169eef837d1d6971fb10ff00786ad5112c0c924da1596c8678f837037dd6f13d

Analysis

max time kernel
150s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
01-01-2025 07:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_4c791ca203f21d7284630cdac290675a.html
Size

61KB
MD5

4c791ca203f21d7284630cdac290675a
SHA1

5a840b6aad03de9e284951c3b0c7958bf7fbb87f
SHA256

169eef837d1d6971fb10ff00786ad5112c0c924da1596c8678f837037dd6f13d
SHA512

0f6fb5e253f3bf8ac906a21777901f94953d19dd2eff4d9ef01ce7eb07e58ddaf51eea0b3dfae4b78d4a45a2d647bae0637dbcf7278dcd1b8e45fee98ae6cbee
SSDEEP

1536:IHvYoJU2887FZqxUvC93IxgdR6TJGv8X7GlcYFThr:IHA4p8wFZqxUvC93IxgdR6TJDylcYFTB

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
540	msedge.exe
540	msedge.exe
3300	msedge.exe
3300	msedge.exe
3496	identity_helper.exe
3496	identity_helper.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3300 wrote to memory of 3576	3300	msedge.exe	82
PID 3300 wrote to memory of 3576	3300	msedge.exe	82
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 4040	3300	msedge.exe	83
PID 3300 wrote to memory of 540	3300	msedge.exe	84
PID 3300 wrote to memory of 540	3300	msedge.exe	84
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85
PID 3300 wrote to memory of 1556	3300	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_4c791ca203f21d7284630cdac290675a.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcd55e46f8,0x7ffcd55e4708,0x7ffcd55e4718
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:4040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2528 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
  2⤵
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:3980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:3604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4636 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4744 /prefetch:8
  2⤵
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4744 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
  2⤵
  PID:368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,7078185553847201326,12570427222337268050,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6008 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4536

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:244

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4272

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fab8d8d865e33fe195732aa7dcb91c30

SHA1
2637e832f38acc70af3e511f5eba80fbd7461f2c

SHA256
1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea

SHA512
39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36988ca14952e1848e81a959880ea217

SHA1
a0482ef725657760502c2d1a5abe0bb37aebaadb

SHA256
d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6

SHA512
d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
4d23c45417e5e896205be0b249f1db41

SHA1
e6ea4020c263cd640e3af26992a46b1d50cbaabd

SHA256
a144b81dc62ee2ce7e654833d84d0439eeae3ff0a600dd49f102ec36ddf8feef

SHA512
7af5af2d441cdbb596c61b53bd222d4ff61bc26cf0b017216de6af812b8f16d8d2acfe8f97a792071f49e767f34a1efdf0c577c4b9710f1ff22a589c4e6da895

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
767b916602e81c839297a005996d8dda

SHA1
7cc5e25946ed12ca63f89bf46cb9aaef5ab9a63e

SHA256
6a6495ee72a98ee167170d982d47ef4fce89e7ca833e01bb89259269b8737f0b

SHA512
2076f6a245b90e456a1549fcc8f7a68732e280cb3cfa61ff1539861a09021108dad2784961e989bd902da3688225e5007995a386f733b6575e264084b5bb6c10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c7814c1f94c85f54e9568500956ae658

SHA1
85261a888e5ccd8f12508090c2d6a737893cf6d1

SHA256
a8261377c61bcc74d0276aeb06f4e7d30b20a3a69b43de1fa24f2783d1626086

SHA512
16c578d1568bd8093023c5057118130c67fb6b3051221b2d064054a8a1db18fbb5f61f38314e7fb48e0a4a63c320e5c23ba200c803ed6f1e173e84f7af4cacb5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
fae0e956c0948bda561b6295c440f098

SHA1
51681d98c4e582203e6d18be21f7087f88f8cf52

SHA256
4e951001dc7efb4d6f95009677b03b7f636e8f180cadb89ec1db580600a56eec

SHA512
c252b884c138337dcd45f92a86c5883a1f6c304cd32b680fad4b33e92c18b99bcb820eecc97f6ddaba4b863a3c4f0b3f2d613cbfa4eba36201d8d946f00e0c8d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
14b46cffc3eacd76a8f8922b2fb13552

SHA1
d2ff8dcbc219d6f065b0fb92ef42b5a4c9abc56d

SHA256
98ca7af5dceb025c3f9cafc684eaf16878aaaa1c3d7b63f4bc72be66cd91ba3b

SHA512
c6deed34763d0968ad93d392447c2d7d40412a6ef6cb3503a6cab2656f3844f71ff19af8b00df0dd9be4164ce3104696278501ba3395581915e483208a202cee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
820e165760699a175b5477f33f395c69

SHA1
8658411cfa75c5b9a8e8cf6343d95df34ceca9c0

SHA256
b9cf78e02587a09a929359ace7c23e435296a5b9a293e1f5a50d68b3a00df5a4

SHA512
e5f11afffdda64f9027fbcd4394f61980cf2e3467d745d09f43bd7c58e1c9d42f696210fd21c77215da56cc1beaddb25a85496198946c771d68668603c985dd0

Download Submit