3fa4f2e20bcade55afa5e8d1681db1fada6974a41150f0485db9fa3ce055dcb5

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
06-01-2025 21:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_3b07be96be6c3a282efb26b193b86f10.html
Size

73KB
MD5

3b07be96be6c3a282efb26b193b86f10
SHA1

7ee266246b6d9a5e802e6db65b76ef88e1abe9e0
SHA256

3fa4f2e20bcade55afa5e8d1681db1fada6974a41150f0485db9fa3ce055dcb5
SHA512

681655d2adaa291479a67c9019297318e4211e67344c595532b6c240f1cc5ba750aa85f0c12c4186c74b25e811adcfd36a6fd8187057eb18e936a6351ddd85b0
SSDEEP

1536:SWVOZOMFf43jprQg71mFLJZLJ26iDTgxz/jIeILOrEo+Y+ujNT5+5Ni4:qOMp439rV71UFZLJ2620xz/jIeILOrEZ

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
62	sites.google.com
63	sites.google.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3676	msedge.exe
3676	msedge.exe
3996	msedge.exe
3996	msedge.exe
5016	msedge.exe
5016	msedge.exe
5016	msedge.exe
5016	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3996 wrote to memory of 808	3996	msedge.exe	82
PID 3996 wrote to memory of 808	3996	msedge.exe	82
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3572	3996	msedge.exe	83
PID 3996 wrote to memory of 3676	3996	msedge.exe	84
PID 3996 wrote to memory of 3676	3996	msedge.exe	84
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85
PID 3996 wrote to memory of 4416	3996	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_3b07be96be6c3a282efb26b193b86f10.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb1a0a46f8,0x7ffb1a0a4708,0x7ffb1a0a4718
  2⤵
  PID:808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,17640138683793441995,8279270582571258922,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:3572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,17640138683793441995,8279270582571258922,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,17640138683793441995,8279270582571258922,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
  2⤵
  PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,17640138683793441995,8279270582571258922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,17640138683793441995,8279270582571258922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,17640138683793441995,8279270582571258922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1
  2⤵
  PID:1764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,17640138683793441995,8279270582571258922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1
  2⤵
  PID:2324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,17640138683793441995,8279270582571258922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,17640138683793441995,8279270582571258922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
  2⤵
  PID:1064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,17640138683793441995,8279270582571258922,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5016

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1404

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6960857d16aadfa79d36df8ebbf0e423

SHA1
e1db43bd478274366621a8c6497e270d46c6ed4f

SHA256
f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

SHA512
6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f426165d1e5f7df1b7a3758c306cd4ae

SHA1
59ef728fbbb5c4197600f61daec48556fec651c1

SHA256
b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

SHA512
8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
41KB

MD5
1da8deabd421929fa1a865599f43aad8

SHA1
88af7573c39022643333f85b523a329cb6448675

SHA256
07b01330c36ae322ea1f1e2ea70e60b629b292b3f7ee7aae5a9968dcf341e685

SHA512
0be3f8d02397c3cc32164b116c807115c42a310fd70c72c94b3b523732422ea2b222d8762e81d91ef0c36a8328df4f7ae8e4570c4bc46ab94cbed5131389ea3d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
251c093769ca6d909b75e3feed4a6ddb

SHA1
12dff082c4f38ca71f7f9d61996340cf6b8e5de8

SHA256
ae36d2e247dc8dd750ce908c3685e5df4cf7f78e6f2a02460d038318990a95ff

SHA512
0b4582239733cdcc119b1c12b9b57043b88a388aa5d92af7da91ffb5365f65b51ab43fbc52b7f45614654dcdbe6b1d7db8576321c86f138fa6dcef55fc9569e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
e58db891764d17e6e27b57f58106c71b

SHA1
926bf05e64668a92c8bb65280181d0303d62c56c

SHA256
39286edd599405986840b68f93f10d19a2c933d000059f43e6d717882663bd6b

SHA512
7d0d55786c2d7ec2c847fc4ec5ad32fe595742edf8d1f626a3f8e80f4e151b9e901422b9aed93ee7c9ff3dfcc4c539ae7e8dca122c0fb078428ff2e470ff7c9d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9af843f4e5dd03bc901b1ed933f7e56c

