22f444700df55af7f39fb817c0cd778e464fd44a004a972eb32bd9b2eadabae6

Analysis

max time kernel
149s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
06-01-2025 15:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_2ae65d1be1234e9503c448eeec864fca.html
Size

65KB
MD5

2ae65d1be1234e9503c448eeec864fca
SHA1

2096a95ec0a7ef41e64acd1232fec130586ba75f
SHA256

22f444700df55af7f39fb817c0cd778e464fd44a004a972eb32bd9b2eadabae6
SHA512

a15116cde6b0eb776311ef5f144ab1d5817348e4b89ec3ed6bd227357d9c09e849c9a4f5685e6f177ac029b515829e8ae711ec57597672ae2e9a413a72c91e7c
SSDEEP

1536:EBwgr8VkeO3g+GnykIgyZ+mXbk0xoaaS6cgRr9O12T:oeO3g+GnykIgTCbHxoPrO12T

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3988	msedge.exe
3988	msedge.exe
1600	msedge.exe
1600	msedge.exe
4456	identity_helper.exe
4456	identity_helper.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe
1600	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1600 wrote to memory of 4576	1600	msedge.exe	82
PID 1600 wrote to memory of 4576	1600	msedge.exe	82
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 2552	1600	msedge.exe	83
PID 1600 wrote to memory of 3988	1600	msedge.exe	84
PID 1600 wrote to memory of 3988	1600	msedge.exe	84
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85
PID 1600 wrote to memory of 3056	1600	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_2ae65d1be1234e9503c448eeec864fca.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdfe8646f8,0x7ffdfe864708,0x7ffdfe864718
  2⤵
  PID:4576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
  2⤵
  PID:3056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1
  2⤵
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:2052
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 /prefetch:8
  2⤵
  PID:4840
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:3236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1704 /prefetch:1
  2⤵
  PID:2960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
  2⤵
  PID:3108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1
  2⤵
  PID:4772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2452 /prefetch:1
  2⤵
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2676 /prefetch:1
  2⤵
  PID:3668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5708 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16381591241665039502,3101210995383637047,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1
  2⤵
  PID:4596

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3516

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5012

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b8880802fc2bb880a7a869faa01315b0

SHA1
51d1a3fa2c272f094515675d82150bfce08ee8d3

SHA256
467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812

SHA512
e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ba6ef346187b40694d493da98d5da979

SHA1
643c15bec043f8673943885199bb06cd1652ee37

SHA256
d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73

SHA512
2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
71KB

MD5
da52e38c98b0f2047abeb07609608ab5

SHA1
da1210caff36df73e49a0c271ff7d573c2d20d02

SHA256
726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

SHA512
35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
61KB

MD5
468446a7240461af44b59ebb2047c231

SHA1
47b7c525dc91bece99df0c414960b9490b986ba8

SHA256
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

SHA512
ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
29KB

MD5
3510364d32f8b7f1433da58249cf7c92

SHA1
85ac390e01978af4a94d15149f6bb198b59dea00

SHA256
e40b6e6621f889396cd94c4ae5ec5614b02a2731b5df22d4e4fe275c79be938f

SHA512
f31f14cabf47f64c08ab03ba4915569180a84f21041ca7d54d5218117dd23bf9749a71a7bf6de3c76b28daaf7b4aab4ab7d6d7feeba19d7a10f5814717250f88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
26KB

MD5
607af348cb61807b8ffdf1727d189294

SHA1
331b34342669b7decec1714b2b4ca93316639b8c

SHA256
f4bb44369726b401941ff75add7e08c61fe6475f4d4e0a5b2cd49a662ebd28fe

SHA512
71197bcd03916bf2bb6a279234bbdacf10e955dda0bc3bb47845bda81b098872cbc1c8b4de97deb9aca87bb608b0cfa10dcec901858bcfb53692c3fe31a1e830

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
32KB

MD5
ecaa6b8214214081b535cc7dc07975d8

SHA1
1da7e404f339272d497c44d72b62b4273abda723

SHA256
178a8551ab639d79a5d23000a86005bfaa0287783e952e9787ea56fd4d7903a7

SHA512
261c1f1720bd2fdf8d17ea8237030033bd96519f9d7c06a9325e0d9ba98751848233ee073396725b0e82ddd97d1bb10712e9e2f3c82b9436b2cbfe89ecf90548

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
23KB

MD5
7e98564be3c2fbfe5d55ebceef08fb8b

SHA1
4b35415b61c5ed813f615475df2d513f5dc73d5f

SHA256
b9a21d15fe5b99b73ccfd9f8df4213debb40456341e1e71d0848b3602cad2ad8

SHA512
4878d6d53441aab8c306b67a0e4051fe9fa0aa5377d6ff806c6e86fffb042c41a82efd7135754d9af1d6fc571fd23e3da37e680eb4bf983ce08de72421b0259e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
26KB

