44830fb876cac69cd6df83b3dc71aa2a1ade795b4cf81b32bcd84ee1b7448ce6

Analysis

max time kernel
147s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
07-01-2025 15:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_69b15777f38aef9670109a52716cab11.html
Size

49KB
MD5

69b15777f38aef9670109a52716cab11
SHA1

e4df158822243ffd68eda4bfe6d7d46d7ffd48c5
SHA256

44830fb876cac69cd6df83b3dc71aa2a1ade795b4cf81b32bcd84ee1b7448ce6
SHA512

18fd0583b838436ad10e06dc9e4c07b6631dcd26034452532d2102c96521b90c01ce2d302893b5da3223a504b53572ff107fce3ec7c7076d297e1aa5310a8422
SSDEEP

768:bWwgvQO8s4hKJ8HO3WTWyaDYQbbf/hDaS6cgRr5gp2ZJT:awgr8VkeO3WiyaDYcrhDaS6cgRr5gW

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3780	msedge.exe
3780	msedge.exe
1100	msedge.exe
1100	msedge.exe
4140	identity_helper.exe
4140	identity_helper.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe
1100	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1100 wrote to memory of 3900	1100	msedge.exe	83
PID 1100 wrote to memory of 3900	1100	msedge.exe	83
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 536	1100	msedge.exe	84
PID 1100 wrote to memory of 3780	1100	msedge.exe	85
PID 1100 wrote to memory of 3780	1100	msedge.exe	85
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86
PID 1100 wrote to memory of 4012	1100	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_69b15777f38aef9670109a52716cab11.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce38246f8,0x7ffce3824708,0x7ffce3824718
  2⤵
  PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
  2⤵
  PID:4012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:3772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4124 /prefetch:1
  2⤵
  PID:4704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
  2⤵
  PID:1336
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:8
  2⤵
  PID:4344
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
  2⤵
  PID:3056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
  2⤵
  PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:3984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
  2⤵
  PID:3596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5292 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
  2⤵
  PID:3408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9601721920716588832,16244707544390835332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
  2⤵
  PID:3564

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3568

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1604

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
85ba073d7015b6ce7da19235a275f6da

SHA1
a23c8c2125e45a0788bac14423ae1f3eab92cf00

SHA256
5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617

SHA512
eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7de1bbdc1f9cf1a58ae1de4951ce8cb9

SHA1
010da169e15457c25bd80ef02d76a940c1210301

SHA256
6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e

SHA512
e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
71KB

MD5
da52e38c98b0f2047abeb07609608ab5

SHA1
da1210caff36df73e49a0c271ff7d573c2d20d02

SHA256
726a2ef49785eaecce64e98fcb3490c40db06d6a205455784f3267a5b4b7c34b

SHA512
35adf36acd8e1c65f040663d7a064f642a6db5e0b7978241db8a9b4eb52b8ae71cef4e7bb1b4a0d85e4af1f7240d6d52e5a07f512e5e90504e063e51376b5f5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
61KB

MD5
468446a7240461af44b59ebb2047c231

SHA1
47b7c525dc91bece99df0c414960b9490b986ba8

SHA256
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

SHA512
ac8cdf824112a3d25248e58f05495b458038d9388ba7e46e1ea8f6933cae23f044f4e532b74b13f52812bfaf602ca12ec152e44ce95266abe7cd6bd66b4a70b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
25KB

MD5
182d00a4b1233638ba7f6e19acf5cb23

SHA1
88672a43ff16dd75a2c7cc1c479bf658d04a998e

SHA256
ead78e8a971651907fad03c09c90d4e3b015b5214a2ac895fe4b93f13d61b6d7

SHA512
c1f18d7bf09c7f8b868b6a263c79c774f05aaa3690cfd9d2a0e22f206fc31a0c1f384da263599b045d40470dd4dbce4948f010f2c71be473dea7c94875f26583

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
22KB

MD5
7444ec04923bf2e160d21243a249ae06

SHA1
d152e4d0ebaab0cd82a025689f49e4eb29aea7be

SHA256
0064b1bf70059d6dd91e95c1286dce2e9ee78d003e3ba3826b6f56785d11a1fd

SHA512
aaad28d8665fd09dfba07666b4a5a487024b5216b4a539c0417e787d0d657a1e757a73554660291b3423d039d72732d18f71833d2953ea8f563b99829d7db51e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
73KB

