-2024 16:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_29ec9148c51dd49ac22055d4ec49c870.html
Size

215KB
MD5

29ec9148c51dd49ac22055d4ec49c870
SHA1

ef1a3c7863d1aafe461496055ee170a4c21c0e89
SHA256

a1aa5bc849f86d2d56ca30514fddd062856e4e14544b0d6aa21e941d9f39df80
SHA512

55d2ebbb3e2deea2409fdcd85a6023fb721bbe06f72ff51b68eb33c666c915935fd4fe1f7281228da13e9b4b422c892490ae7db55dfe1eb542cae2b2e07efc14
SSDEEP

3072:yeO3xOP7ojJyplITmJqNhCbrq1BozRylLGl0nVrPKOodtMzJHw:XycqNhCbO1SzRylLGl0nVXQ

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1352	msedge.exe
1352	msedge.exe
2308	msedge.exe
2308	msedge.exe
2488	identity_helper.exe
2488	identity_helper.exe
5020	msedge.exe
5020	msedge.exe
5020	msedge.exe
5020	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2308 wrote to memory of 1608	2308	msedge.exe	83
PID 2308 wrote to memory of 1608	2308	msedge.exe	83
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 3576	2308	msedge.exe	84
PID 2308 wrote to memory of 1352	2308	msedge.exe	85
PID 2308 wrote to memory of 1352	2308	msedge.exe	85
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86
PID 2308 wrote to memory of 4916	2308	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_29ec9148c51dd49ac22055d4ec49c870.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcad9f46f8,0x7ffcad9f4708,0x7ffcad9f4718
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2524 /prefetch:8
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
  2⤵
  PID:3436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:1792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6904 /prefetch:8
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6904 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5964 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
  2⤵
  PID:980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
  2⤵
  PID:4952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,10367402684983196444,17955700496633962550,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7120 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5020

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2256

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2580

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bffcefacce25cd03f3d5c9446ddb903d

SHA1
8923f84aa86db316d2f5c122fe3874bbe26f3bab

SHA256
23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405

SHA512
761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d22073dea53e79d9b824f27ac5e9813e

SHA1
6d8a7281241248431a1571e6ddc55798b01fa961

SHA256
86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6

SHA512
97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
20KB

MD5
2ebfdbd309ee762211b4a2ac39708c4d

SHA1
b002922c672dbe1dd4caa02af24d0b1e7da616af

SHA256
54ae97d445b166859fe3ba6241b97abbac0aa0d158c72352b774d60ba3e81797

SHA512
d1687b7a6da07a72963c96a1e85661046d3d3c96f88445302afa09721fbe211a5fb8881ff14b346b0ebe8a20f5ced21979e9f58e256427e57b85d565bef17720

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
c772683d5d110d443462f4be72a0b9c2

SHA1
0c5c078bbb4abba676ca5616b6a9b46fd8b272ae

SHA256
e6e9a190a2aa512197f61ede2b994824cabf874379ef0d893ce0c162d54fe6b0

SHA512
48893fc39d721467f7dc7843709844a918fdf6154f797ff3fd77d9713369d51a42d548fbda35363dfb2aa84b0ee05a6a91612b193e91f121f8643fc8e1098187

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
4caea4df52ef77972ba96431d68e757c

SHA1
77868a1e5af30a3b8819ecceed0b6aa160000a2f

SHA256
7da9832172ff4138954338c00f428c99a0e26a6e375b66d0354703e08437c57c

SHA512
6e88e82d63e7d646b1533623131776d98b61e1ee86b4b8682921ca8233995bf9a4e2c371bef6e03701e9099233c95c1a0966274ab6770fe455b42802864050dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
18ac7807db38da50354deede8754b632

SHA1
72a54a49e511ae2479412cbddf16cd28f6e5f8c4

SHA256
152f024387f293e0fa48dfd360ea30f211115df9f8c05aaed8c53696d53a5cbe

SHA512
629668b3efb7b6b80e8b17f4e56a72b9845f52953b56c3751bc035b464ff5ddd8d93c94d57414376ff31635c1cedac5a360439ccdf28e4fab8f86252ec784e2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9a3cce1722f3ed259e79463c4a995b35

SHA1
93a9a31ce481cd19a3f3ac714598530d4f19ce07

SHA256
2497b47b064347c446b99f1ee4dc92dc02c422bedf654bb2acf81b1de402d033

SHA512
503a4d68c283a954b57ba185b1088f2276e628ec344019249c98d6d51f8d27cf155e88de5b705d09d845a732e3c27faf6e3baa556aa193bd80838651fe4fbf7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f79129036912c5d285d82aca90ada5f7