MD5
cfb932def16c9b8fd0780ead10d88101

SHA1
f6f13c974f89152d7d7515411090452030f8aec1

SHA256
de19ec1b1376bb8282bc19b8ff2249a4bcd7057b7a379af85b6b701e59d3f984

SHA512
9bfae1abcdf2db1e9a0ba890811f6378a84bce498585cc82862a944deacb45efd337dd44836eaee91f27f4401504cc8896f4caee1a526abee49533b8e1e9282c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
34KB

MD5
c0da73740f8497fbc78836942a269b8b

SHA1
9b4906f2ab243f4e97778199b7e026f331c6c098

SHA256
4681518b35b3dabfbeb6acc41b610d235bfb8c32a155db8edc21494e333e353f

SHA512
bceab9d1bc4e967c6233192a911e115932da1bfd8ad6e89440bf6e3d3997120d3eae85e0085d5c04d8175e9d93cc826dc60f2ece41ae5bf74bd6c1220fe385b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
31KB

MD5
4801020b110672e1e727e2174f279716

SHA1
65bd8d99584fe07c16f42a3c19910edf7116ca4f

SHA256
b1af1ba3c0f4531044e0a54772a26939ab25115a4d7c4cb3af75bbefffdba970

SHA512
ff92189feba7013d0f4d6ef90624e8f1c9c1277df57770fb55b692047098a06e72a97c7410f10b6df567e90c33d5f89fac85943607b63399bb95040d0d1a79a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
27KB

MD5
9bb4132fee3b6bec93115645e408ddad

SHA1
c4f645fb0efe3a30b237b0aaca2c57d885ab4608

SHA256
7d9b41c9a5ddc1f97c82d8f8b35a1a6ee50b5dda33e6a79fdf769f55ca360b10

SHA512
94c946ea36d289c9fd880c129ba814a49103212a54a53d05e030239672b18a176bed18ca96d5a20666231cec518889f5a1181dcd9f507dd07d194b1dafd1af48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
52KB

MD5
f9ad6fffe23fad04422671cf2fa4a661

SHA1
b8366163961f1689411636988a73dbc16d13ff3c

SHA256
f0ca592df98944df58f4c281890809d30fd2117e471b8021ff138314efef5dab

SHA512
e9d95f4f0eeed04413a1d798161d1c20d876f5ea4440c13e9fa356a562e931f98d84b3f6a907d6541cf6bbbd7e84f0e106b48fe2f5fcce77d66f70e114834aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
32KB

MD5
0192ed367467fe7293cb47794a339b71

SHA1
95edeb67c95b036ee3e18272cbd0b9eeb5e30f13

SHA256
7f29573f91e4ab9a4dd83a20a9751930fc827410ffa0865eda610141b6e34716

SHA512
1ea83ee50325d4c5c348e0cd3dd3a64efe4b26cec999ce42a9dfbc625e1061badfebdcebd6784e536ebdeb0641ae8907a87dfa36c46ead7b4476e67ebc59798c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
20KB

MD5
2bb242bfd89e2b49e2b7234045ef7d23

SHA1
845db51ae72e25ccd8895c3915f9c21c6bc98ff1

SHA256
a5fa33ede1b14967d581d664ee1269b65b36603caf7e37ec0de63d72ccd3944a

SHA512
131bdc258e74cdcf284423cd196ccb91cd97a2ac617da20edd895709c3b7570ca2b03a5fe10497acf70ee177534ad0ec7eec1843ec1fb366b622636c3ead092d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
75KB

MD5
c0139a4fbdafd457bbfc9b51ba635ec8

SHA1
a80b4b6096128df22af763bb4862a98cbf88ce20

SHA256
fbff5cb567a39370d5657c7dd15c617cf5043c966243c3c08fb3eceae894f9be

SHA512
4c121c5fc109c120c6e7fb218ce26d29754a5e7ba6f368e09a8a9409e31050bd1b63ccafc36b2754dadb7548777620892a01366ab350ad13022237f406679bc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
116KB

MD5
226ebd68f085b8f729cbd9c55f4a5934

SHA1
3a8039b94f20da0b2cdf48a6dabb839d3fc090ab

SHA256
4f0215332edb60a76aff5ba0549995864ed2c67b1cda48855b8be5a69b932ec3

SHA512
3be51067f5ba8b0ca5531625c9ecc92952fae66dbdca88484aef46e2d727aee8b2355e4928ade809137fed399d326d94889480f729c17694c5aea18e3d022518

