71a06844bfa00f4c6832aa74151603e1146dd2afea026bae09eac820d83421e2

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
03-01-2025 08:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_6b722196f9c167c67268f3a97420f3e0.html
Size

78KB
MD5

6b722196f9c167c67268f3a97420f3e0
SHA1

50a520e33c1fa3f6067235bb1fd3db302d7784d7
SHA256

71a06844bfa00f4c6832aa74151603e1146dd2afea026bae09eac820d83421e2
SHA512

9bdfcbac6a750c67f343a17e3a68be50f168b1d40e9e8a83db876fb82d6268be66c055d3b7c79b2fde81333d9a3724bb8f799670ac2b9643de3e5fb7c61b5e19
SSDEEP

1536:Q/5Hrr4P/GgOKqyyurtEyL+WdCHODBaGad+YMpYhGBwWNs633XNs6NFD4Xf+ZxZx:Q/hHKvdCH4Ra+dwWD3XHY+RHtFfF

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3580	msedge.exe
3580	msedge.exe
5008	msedge.exe
5008	msedge.exe
548	identity_helper.exe
548	identity_helper.exe
5900	msedge.exe
5900	msedge.exe
5900	msedge.exe
5900	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe
5008	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5008 wrote to memory of 3736	5008	msedge.exe	83
PID 5008 wrote to memory of 3736	5008	msedge.exe	83
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 2624	5008	msedge.exe	84
PID 5008 wrote to memory of 3580	5008	msedge.exe	85
PID 5008 wrote to memory of 3580	5008	msedge.exe	85
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86
PID 5008 wrote to memory of 2240	5008	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_6b722196f9c167c67268f3a97420f3e0.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff98b4246f8,0x7ff98b424708,0x7ff98b424718
  2⤵
  PID:3736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
  2⤵
  PID:2624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2492 /prefetch:8
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:1736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
  2⤵
  PID:4224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
  2⤵
  PID:1084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
  2⤵
  PID:2800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
  2⤵
  PID:1336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
  2⤵
  PID:1160
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7024 /prefetch:8
  2⤵
  PID:3724
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7024 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:2440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
  2⤵
  PID:1440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1
  2⤵
  PID:1372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,10397653625992730982,14698357131464446028,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5464 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5900

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2284

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5040

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
85ba073d7015b6ce7da19235a275f6da

SHA1
a23c8c2125e45a0788bac14423ae1f3eab92cf00

SHA256
5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617

SHA512
eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7de1bbdc1f9cf1a58ae1de4951ce8cb9

SHA1
010da169e15457c25bd80ef02d76a940c1210301

SHA256
6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e

SHA512
e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
20KB

MD5
2ebfdbd309ee762211b4a2ac39708c4d

SHA1
b002922c672dbe1dd4caa02af24d0b1e7da616af

SHA256
54ae97d445b166859fe3ba6241b97abbac0aa0d158c72352b774d60ba3e81797

SHA512
d1687b7a6da07a72963c96a1e85661046d3d3c96f88445302afa09721fbe211a5fb8881ff14b346b0ebe8a20f5ced21979e9f58e256427e57b85d565bef17720

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
34KB

MD5
4150be91c2a3cfe950ecd06dfda28bd6

SHA1
aec65ee382f38ad6e2d4d6f35bbef215b97421b8

SHA256
a5b590c1b46928f9679900f4943c4caa3cab59fe7ba28645f21c20331ebeb4e6

SHA512
25d1c2dcac5cd67278960fa6fb8a82cea482b3426db2c4fd1e5e91e840954a1e3b076f8b2de7aba959a9360167306051b68e81e061a2d5335724098db6b7ab16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f3ae0d23e488645b_0

Filesize
241B

MD5
83dcd0dc6f3e9726015dc6f7084c9c03

SHA1
f5b1d1d5607bd7b50c7bfa9e624797837a60de4b

SHA256
01e6dce47dcecabc7cb4a08743be2aaa8b99146d0531a6d105166eef51f12b3b

SHA512
494c06e9aafce200702ea7c2a1af7a0845530649b7d8b6281f9307b6759d164c5678f88ae89ded738374f04c70b690ea0a0660279b1706392b5c9e7aa03215cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
faf61fad74e74e354fef05e527971f0e