MD5
38cc948802cc65a5d010d9032b122cc5

SHA1
01aa6a0904fb48178ca67a7f12c97fca8b40265f

SHA256
e5f54ed5bdda90d7d33c62cda40fae3c123ee13431a7af46fa2d215563842e68

SHA512
35a53348bd22a386e150e2867861608cb8b3ec3383b2b84d473e94941a725573915f11f109e000da4dec65f3ceb3bee3dd6ce1ce7aca7b7fe07be23cefdb0c96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
42KB

MD5
29b23a4a62dc97ad6e97beb90c5cddd6

SHA1
0aa934ee2b480cbc04e020b67e7630fa583e3dd4

SHA256
7d5dfb1bbd85ef885006fa11d69cb5f60add16f3455d6d273aa3043166579ac0

SHA512
267de34e7dde23351c3ba914cf3c19bec181f468247a79b7b0ab3e3abf2ddfaf8d3317ab690750a99140c7bc29583e8f712bb8dc96c555536c6b477affad70f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
23KB

MD5
7e98564be3c2fbfe5d55ebceef08fb8b

SHA1
4b35415b61c5ed813f615475df2d513f5dc73d5f

SHA256
b9a21d15fe5b99b73ccfd9f8df4213debb40456341e1e71d0848b3602cad2ad8

SHA512
4878d6d53441aab8c306b67a0e4051fe9fa0aa5377d6ff806c6e86fffb042c41a82efd7135754d9af1d6fc571fd23e3da37e680eb4bf983ce08de72421b0259e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
52KB

MD5
f9ad6fffe23fad04422671cf2fa4a661

SHA1
b8366163961f1689411636988a73dbc16d13ff3c

SHA256
f0ca592df98944df58f4c281890809d30fd2117e471b8021ff138314efef5dab

SHA512
e9d95f4f0eeed04413a1d798161d1c20d876f5ea4440c13e9fa356a562e931f98d84b3f6a907d6541cf6bbbd7e84f0e106b48fe2f5fcce77d66f70e114834aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
23KB

MD5
facee74c789253ce2d2a63c6d49aeb94

SHA1
79b895ffb82ba8363f8a67f8380cd6f32a5fb907

SHA256
804c9c6d6384db9e246de900d22b3f4d79a7265bf42ba72513d3a060302b3f10

SHA512
4a1078ed20af2a83f3a3f1893f4f1e6c5f94f8608ad85c50ae232aff6b8eb931167c082ce80dc51da4f116e4cff970571b2d51234f9777ead0d5b9a5de4fa8d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
7f46e2b7b02a087a9ddf4c324fd24a33

SHA1
33b59e61f0dc29570ad70190c8dedc354a9c062b

SHA256
8701deaceebb9c923ef5490e27cd29422e950217eadd5c4fc091824d62ff3275

SHA512
036eb04851c218a6ec549919ed762906085bd2d607f9716f807fd363bed3c84d72687f40d7d42fbbf13408d0f0a4c7c686676a7efc028cc4fe68324b302a5baa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
4dd281e79f0ca96a30d34454c48878a6

SHA1
5db05e40c204718f61f62475a11ec8fea34d4bba

SHA256
fc9834da85669e1cc5822c739ec6ca8ab4b0ce958c8a4a048b399b70d198508a

SHA512
df3f8f145c05248787b7418503337fab007a8db84638b09a2b5941c0148c8c00a8949d1f314c625126e5cfcb31f2dbaf6ce44eddf3614ba226225b40ac7fcfda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
ea335d116f44c2b3dc8b0f1bcc11ed9a

SHA1
ddb0ed309a435af78c4233b23778354b9611bf16

SHA256
f7cae7a99adf670cd32e2eaf62472de257df0747a0ec5af1c2037efbf2e9d732

SHA512
49fe0e7afc72c6c27487f0610773b242cc5d9833e7d369a575d92e9eea66324f1bf8b0a0ccf20f10f9b7dc422681e955b182ca5cffbda5a99a2d9140de2e4b10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
818B

MD5
ba43cd44c5250cec33da8faa47993eb4

SHA1
7a8c5b0ab0bdfdbbfc3de2fd195ee6d663560478

SHA256
eea43acd40f5670d8aeabbb68bab11c1f6e35d674694f3041e673d33249ec218

SHA512
8c8233cba5f1eba7dc807e082e00a83378199f505b42d4d6b5cb91ad1214b335958fb7cb738e337d34509e94233a46c852857fd6464f79d2409ed7feaf1850cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ee82b891c229afb54c9a1adeadbfb297

SHA1
32f1de86894d542453e21ce805876b22002c0f85

SHA256
896117fe12f158bd3540ce0281b3551f42faa1bc34394a0940132d4b78fb31d8

SHA512
8803eac0fccc0699efea151e7602c91d9da1d17b4024282c93980870b445dac3f0ba43ffc36f9ce3bea6d344abc87f49fd5a464c8f9ac1175cc5c18fedcef347