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
d22980b557f062bb8d51a8c681697089

SHA1
28f4d82f4b57bd2d00fc439a2c82c23b84ea8854

SHA256
d23be8d7daf92c7203b73ec23cca55f09440518f18d3aa935b144d48bc06a23b

SHA512
37804ce1d2d33bd6b815faef34d772d8ef4990eceb08e39972f5e1f5fed2f3705cbb9d5b7e81507910e7cb8d07c087b6e589eb07644c7dd5bb0308f35e4550e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
e1ebae5a79c883c69bdc102686201bbe

SHA1
74d0370fd1f7004aa3e52af542041817c33e02e2

SHA256
5c6ed39f9a9c9e9313c3244537389c0029b9db7685ebdf8a64f196645ed1a416

SHA512
eb3bc76f6bdd3bb3088885bba01c496a121b5079f4e86173853249cc77cb8a982505eacf2c5b3ad6b5208cb952acb94a123d99d3a15725b35b2d8a74db168518

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
503bfa25c5783067cfb20ef77106b06b

SHA1
488cbb3662042630d6edd5df2183786d53aab14d

SHA256
6b22c0ad20e0820f88034e2ae170b0ab67de18a20f6e01c201132d04503934b9

SHA512
e255c4b6202a9c1be24a51e4d0d92720b52078aeb81aecb0062065b75d1692e0e21d2a3916548a9861437b5ef5e293a98ed51349c3f7309bbc11a77e8cd3c44e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
1a6b93f0b27faddbaf290320790c4986

SHA1
2df1147e07208b1aa297a32352b6db158f75fefb

SHA256
dac842f83dfd83bd5a91f2edb87a7dc55885b583628d4274461a5fa3dedb8482

SHA512
5bea53be5e88d5debed1ef839eb07e11b3bb45ce63a3893473d073372d044632042acbacfe42bfbd3532349d71bf0c630006aaa68132be8230204187090f6fe3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
e4242a94b48e4fee5c6c666c3d6d1a4e

SHA1
d8f4a79f88d668bb3046281ea2025d9305c6f09a

SHA256
6922b3362ad7d273724331a31481428b10eaf04b899400f2e08b29dc65801c0e

SHA512
ecf43745f74262008a4265add30a89362ec9f623ccc1c4758a667bb78a28a6d38ed6dfc227dd26646242a9d28154bb43f6b2163a043af5cc31002ec74dd9a9fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
152eb64def95f30b583805fbe53c053e

SHA1
31c422082c761f5666a819eef0464a03fc53b1b7

SHA256
9bd0264ec19593c2766092932d0d2c3870d13e50d94c611d7a5f2d943bb2ad83

SHA512
95b5ea3eb677490aacc8b45330078ae5d71dd4ad71dec993ac23f8dcb3b76e53559fc00f78f22b267fbe411f0e317cfea45491616af5e6b71cfccbf222ce5222

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8eb6bd05a832a9fd9e004bc9e0063d63

SHA1
aa7c9871ecb46c7abc377df34f85e0f790b13015

SHA256
6111c20dea5d48d4c27cc587df23a40b99bb7a3afabfc8c314124b6bb5bcd762

SHA512
75f985c99d6470d2cfbb1fb5c7af39088cbd3973665e0ac800d884eb642ad7b5e44cff75f983bd0709a9df81f4646407e96aa4dd338b51fcd68d9b28bb16fea9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4b129152ae44d8a50676bdac7129b294

SHA1
69a12333c04223c2f86da4f4051e94b77f25176d

SHA256
eabe2017587b54771c44df7805c28cf5e55cf7082215ce3e800e2d88dccc2484

SHA512
876503c1fbd0a3d0e76a99d1e1d7f1344113ff7b6b9eadec2660eaed636bf5145d52e02f78076c2e85ec92bfb9c1e5f8bd572d51eb03058c1220e9cb8f0b18b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a1901ed71cb112d897facc054a1232d4

SHA1
f75e6d3295b0d41ece12064ab03c96a0846b0035

SHA256
a19f95473756759f1ddb9c0b8d2e57a8352c0f89482a48cea0dfd824222780ad

SHA512
64aa62d763ae37dfc6099a4df8fb41f8ff334afd64e7fb22e0098bb10184b7eab39020171a222bddc46e9484d1dc9c034768cf84353b57583508a953b06832b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bbb55e2223eec6e94dd6871b339aedfa

