dfd045fb4825309586521552ce27bf50cca9ade7c9fc635540d20ba2ee30c2e5

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
03-01-2025 16:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_6dd2e132464d6a23c43fa8201c0bbfc0.html
Size

92KB
MD5

6dd2e132464d6a23c43fa8201c0bbfc0
SHA1

8bfd9429e797f688e16a71108cadf0b7b3f25139
SHA256

dfd045fb4825309586521552ce27bf50cca9ade7c9fc635540d20ba2ee30c2e5
SHA512

99b3183cce7ac28af7853b24b4ec6e1a130aafbea033f81a7824b5a811dc448964514b84dbfd0567d42bfc0b3ab31a46fedb8c22b0cf0c7507f09c9c2dcc61e5
SSDEEP

1536:cwgr8VkeO3x+ySqIEhjbCLYVWP6h+AeraS6cgRrwoEtdvZ:ceO3x+ySqIEJaixleSOoEtdvZ

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5000	msedge.exe
5000	msedge.exe
3760	msedge.exe
3760	msedge.exe
1568	identity_helper.exe
1568	identity_helper.exe
3468	msedge.exe
3468	msedge.exe
3468	msedge.exe
3468	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3760 wrote to memory of 3432	3760	msedge.exe	84
PID 3760 wrote to memory of 3432	3760	msedge.exe	84
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 2228	3760	msedge.exe	85
PID 3760 wrote to memory of 5000	3760	msedge.exe	86
PID 3760 wrote to memory of 5000	3760	msedge.exe	86
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87
PID 3760 wrote to memory of 3192	3760	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_6dd2e132464d6a23c43fa8201c0bbfc0.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbbcb646f8,0x7ffbbcb64708,0x7ffbbcb64718
  2⤵
  PID:3432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
  2⤵
  PID:2228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8
  2⤵
  PID:3192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:2300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
  2⤵
  PID:1296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
  2⤵
  PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
  2⤵
  PID:3076
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7072 /prefetch:8
  2⤵
  PID:3808
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7072 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
  2⤵
  PID:3152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6364 /prefetch:1
  2⤵
  PID:536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:2920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
  2⤵
  PID:3640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:3816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2640 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4044 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6208 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,11061972676013786208,15009986264397125442,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1
  2⤵
  PID:1076

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2820

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dc058ebc0f8181946a312f0be99ed79c

SHA1
0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

SHA256
378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

SHA512
36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a0486d6f8406d852dd805b66ff467692

SHA1
77ba1f63142e86b21c951b808f4bc5d8ed89b571

SHA256
c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

SHA512
065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
71KB

MD5
da52e38c98b0f2047abeb07609608ab5

SHA1
da1210caff36df73e49a0c271ff7d573c2d20d02

SHA256
726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

SHA512
35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
61KB

MD5
468446a7240461af44b59ebb2047c231

SHA1
47b7c525dc91bece99df0c414960b9490b986ba8

SHA256
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

SHA512
ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
36KB

MD5
97190e54454ef8aa01a32ca343c94f4e

SHA1
c97d9614e0aeee642b4640e31ed9482513a8fc8c

SHA256
85b0f9b529a69dec8020dc271b2c2aaa21cbc562b0d1c1f3ef35334bed570abf

SHA512
84424d847ca6091573bea0947fdfa6ad3364518fdd4ec563d88b74e425e119109a7f0a61f4f1c7c2a9c7da7c6519d86e334ce0e19f108c0d258737883fe42bf6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
23KB

MD5
7e98564be3c2fbfe5d55ebceef08fb8b

SHA1
4b35415b61c5ed813f615475df2d513f5dc73d5f

SHA256
b9a21d15fe5b99b73ccfd9f8df4213debb40456341e1e71d0848b3602cad2ad8

SHA512
4878d6d53441aab8c306b67a0e4051fe9fa0aa5377d6ff806c6e86fffb042c41a82efd7135754d9af1d6fc571fd23e3da37e680eb4bf983ce08de72421b0259e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
34KB