SHA1
3450c30c0ac4fe6b2e3d9e86a61c2932c6aefcf1

SHA256
0195224e9387f9605943e29b8ca19d422bae37ccd5fafa306a45f03523c5a7ff

SHA512
47d9bc7c8d5fc868bcfceaf93d4ab2d7f769a14cdea1378d1f256e92887742f8fa9a6f095da9e3d57fd58a2ae38004bf21183188c84484084274a395511d6923

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
21a294d2294febdc75dd818c55ad5bdc

SHA1
79ee54758a8d4118c9fe18b1a27cbdcc2639a9ae

SHA256
a800d907a502646d10238df9a18d6dd2471822b351acae4965df73f128ed51a1

SHA512
967f380608d292ff19fce99a299ce03238398657aea3c4347f7e67f03c61c9f5920e45d871b5b07ce14739b9df36d308130b7beeceec70ebf8a22f5cf05ae4e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
a0ecfd7adb11457a6bbcaac4e2bd8d39

SHA1
13e3ca2b430b60e62b9f915a18e51d8930b31153

SHA256
7b8559209fff1cd39c74eed165b64f4d2241ef3d150cbd5f907905459e2b4beb

SHA512
dd3442ad984424196abdc12c9feb22cf7137cc198675cf7a56c81da2e1560ba902fb516f38239577713409b7d35ddadd648bd1a2770fc56997eb1342d34c46c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
bed7afbb093a718febb453b3740afa41

SHA1
97dbcddccfb1222c27a7e63f121d5c4bddce3e7c

SHA256
78d446c26d7676d798ac32e5e12522a22da6e76bbe75f8b1a40b7b2e6eaf967c

SHA512
22a70cdaab557614a8de33ee570421b340cbdfaa152ca6078d6762d12c29f7c6df33d6ed1b8e48483042f6037e72bbd2c3a3eca5e2cc561d8d9c76c8dabe12b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
6d76e45979571eac384f73ae4d88af47

SHA1
caa2a170561f568764a6aa473935fa0746a23aba

SHA256
73252c977800a6720d3cfe972e1f74ecf667fa127fdf92711e5cd41b88b69816

SHA512
e8f50c74de8f92ceb20fbbeb4a739697b93b03c3ce828702b6f79ae94cfc4372b5902b1c895a350d105d7e69b709f65911960a78ec0384e3bce487fe2e716c15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6c635c9c2bb9c4f804724c3d63e07db4

SHA1
ab650c5cdb6fb9d10a6f30362d8c10efc163ca07

SHA256
a38d93a9cef7ca29973c4a38b3847e6226bffb4cacf6b46b94bc12b69661458f

SHA512
fe340768d2e12946b3f467181ebd2dd35c019f97b14383951d0286cec3ee4f11cb8f2c0d6cd714bbc38dbdc780a056e481e27b00403f004c278d9098a435313b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
501ed5ea3f5dd87f7af9427b05adcebc

SHA1
659bca2ef09150ab07d0a39ef28c5a9ab3e3fd16

SHA256
88b75d541b1d3245089b73de0fe4516b3c299c63ae7d75b383146c541684811b

SHA512
aa7ab004bb43a41f52ea219a2c767cfe64466bcfe48c59f132994b8e4cf15c76883f24e5ec8e255cce257e2ed153aacf7d53ccf7785ce48dc1aaab5fe4552377

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f64d70e375c83d98db097ce10177ea2a

SHA1
02e07bc4c005e123c3b68ffca632bc53ab321087

SHA256
19d3ba68935686e47e04873b5c39d66bf4a18f27f3c75abb9d69580de6ce531c

SHA512
664fc666cd3425f91c1cab133edf7067ff3639adbb15af7fb87df2da61ec7434fcd893e1747d8d1a043efc38936abe73ac2a1e5b041c82fb9061956340ff17d4

Download Submit