SHA1
f0013ed02df172f347eed6852820a1e937a2fb0d

SHA256
a05cab4f1487716523cbbbef326150d32418e38e20f49281432074409f64ecb6

SHA512
53bb9c69f482df789f4d8dbf82221309892209a0d6c65e9cd133bca0126a44b49f3c8faf6225a50b64bdf3718dd913b744111d2e165f2ae46aecc27ba9d8d475

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9f388d814f014a9d8dfaf164e288fae9

SHA1
589fdc911c2f7d482166e70b44df9c49b2db7d86

SHA256
e2b57863f2ccfb8e1c210a4c83b6a7c94048b5bf7e59cb70d0731daf7f78095d

SHA512
3e965f78d353f8ccfa8eb14d661980d0f84b3a483a7accc7b96efef0f3d662a52e5b6570ea1e44094fc6acdc76d46bdee10319d2c9d3554e2bbdec55c70c30c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
521febb59a762026e02d251722122bbd

SHA1
a16e13ae0793245cfde63b427b979ee5af808988

SHA256
4b7f023317521e128bf3191388844f3314a81e1d3aece1ee3054201b63cd130d

SHA512
54b5b04c0a7800b0578e14612537693b704bccf91cba63cc643a3b386fcecab2a06af2e4863934fa09a3f86110134f4945f400e6462dc25e719be1b04d99be26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1c04e86be5705dd9ab804e685777333f

SHA1
cc2645973fc17dbc5bf114a83b78a2395f7ed68c

SHA256
cc8e5ba7fc62ffa87b584c282c5341b492c51dfe4eb3df4456e461e0d19ce4ed

SHA512
86795fd1124b21d470c849719906cf22b5fdd1e4181f94a031c730775bf18c9f62146eea5051e7a9daf99a4739f57bd5573052c1b5b58834aff6da61318ebe4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
359435059f3f99c0cfb61a7dd8f77d8d

SHA1
356734e274c67b43d353ccb82bde70a55e72fef2

SHA256
62bbc40877154310e6ec60ed79ea09a2c79bef5511ac082c046c0c42033f75f9

SHA512
62007b0b9cce3587e499e08df38b08072fc35b8791611e50b5af80098294b65a4aed4f41214cb66bbff0cd36e2dcfa8e7e5f527d255120f937f028000b76fb97

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
f873bca760b8d0ee0ecca25b10e98502

SHA1
3f2a0227a797d00c288117be36f8c5b4b23cfec9

SHA256
eb35fa19f5846e3d9f22c5e389af9f76126ed3736d55d30d3828042231196f35

SHA512
cfaf4a230c712d38646eda083d3bf01a93ef4bcaff28afe714771c0456831ea70b2c6b6c8c22191c2811aaa51be62f1425903c42cbcbf6ebc2dcc9e5e5a4edd2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
a9e5e81d7c3a75273bd14dae3f205ac5

SHA1
494fee2016aa8ec639a87e813ff89b595e681f07

SHA256
9ebaac8b3e55000da342575c42619139e17ce0bc82d907b4ab67bb3f90965437

SHA512
e6b39c00af3321fdf66d734d0708b0701a5c57aaa96099309052cd677307a8b01e53c3405935370cc875dda548d04c73339fa9e6b2581a6a250989e21271afe5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
57b25366a7fc34cd8eb3d42710e5123c

SHA1
9323bdd8f3ae281f31566ad7e74dd4534afde157

SHA256
64d9910652bdbe36accd070bf9906b1d55364495a0ff6f56b705c8aa9ba2b48c

SHA512
4016ac673c00bcafb7ef112165e2b4a2a67146f3be583bcf44a3f19456297e4d062a6739d5464a2366f58f4ed405d0b8ca21fd6cf2c3d76d9cdea9fc3602816e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5857c0.TMP

Filesize
203B

MD5
68e051ef79c17954fbdf1d65b2e70361

SHA1
a5350485c7555c6166da713b4f012386d818ad1f

SHA256
88aebfc66c5bf730571892571ff46a6c27406c877908b34b86adbd27770e72ac

SHA512
7caa82445cb0374003a14f41b64782f1b1c04e734b33ea2f96321e39d7c88662be443223612e60fc673ee85f2cc26a506fa837119e930d42820953c0ad4b3e77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a7477121fc880c444a3dbd02dd018c14

SHA1
fee38098b62ab62a47aad1b621ea1d67cec04791

SHA256
c710a5e423dcdeb5586b6ae486821e5f54c2ebdec0b9360972a24e4e2a5ccf8b

SHA512
937f1a8068ac141d7d6184784ba373f39976b4250a0ce4d9fa70540faca239dfdcfab58ad0c099c530d6c089493c127035ef44c229a8a7613629991fe4989720

Download Submit