SHA1
a59ed6fac0e5fab13d959aacbfb40706abca9d25

SHA256
402c29bb91eff012e4046c87bf5702d8828ed22a654ba98d561065d30b50f482

SHA512
e5e9572bc46e76ea0313afe8b2f208a887dae14c2b2dca47da07b1faa31126e30f122cd6f4770dd8e42ff2eb7781525fdf41be7c799320cf2bbd9795f0991c8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
1505a8dae23e4efefb6f5dfc57856d49

SHA1
2182af3157df6e6b0881b73341d2fcac02967183

SHA256
0afc7bc6f80ada535b760ddb9e0e45f12a4e4c3e610db83fab6cc6ee54fa97d1

SHA512
495f0c0b18170f1a5b20ef053d0dbe8dda4786af0147805533bcef157ad6445d3dd6e85c9d4a0695e29a33312218f8953be23339e85d5c4a655e1eca7f25f03c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
bc936592f0b00328ce833ce956ad10fb

SHA1
918195eb151723b407bb91bc6de0d032ea41f345

SHA256
03c13bae4f51c736976c619509d5e2a8f8e3c82412d00bc03669e49c2206eceb

SHA512
11a3156e88f95d29cc966357ff1868d8ecda592e4f5a72664366f882abc4edce399138d951f6e5297d2c87da61eb41dfb5324a08da152a51c579fc59d84beb9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
78abd569f32df31ff93c981317b57f5a

SHA1
c346983b9ea2ce7b417f77d50320613b04da5b74

SHA256
9007b2c61d4efc36940fd489f893f92d7295300f97d3b95a0f3d4dd8a4c763d0

SHA512
dc8f4228c661ffbc051926170ab7e01572ee8e930506e0fe0d9d4337384995a3ea8f91c2fb9d2578d678dd69c637a866eeb9702931f84673407459c4488d5d01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
869B

MD5
3426ec4f3b2c8b742b0bebe5cad7430f

SHA1
e9aeebe3e85bc6b60c0c02e00d1a7d4d195c9ddb

SHA256
ebbd1e83a25ef9af7923d5145be347bb8e72f389546051e66ef1340cf1a99746

SHA512
98452f3a397e83bce09690ebcc46f98e4997177d4fb29d99aab609bdabf624fdfae18be57b65d0177a0d5fe2a86c0e949e55bf2c7740be03143d16c3adf43cb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
2cb008f43b1446bad0b7d926eb6c47fe

SHA1
37ac834037816428700ebe652b5df7bea5c15047

SHA256
fb9c1e44878634d8f77d761763a465345bc2494042b17552ce2f5e89430d8bd5

SHA512
a5104b2ae9787f83dc2ce32f5809a9ca1a8d65f99e4df92ed5527553f89aec054c748934596453bb97e742603320dde6beabee8d6daf47aad92fea6982ddee8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57fa3e.TMP

Filesize
203B

MD5
781b6782cf60f03b5787f9941ff69aaf

SHA1
eff0f4ac5122719d874ca5c76e5e63501c0bb989

SHA256
03c4b512c6766a62bcf605b0b068e9dcb9bd821ba83e4b0ddd197ab592c28c0a

SHA512
81c31c17e40e5317dac8c20dfea76b268ee79f65076f41de1aa2ce06d7e862176a8e44083b0d6443824f24ad5fcf8fa7edfdb734838af4babc494c2b27c2f1fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c10756b0-cebe-4084-a41d-35a63a39f13f.tmp

Filesize
3KB

MD5
26e0a24eb6c69cabaf27706d1112fc1d

SHA1
58d1e92f8edfa4f620753adb1164c01a624fccb9

SHA256
54371049f203da1e8a1e45a28e039ec141d09e37a58c39fb3b4d742bcfcddb34

SHA512
dc4c264f809bd9188d5b429076442d7459e20ffd1a1f279c2cf849c32fc4114a2e0797d59dd72d6feb9b66d81a502e7d971e639fe21f6a7557f11528713cfb8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d5437bf3be8981eebd377e551ff0fec8

SHA1
6c702dbdeadd1e3d2bdb03929bb7c9d73a187c25

SHA256
30c9e483d25671b8a1ce0a44b1be3e0d6b3938856a3475a2b01c5abf1925b9f4

SHA512
8b159dc75b0defa0cbdc7c402df30765ae5d7032948e1b89ade3500cb13fff1d78b9b413ef8b13153649a014379cd4fe435117fc3e6e4b1075a990497007267a

Download Submit