b41c2a0a8a08630b3f028bf888180377ab6f2e2eea8806b989ecf3f77c162c2e

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
01/01/2025, 05:06

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_4832dddaac75cfc4054fa0b47034c330.html
Size

58KB
MD5

4832dddaac75cfc4054fa0b47034c330
SHA1

32e6d69713d3dc849f2785f6f873492dc4a1b7ef
SHA256

b41c2a0a8a08630b3f028bf888180377ab6f2e2eea8806b989ecf3f77c162c2e
SHA512

dc73a1ab84686ce5885c3d0387f7e7ab97c62860dff6624b65a2a4f0e7f772fb531ffc0319c1005f4c0ae5ea047342fa7566183bec80894c131fbed37410be54
SSDEEP

1536:jpP4+q8EfYP0l/0zLka5ZDRzHRT3OVRlgOZN7tMtB9:jpcYLka5DLRTehgAtMtB9

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
544	msedge.exe
544	msedge.exe
1216	msedge.exe
1216	msedge.exe
3264	identity_helper.exe
3264	identity_helper.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe
1216	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1216 wrote to memory of 4392	1216	msedge.exe	84
PID 1216 wrote to memory of 4392	1216	msedge.exe	84
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 2824	1216	msedge.exe	85
PID 1216 wrote to memory of 544	1216	msedge.exe	86
PID 1216 wrote to memory of 544	1216	msedge.exe	86
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87
PID 1216 wrote to memory of 1416	1216	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_4832dddaac75cfc4054fa0b47034c330.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9189546f8,0x7ff918954708,0x7ff918954718
  2⤵
  PID:4392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
  2⤵
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8
  2⤵
  PID:1416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:1108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
  2⤵
  PID:3632
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5756 /prefetch:8
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5756 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1
  2⤵
  PID:64
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2092 /prefetch:1
  2⤵
  PID:556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
  2⤵
  PID:3912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2240,3406269292463081498,15019270075237543116,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5048 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1888

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1780

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4132

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bffcefacce25cd03f3d5c9446ddb903d

SHA1
8923f84aa86db316d2f5c122fe3874bbe26f3bab

SHA256
23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405

SHA512
761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d22073dea53e79d9b824f27ac5e9813e

SHA1
6d8a7281241248431a1571e6ddc55798b01fa961

SHA256
86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6

SHA512
97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
c78bd66ac63baef42569c6dc3a71ea2a

SHA1
fb6a8c1fff998b1a3a50b6cf6d6a3edc9058211b

SHA256
59c43aa91b8aeaf106fd7b8e617d63c7045a44b1a88c977dcd4603739c074ef6

SHA512
51284ef0e7956d5cb9aacf006368600f1bc1437d851b15782001fa92c561974bb06446a9dcf0c8e45fd1aca29322cc69d78d833bf4a3fd6e37f9c210426cd8fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
594B

MD5
a19840548fcb35f6770b335bf29623c9

SHA1
1aa9fadaaa37a785669ed1e5793288cb0b74315e

SHA256
7861783244b7b3196cb1f2b398a06261a45829b78ab3e349320b34ee64bd1b38

SHA512
a279e75b96bf24bd1356befeae674167a341bb89550ad7de1d6265eebf36a44e8bb33a8b2f5823c12fb3925f1b406a9504bbb26e35730b646b0851623dac24df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
625B

MD5
57cc6142f45dc786cf1d4a4ab02d0f1b

SHA1
6d0380bf3ccccb1fd8dc2486c0ee338ca523a9ab

SHA256
e0a79177753d34582cf555342e8bb0475279cc9af9dfc2fd3daea65d638a8cd1

SHA512
532b51f6820c4df08b51b257b7f2fdb4aff96af5f774ff01c8297612aab10c9a2b6874e1a7a8a55ab552c7956deac4635e31d0fe83bdc718221f9ab3b1183196

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
67c653573c245437ce8b803c8baed7f3

SHA1
b74a5a878c03053ad7eb258ca8c70780df2912c0

SHA256
2a33bb9e55565ac24b848f39e4748a527847fa4c3d82f058ce6e1abc600b4f0f

SHA512
51a6cd9db8e8ffe686b83957ce34723d6a3c483012cc27df246926216f0d7e13dbbfceca42b04c3f7ffc7e5725352f188506fceed99b9d18d328d0135c433a69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
af8855a20312bc2b3b1527a289276d8b

SHA1
4fe4ccf9ccc8ca02d6566570bbf070070a5b414e

SHA256
d107406ffa6017a78142bea7fe2bd045f23ace9f16d65ffbb2d76885ee9c4a24

SHA512
48aa44a642480200950c0a1c9dcd621db49b831240d293b152a144e144b6b865312ac36d31207a7308f3309b1cb38c7c36e81deaa4dc7fbfe159160f7a02c99f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
be46ed93b692c611b2043bd674eabeae

SHA1
aa8c0b38c8760097d574a8ddc168b17a277f1735

SHA256
e6bfadfe85d17d35dd35ff29d7ac6b1a8399c1be537cb8c9605e66ae1fc8a749

SHA512
ae822b2a1ee50c95e2b6fcbbbde9bc49115e3c986941d98176ef14157378bc16883de0696fb062399b0b1991ca9cdf1dbd366b9ba80de50bc90f997de18c7a98

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
700B

MD5
8b6dca6f00d52584ada991d5d1592f07

SHA1
7e659716541698138777bda2b97cc55dce72ec4c

SHA256
c345f01d2b74535a3611020bfc53167136d0decf4542e5eacbaa19bc8b1dffbf

SHA512
b45ef3d3470e7b216a10796e3ef8352a332d0d05608f9ec2964cebeed4f6c7550d6ccecbbb5bb69934ec75161bf7d336181ba1b53b7f17dc59410a24e6d47dcb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587470.TMP

Filesize
201B

MD5
6f1d350098982d59754cfb810fa69da0

SHA1
ffd9dc35f2c450e2d3855e35a8b2ef9184be51dc

SHA256
7fe12dceaf84a61b6c25146e7669602792f38b6c852afeadb042123778561078

SHA512
d118c91c453910d39f5978fd6f84c4dde7cccf798fe1a15df10fcc3884110661390ab4510f0029f87124dd25ff8008e5c19faa459fcb41ddf7f7a86f38ee883f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a4bc2ab2821ef551c2511961ed35a11a

SHA1
510edbacb976decdf48646098916f1a7075bfc76

SHA256
65dd22b4479716c00e34b178f0f341e67950d980a16afa0c6c3ae33607df59e5

SHA512
69d336e9b76ea457ccc9238595e99fe546f121d59fb4774b293ec8a162999dc4edfaedff1bd0b42aba4ea0060674961351d8b0121fd1e87c5c4779aa826bced5

Download Submit