MD5
377d11c8c3e491cd57da7dcc653e76f8

SHA1
ebe8e9b2af0d4c0229171c435080a5bbd3e447cd

SHA256
c2abf87e908f6dd965b451cabb0bcd6dcf3589d0e55a7e8cbf95a6fdb43cc648

SHA512
e74867f4ef39a363e4c14b57c3383d2f13f7a052ef0b2a27f654f8bacb4f8b5dcb01ef102c0e5140e77611f4feea545d301b76c276e2176e589b414cd5589f96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
60KB

MD5
536dbddbbd5d6b795b17b12f4bda1f76

SHA1
7824fe0a1c979df880b6158171a7e6c2b609f325

SHA256
49d14d78247fd06f70c4320741e65e6270f2e6e13f80e1892dcd91507e9c3582

SHA512
3b50058e33d4e3e030d7b64650a8962f9bb7c887a851b1efb399cf2ba823e2c3ba81f5303abe4037527b3afcd2cac10d48e576c53907df54fbced1fc29f5ed96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
23KB

MD5
facee74c789253ce2d2a63c6d49aeb94

SHA1
79b895ffb82ba8363f8a67f8380cd6f32a5fb907

SHA256
804c9c6d6384db9e246de900d22b3f4d79a7265bf42ba72513d3a060302b3f10

SHA512
4a1078ed20af2a83f3a3f1893f4f1e6c5f94f8608ad85c50ae232aff6b8eb931167c082ce80dc51da4f116e4cff970571b2d51234f9777ead0d5b9a5de4fa8d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
72KB

MD5
a056ad83dfe2c20e206f9b8ea757559f

SHA1
c514db4b24b8b88e8ec7cf150eb1e13957935f93

SHA256
c8928595bcfea39f9298b6d1efebee8225c7e68885fc91a2d14af74fe3185f7b

SHA512
3ab0f726f08f63c95a5ae43eae0c0b3482c6d2f5cf7de3078db49ad4c31b21cdffacd8d10d8a4091b653914730f60aea4089b10d282508816b1531e0912a1666

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
20KB

MD5
2ebfdbd309ee762211b4a2ac39708c4d

SHA1
b002922c672dbe1dd4caa02af24d0b1e7da616af

SHA256
54ae97d445b166859fe3ba6241b97abbac0aa0d158c72352b774d60ba3e81797

SHA512
d1687b7a6da07a72963c96a1e85661046d3d3c96f88445302afa09721fbe211a5fb8881ff14b346b0ebe8a20f5ced21979e9f58e256427e57b85d565bef17720

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
32KB

MD5
0192ed367467fe7293cb47794a339b71

SHA1
95edeb67c95b036ee3e18272cbd0b9eeb5e30f13

SHA256
7f29573f91e4ab9a4dd83a20a9751930fc827410ffa0865eda610141b6e34716

SHA512
1ea83ee50325d4c5c348e0cd3dd3a64efe4b26cec999ce42a9dfbc625e1061badfebdcebd6784e536ebdeb0641ae8907a87dfa36c46ead7b4476e67ebc59798c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
50KB

MD5
de8f6f47361236b8f26c0a2fc07d747d

SHA1
84448ae5df8f5e66bbdf6c13aa67a3a941292e8c

SHA256
8912cf5034a579f33c12dffae1e9fce25cfca9cae7065c3a4d564909a66077d1

SHA512
8aeb8359c5409ae5bddd287cfb5ceb84857b3e201283c0637cfc8543b40e48c6cde80ae2f1b1bd611b7d430034c9afe7ac2cdc41980b714e2e9d0362931e6c46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
20KB