SHA1
a5c9e306c1202b0783201a9fba73e4e66a1a8ed6

SHA256
94c95e3b124516506a965d901c039f897f41e1d9dc404d6bd8e1de2925a2dfa2

SHA512
884f0e5478520d4eab1c20ff8a1d9eca627b25f0d920594cbd3397e4279464c81efceaed83c46cbe9b741aa27f58bcd2f0417a49b722c2cb30595c056716a7c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
6ad6f28faad0042ab235542c19df75d0

SHA1
2e20637faadcb26cb84eee1b95beb64a10d659c4

SHA256
129a01f375c0428767b59deb2ecd100e590cf1b17049439e8f6f0b9290f301fc

SHA512
396f24645d4653b78e263422da453d2b2530e031e44cc63a7e815a73245e955541d38008019226c67fc26f239ee3a0fb6d943e059e4194a4ea4a9618d10a6fed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b6fd8be7f353380a2f37b3f449aae75f

SHA1
1581b3e6812d8cce43c5df4f42bcf2534ec31444

SHA256
af62ac3d5a73886ff01819fe7f90d7e647ac980e75951f67d0814c171af39d7e

SHA512
003323c6b7f881c020f1d4f3cf2e0cf61ccc9530b185c3f03381ee58ac701d5eacecd193798aa3e58ea95b4dccdde11fa27b3e159c7819b0f0e1952605bee70c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c2e2af811be642a9f8543a07b1f9eb3b

SHA1
d3d820109f2d20c330d7cefeb8ad69485b74ae85

SHA256
372931bcb76e78917117e854d6ce6714ded12a6b2bfc37908424cc7029242d6c

SHA512
184092d7b1cf34ba884bc7fefa0f4ed6fb489696f199a5fc60a28fd2661621dd2884a6f9e363dcafb755fd46461332ced8a86b72d1edac658af1a38e8d56dd65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9890d2896592d42e3285eab52a494247

SHA1
34787dad2160307f2709ae3ccdf307cbdf340e50

SHA256
77e429d672428dedd9f6dd61935b34bece030403df80800a796148f5b1a3838d

SHA512
6fa6396c00b961544e1e71dd43ae480739fc59ecb84fb73eeeb7d9686363baa661d40df8ae924ea085ef67f54d77ddc019e829067111ebc247b012c8ee874845

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
2b90497ea49f572631442fb6b73a4573

SHA1
55a407154975e4160f674d6110749805c3ba21ba

SHA256
2c1408f3b4168bb5212cf5018894807e1bd62ed0a73ed8b78298a9a5f76c5369

SHA512
0d8c180262341d53196320d98daadde5a8ed7780e48e11359c2f6bc6f751665ff9627a0b60cd3dcec44e5ea1a0c5727e458dc56794b18414b67c9c865adc17a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
e33fd7a0c2e85ae0a34b7fbb8d5a1fa8

SHA1
8ace676cb0f67a64802fdbbfd5bd47e6e9a66f86

SHA256
333e035dc842f3ec1b6022d90530ed01b931c462fdc6ddc5117426342ffc57e1

SHA512
c7e81235a69a92ef8ef7162bffd9a92038f9099123a264d1a1a36b487bd107b1cc369046a882623c3f1b347bcc3287ef0d7acf921a163fc5f15fdc79f037f507

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59bea3.TMP

Filesize
366B

MD5
9fb3de1f937c9c933b309affcef9ced5

SHA1
e67b99a64cab5e892ac1eb10387235405beff6ea

SHA256
cda06fe1fb1cf812d465fcece291514ff00ebcb48f423534d7c24027901b2439

SHA512
5099c2705b070ffb71db0f9b46c7081d24a85c1e13bc20b61c7f2efa55142997e720a63383cbf69440a6a285a9870972f06becf0d3bcba0a5655ad830b134c8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7873f0ad6756528b0eb75328991b4abf

SHA1
65a5609b3284e51ce06acafb9065112af416bfb7

SHA256
760ab06374cdd6f565cd26557645ec7cad2310879ba1e82fdb4a16bdb5f3ff17

SHA512
04b7a21727ad4b72d0ca34a7400ef3fffb824d58304431631a942ee9cb5aba6a7026b421fa356a3c4e8c398f0eed9bf9681921e7c69063c058f4c144c27f7ca3

Download Submit