3f54f5d8d317d8685bcf045a8bbcfb6fc2980c7056529350951938e73df60c77

Analysis

max time kernel
136s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
07-01-2025 05:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_515800ec99fce2a28db293cd3f96a471.html
Size

64KB
MD5

515800ec99fce2a28db293cd3f96a471
SHA1

4ec586b43270941c7b5356082b7655363873c87e
SHA256

3f54f5d8d317d8685bcf045a8bbcfb6fc2980c7056529350951938e73df60c77
SHA512

c5b950defd1cd06dd5fda4fb1ebccc64905e2c5c66ac3969cf211ebca53463c6cc3f01c3192bcb77c476e01195b2a916a9f1457a23e7dc27caf5d0bc26c350b7
SSDEEP

1536:NMk5hP2zB8h/P7PYt+rr89rCX7CesY8seZbtx5D:NX5NyBwn7PYMrw9rCX7CeiseZbtrD

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1132	msedge.exe
1132	msedge.exe
1560	msedge.exe
1560	msedge.exe
3440	identity_helper.exe
3440	identity_helper.exe
1288	msedge.exe
1288	msedge.exe
1288	msedge.exe
1288	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe
1560	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1560 wrote to memory of 3424	1560	msedge.exe	85
PID 1560 wrote to memory of 3424	1560	msedge.exe	85
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 976	1560	msedge.exe	86
PID 1560 wrote to memory of 1132	1560	msedge.exe	87
PID 1560 wrote to memory of 1132	1560	msedge.exe	87
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88
PID 1560 wrote to memory of 4084	1560	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_515800ec99fce2a28db293cd3f96a471.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe06a046f8,0x7ffe06a04708,0x7ffe06a04718
  2⤵
  PID:3424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2264 /prefetch:2
  2⤵
  PID:976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2696 /prefetch:8
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:2392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
  2⤵
  PID:1744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:4040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
  2⤵
  PID:3808
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6924 /prefetch:8
  2⤵
  PID:720
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6924 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6928 /prefetch:1
  2⤵
  PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
  2⤵
  PID:2344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
  2⤵
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2248,9445688802107142475,13717783906143658597,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4764 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1288

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4440

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2712

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8749e21d9d0a17dac32d5aa2027f7a75

SHA1
a5d555f8b035c7938a4a864e89218c0402ab7cde

SHA256
915193bd331ee9ea7c750398a37fbb552b8c5a1d90edec6293688296bda6f304

SHA512
c645a41180ed01e854f197868283f9b40620dbbc813a1c122f6870db574ebc1c4917da4d320bdfd1cc67f23303a2c6d74e4f36dd9d3ffcfa92d3dfca3b7ca31a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
34d2c4f40f47672ecdf6f66fea242f4a

SHA1
4bcad62542aeb44cae38a907d8b5a8604115ada2

SHA256
b214e3affb02a2ea4469a8bbdfa8a179e7cc57cababd83b4bafae9cdbe23fa33

SHA512
50fba54ec95d694211a005d0e3e6cf5b5677efa16989cbf854207a1a67e3a139f32b757c6f2ce824a48f621440b93fde60ad1dc790fcec4b76edddd0d92a75d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
20KB

MD5
2ebfdbd309ee762211b4a2ac39708c4d

SHA1
b002922c672dbe1dd4caa02af24d0b1e7da616af

SHA256
54ae97d445b166859fe3ba6241b97abbac0aa0d158c72352b774d60ba3e81797

SHA512
d1687b7a6da07a72963c96a1e85661046d3d3c96f88445302afa09721fbe211a5fb8881ff14b346b0ebe8a20f5ced21979e9f58e256427e57b85d565bef17720

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
1dfa8dd4848e372c329e28096f4fe483

SHA1
0ebeef42db04ce735126822eb2ccdac1f8c8ec72

SHA256
7de270e460039172d194d9eec4f56a6b6158fa54863b4493323a7610ce618ab8

SHA512
45d24186133ebbe668b04a47224993f0ccaf6fdd66bcbbca7d6008376c7f506d369f4d07c4cf5b003637456b26b9dab11deb752ee3c0a2e204595d17d185d7d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
7b37fdbf492b91141207ae744216874c