MD5
2bb242bfd89e2b49e2b7234045ef7d23

SHA1
845db51ae72e25ccd8895c3915f9c21c6bc98ff1

SHA256
a5fa33ede1b14967d581d664ee1269b65b36603caf7e37ec0de63d72ccd3944a

SHA512
131bdc258e74cdcf284423cd196ccb91cd97a2ac617da20edd895709c3b7570ca2b03a5fe10497acf70ee177534ad0ec7eec1843ec1fb366b622636c3ead092d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
75KB

MD5
c0139a4fbdafd457bbfc9b51ba635ec8

SHA1
a80b4b6096128df22af763bb4862a98cbf88ce20

SHA256
fbff5cb567a39370d5657c7dd15c617cf5043c966243c3c08fb3eceae894f9be

SHA512
4c121c5fc109c120c6e7fb218ce26d29754a5e7ba6f368e09a8a9409e31050bd1b63ccafc36b2754dadb7548777620892a01366ab350ad13022237f406679bc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
116KB

MD5
226ebd68f085b8f729cbd9c55f4a5934

SHA1
3a8039b94f20da0b2cdf48a6dabb839d3fc090ab

SHA256
4f0215332edb60a76aff5ba0549995864ed2c67b1cda48855b8be5a69b932ec3

SHA512
3be51067f5ba8b0ca5531625c9ecc92952fae66dbdca88484aef46e2d727aee8b2355e4928ade809137fed399d326d94889480f729c17694c5aea18e3d022518

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
127KB

MD5
dc8d5f8dc9569824b30082599f5ad24c

SHA1
4bbfe1f52cbd55548c49383ca22fba856ab09dbc

SHA256
99a00ffd1c25e6b6c3e529a1892faeaca8b7cee0648ae452750ec4451f3043cb

SHA512
6bf5449ae63d6a4cfc76adaa556d216e71e9078ca564edc846137801710d5fdab6cfa3bfe53077f6d40e0f52c86ef841e21ef5b956e46c51b87a1fea90058261

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
b1b7ef6bc03b866a284616de1dbf2af5

SHA1
cd3f828ae46500072e3e36a101368cd9788146d6

SHA256
fce8c68ae6fdfcb768202f05ff22077219ceb6ffa394b41de7251897a18846c0

SHA512
b0712223664d3bbf0a54e01ba2fd3ef7ceec18a016489dc8d0cc2f34362c7947962fd564e0b91412cfab1fdb5c99c3b9350c7000cd6d5f04271758255cee035b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
7d538e492e1ea452eb59d150522d943a

SHA1
747ee21fc5f834a2bf725f8df5e60b2ac0022f49

SHA256
99da4161a507432052365c82fb15c0ed5079329a66410fc798f4e200c630d4ff

SHA512
5fce322d973668bab5e2b7c6251f296d56939365c2185509d97c9d22ab82b6d8633a6072549f5983d6ce8b3f3b01774ec3eb2a3dd2a1ef351cfb22ffae847327

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
e5f8301b729f51959dab6cd9f0f01575

SHA1
cc64c9806593cf19d63c31d9839661428620e3a4

SHA256
91220de1c7f2696f6b3faed17a9fcd964eb136b1e183fa1ceade151af0c5e1ce

SHA512
003cd620fda4b30d79aa011ebbe124ed535d222c489964194c8c0c659fc17389f1d8fced9ce767fa14eba1f2ee7c5b6a89bdb6530b3617f85699bd6d020ae2d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
603e480bdf1110561c03a9af7f8ab58c

SHA1
740d20126d1edf2e52c5860f6fe5271331fa7439

SHA256
41f9f5d1824bdc4a7c003e74d31809b7434ef5afd346e7cbfed9c32386f3ef4b

SHA512
82bc61871dde2372f02eb25b9bb3803620433ec9aeceee9a7cf9227c554f2b6a45e4ad32ab6aeecb3b44214c7db7539f730bb2e0d2281a8527e66abcdef35234

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
c520e3712762a477b5de8cd0661d0276