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f836b9b9c935a6802e2601b73a71c3bf

SHA1
4fc1157ee2238b00653bec908e768f3e63a35e02

SHA256
5e0be40aca563b9cda3007e68733f715bad3c90b9762784a5331f72d3d676bb2

SHA512
074daea95661c93ad7a03a24bb7c9821b9ec8397edf654afbe7cea98f459df84bd713dbc773d6c2f4076207e8f833b312dfbc1b559dc01f39213d364928dcf88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e50f85e3525092863d2ff2df351b8c5a

SHA1
211eb66bf64cfad8c91e5654b69ac99e5cf8142e

SHA256
47ceed0cbe8dd4ff093bdd602b24abb58187be49ad29c7d54ba5bf7753d45414

SHA512
9155fb18edfa92eede5bc1d4398633ac56f584d8fbce96032c5821305177083bdb07d58242b32f08c92f4bca77f239684bb89a72d5b5cff364c57e432400b725

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b1a0d2e05987bf24badb94adccd2ee2e

SHA1
0206f40b2ff69d33ddb4356d632bb94c32aafa7e

SHA256
2e577a4b18e99342cadbfd2c7c13055cc208ad2e09f3010ab5c6c840a0e63ddb

SHA512
1b99f53654bacf66faba328e16c099f24bc81bd2c1d889b952f2b345e3dfe10fbb8669c0600d1565f4d16b6e70fb9878b23866ce955d578ed2b7895ae1726ac2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
46d077be28c637697f6e35d28a4afd2c

SHA1
298e7c88d0fb8ea1ed85d00477c47ad590161e49

SHA256
7a179d830346bc69936060598c39a2f9c063cecce0ff64d0a4949da500d883fb

SHA512
0389b70ce97a99af8440b4176213c96e2f5c7fbb184c2ee788ca4debbf10c8b4c1b2f196ee86121ecb92dce6b68548ec9f020227f3eddad7b36fe80c42855a26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
d52b96657ade79c4c4cde334c663100d

SHA1
ce7d018165a97eb05b9600bc4b22791593b3a45e

SHA256
9b8000d18ae5a062a646a7ded0475a8d2094e5d81f30fb57cfdf30cd9bd9fff1

SHA512
6b79256d7bce2441f119f41b7e488c324e44386404b184d1cd43a631a05e33f07dc3cd0518386be425d3568209a0f2739dcf9027ca104b88796841e2b80a352a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
38ffbd7f1dc4620a271b9cc3b0611a74

SHA1
01af76a24d109770ec87ed83bc30c6a66264abf6

SHA256
cce8bbd1eca2c483a8ad7560d4987cc254435af8a6f897686c51ef8f6fb48882

SHA512
5e18b5b76002aacb11c4c0bd949463989e79d050a3d653e9e8c3b79b19388162b1f8287f823b6c3f8b33a4c35123cd5a31fc17ba1dcf250ce281cbe416f8197d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
e178a1c5bf5514a3a596b6dded28fffa

SHA1
79ccb2fbbf90ff33d4b2f690f1214e413fe566c9

SHA256
71f847ad290ad0c8744aa5dd4a9a05a0e785d1686e458a278ffc4320182e0de8

SHA512
1d76b83a10f7cbffc2c4e81690a4b7007c551ccfe694b439ed0469d2378c89264b5c0f92ed850f7941c1e42f7b08411f1bc25aada42ec7af6dc220606fc66222

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe588b63.TMP

Filesize
203B

MD5
ad23a94cc2e50f3f4ea59f67e6f49624

SHA1
6c550d069a93c3b7ce8d836eb0fd7ce5a467aae4

SHA256
33127e9beb3f5c8ea4e1df1aeabf0495fdfc62a3fbf56ca6608e7163ccd09ff8

SHA512
42f49971a495f483539f1539e0c3aaa2a0dee65e5aeacd5b88de140bd1b0bf3017c968c811dfada4234f50e4418bc62ce4c38918abc47c99b2ee2e388db1a338

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
52d4bcdf3cfa2fe6b0e42570b7bc2736

SHA1
29c40ed98fc0b15fe21e2af336cc9489fd0cc160

SHA256
dcb7183304924db5aa7369d7cf894698a717218a8304d27fe645cad4f3f74af7

SHA512
c53bb0449c704ad8c6b2c99954fc08a779559cc885f38dd1b5a979431b50c412f2e47b2e680465fc5a364698b49f46d80b241fccd6195144455db21534a4a8d4

Download Submit