SHA1
b1393d3c9cf1ec5b606b5e112c2de9e7782d372b

SHA256
d4c99df515230e5077bd37a4b940a688e2682dd0bae3151231f4d891bcd602f5

SHA512
d8e65dba3fbe02687293aedea663a5d1631c7bfe189752690ae3ee8fe202c256a97ce16e8bf7015e00f5290d066da977325d20bbed9fc8c66ff28e2d66f001c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
a23d34808143cb4e509ffbfbf06df2c5

SHA1
a8c064cdb99c50601c2cea059034d7d48bcbbfb6

SHA256
7ac133177ffe2382ca7ecacda4cb09ef66ddce5f807ba4847bad6a949e357c54

SHA512
c67a9879fb17bcd60d9559ff5b62fee1ddab4c5586ce91be7db248cd5b5eb38641e8fd54abe20c3d6ad8c18281b8e751ffbb0e5ac761488c555ec377ea57d041

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d6a9762ed1a4aecca12b5e6e9e29f287

SHA1
92ae087c9175e3a2d18ca8d50d3fedbebe7b7cf7

SHA256
323494dc8d4b89432d68f74072e804a38ced2f865a075cccec443c4bca33dfea

SHA512
3e3e456d9ae4abb420132d672ed8111d4636674bddbd4cfc080dd88fbf987f7d0ba6e1487ca33d71dab4fbe1453c5488146b47af368fb642e54feb28e3585d76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
78d7b83e639b43ce763b8bb21dcebd12

SHA1
d13baf8f898e7c35711401b3d5c81525a8957600

SHA256
03de264d7c208c6c51f0a5c657c9cf2ff5f056ae1d46d725eb94adf489295a43

SHA512
9a07849e4a9d574b9c60bac1b0375c9993994d739eb3afc7d4a8ec1557d61f48b4dea6395339b72cb964c087fa4f57268556cf4aa53d47adea3ad0c3bd3bbd76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5f7b01a4efaf44c30016d8f5e2e571aa

SHA1
62410dc3c614a8620456099f0f87ce6678e767cd

SHA256
b10e0ef4de97a45f93e2f72f52de47c8ea0229b2c53d227aab6cd2571e9dbb76

SHA512
12d3809d1550fec6f97d18e401e3ff8f2696462e6b3ac86decb1c4329d58a9c3fef603ae555628db22f991286aae6c1435156ae41ad474e4c2868dfb7ec2b765

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
68cd379ebb445e54e789213dfe916796

SHA1
0a2db7e287253f54483a4b67e3496aea904a3bb2

SHA256
a2f5e492700969ef90efc2e332f520a5cf899804cad8e3ab39e47fc12192fc85

SHA512
853819e55f417f1c713d5bd924d1e4846076cf85c38311779cad286ed26667bda4a3de1b25d32fd421e4b658c79d4368f1165ef3f1bfeba499e0d69910716a84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587980.TMP

Filesize
370B

MD5
1e18e7183217d7855d5bcb3a1a4f54e1

SHA1
fd3163b506447cea391ac764f93119eb8275740f

SHA256
da67011c6e2344ac9311feb99d609ae17ff9925a16556a733bce081fd49fb644

SHA512
28969bc4e0ab769e022f0bbdb74a2c52fc6322bae886f595a573718a09429df7ba335e0e7c6b94365fcfa8af95c3c0c95fa1cc1e501a1f8e35e4a6c819a6052e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
43c8e3ba6abe0b4d1ea985cc56e3ad47

SHA1
7c308a00acec0622bef68e0f3de6db7bcf7f870c

SHA256
2db453363fff68eb4f460112c53c82f42083df40cd3d0ee5e29bfa32d359f691

SHA512
ca1a9c4acf2aabd19ff09d440731f0475f91cf6180fbe1a66b712225d4e3a73181b870113e343d8e6fad096d410a5de39d2437ab881999f2278764eb3fe0ee88

Download Submit