SHA1
3dd0daeb17fa4a35791b038b459455b7065fbc17

SHA256
883dc21f71911c87c237689ce4e90bf5f00b6c3ccf6f3fe484a340cd7f1d8669

SHA512
9abd309ec2bdaa8b3a51c640dbf82c33ed5425d033af07941877e9bbc8d5bb47d2bbe5d6d69536303b42ef7f8216ea4243f5d219637ea731c4a11faf113205c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
a90d66add474aa250f59ec89a92dd458

SHA1
52c26bfea57dfddb254303d5febb900cb83d6dd6

SHA256
8b98a00c4be391a4073d885eab85b8b8f021fb2b318d27271c74ee283dd30db9

SHA512
57099d2e21f7339daf2d9b19daa15a6206a48e660a1f7d0de92e55e48775932efa7e46ab117dd3a2e0ad7dd158fa7ac51e1a83ebec8041b51bced4ea3ad9e6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
8beea6bb6726089cdc1e21725a9feb33

SHA1
ea8c46e1855aab7ee8a2b228b488f49f76edb7a2

SHA256
6d9e582a4637f87aadef4903605fa1ea4533b23295917e095efe5a9590411395

SHA512
8331b03e5841ba5dc0e23a1cd7a4294b0ec5fbe777b0d3cb7083aaa5df0062246486c50f47d7a38188c0564d91a85964e9fa97c4d451209ba8b0f4cc655680d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
02c21690dda7c2ae736a92911c473658

SHA1
a070bfdd6aa219a601a3cbba4b6d879c9387d266

SHA256
297b0b53c2210fbce980d66a93c8354004d69e5afef868a9c03cc0bc5f1e4d8b

SHA512
46b7f071d8e64a38d22313cc5677736aef46346416785e592cbd3c5fc745d66735d4c3836e77197d61147bee7fe8e7c3a8ef42869bd9e9ad16cb951621f61822

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
039c88190a672874e04eaa54fe378cc2

SHA1
b0593928c47ccd103b873af6274acc587ff0ac71

SHA256
55f0ae7dca87b218d19ea806c7c01238691370ec9c76d304eaf22383f1d3e715

SHA512
4a839126790cab8dbffd184e2cb456817cefc3dfe258c77dcc8ec6e04acad2a02702c13b0fc18109cedad8045598cd740ccb9ec2c255df9bc2efc42f9b8c9c7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
75f03a187db7f71c6f739db8a28cfbf1

SHA1
aad3c64ee0350bddbfe2d4f4c2e24deecccc1ef3

SHA256
c803ef280dbc7ba230144a1f10abc753d4b1ec71d82be702c539034176331261

SHA512
3462adac14a82f56b096fa376f6e470bb634692a6ec0d40dd7f29fd8f1342ef00c1754ec8bf402d4bfdf1361fc7c2bbd4cf5c7987baa49b1948e1b30eb2da3ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58b87d.TMP

Filesize
874B

MD5
004912b7ddf6454ba6c43508d303d73e

SHA1
141ba530d2e0e2414abc3fe13276867998726290

SHA256
5c109111b17a45b42eaf7cce6091839aac3dcc0aaf021623665ca85640880a9b

SHA512
a0847d14a6a5a76520b8e924b75b0bc210da71319226b5059bb43843e72bbeabafc5c97341d9c869818c9a1b6f0362c81297ac08ca306b26ffb01908dee9f4f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ed509648d83f7dd049195ee6d9327667

SHA1
5d03cae2a7c3a39a5d97b969e0a1162980199888

SHA256
ee17fa46f7a27cc4d19309b409825a966dc13d4d942363db851417bda0a75ebf

SHA512
e5b30cf557d3d03a331262d7caf72138e483b504ab9ac48ed532e4c640900ff46892ead4634637f47b9ce1c808021bca401a271f2d0f05a0d5952bbeeea6a5e7

Download Submit