a5a9d27f1e95c6844b4223a67acb2466e86b8909c3b1790d19e88a32eef03757

Analysis

max time kernel
148s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
07-01-2025 18:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_71b77844de7870cf411337012069d259.html
Size

108KB
MD5

71b77844de7870cf411337012069d259
SHA1

6f073c8e381fee82d99fc0c9036c5cea88081dd6
SHA256

a5a9d27f1e95c6844b4223a67acb2466e86b8909c3b1790d19e88a32eef03757
SHA512

0e0675292fb1576925fc90be50c63ead9e47c5554d38a165a1920d32abe63a31d56a25bda9a64a945f01b16d1a3b71148d52de817199d7067b6945440a1af147
SSDEEP

1536:1EFwEziTFtnBQ7/ur1jypgby9ZeUwWbURQDBf79pq1RTBGxFh5P2S:C/0Fc7/urlWbURQrs19BGfh5PV

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
9	sites.google.com
13	sites.google.com
14	sites.google.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
5064	msedge.exe
5064	msedge.exe
1960	msedge.exe
1960	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1960 wrote to memory of 2092	1960	msedge.exe	82
PID 1960 wrote to memory of 2092	1960	msedge.exe	82
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 4664	1960	msedge.exe	83
PID 1960 wrote to memory of 5064	1960	msedge.exe	84
PID 1960 wrote to memory of 5064	1960	msedge.exe	84
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85
PID 1960 wrote to memory of 3140	1960	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_71b77844de7870cf411337012069d259.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9920546f8,0x7ff992054708,0x7ff992054718
  2⤵
  PID:2092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
  2⤵
  PID:4664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
  2⤵
  PID:3140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:4672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
  2⤵
  PID:404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1
  2⤵
  PID:1700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:3552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:3608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,8959813717757605809,3638875282870009142,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4092 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4976

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5092

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5060

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2388

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56a4f78e21616a6e19da57228569489b

SHA1
21bfabbfc294d5f2aa1da825c5590d760483bc76

SHA256
d036661e765ee8fd18978a2b5501e8df6b220e4bca531d9860407555294c96fb

SHA512
c2c3cd1152bb486028fe75ab3ce0d0bc9d64c4ca7eb8860ddd934b2f6e0140d2c913af4fa082b88e92a6a6d20fd483a1cb9813209f371a0f56374bc97d7f863b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e443ee4336fcf13c698b8ab5f3c173d0

SHA1
9bf70b16f03820cbe3158e1f1396b07b8ac9d75a

SHA256
79e277da2074f9467e0518f0f26ca2ba74914bee82553f935a0ccf64a0119e8b

SHA512
cbf6f6aa0ea69b47f51592296da2b7be1180e7b483c61b4d17ba9ee1a2d3345cbe0987b96f4e25de1438b553db358f330aad8a26e8522601f055c3d5a8313cdd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
3483613cce9a6d636b74728f2f9a43c8

SHA1
4eb6e1106bbc018efd4d94df32df4f7bab4554fe

SHA256
75a1069ae8e49bbabfa388798aeaf978a182f15f97bc4dbd97641c7e141df997

SHA512
431ad69ed3ea580076f7e2a8803983bbcdc7596103c0998045a8fa88632b32e15d77c0eb6281d056dfd00a87fffaee72e8a696372a9503063cf919355911dc1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
d4ae20e4b16874a986e5cf7bd076fdc2

SHA1
531e3492eeb3ae46b8356974e47d739e4958e6f1

SHA256
abec921c430a3c5c8c9dbcf44da2aadf858bd5b2291841c342b93529d6ff20f1

SHA512
ded7d4c29397a42dc91a079048409443df9c8d46f5aef2174118b1cbe610ad61e0b8577e778567972f1652135289357a61a2f5b258e49ebabaf3973aba9aab62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
8abe0a9f9305101b17c2c1b73fe44428

SHA1
9933e01e66f71332af35f98368cac1a0f353dc42

SHA256
3d40cff7902f8ff7521734b658d475348f4b74a2f360fa009389390178529e83

SHA512
e96b8af1e8e3d0ed6becd13e37f893f3aac18f3ed719e5d7d434fb6b158242f5a59d87f2f8803ddcb0d1d6786b6e33cffd16913806f8509c29072dd6e0fe2463

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e13cba1b4487159a6a2f8ca4cd3c983d

SHA1
f4e425ff9ee71259dd79669ba37236ca11e84d4c

SHA256
8c14f58f0731fdfb52dfd35e279381fa15956f0cea4e0e94267c9dedebd947ff

SHA512
698628bcf95c9951e8dbb3b042f895a426c4a484008b5e94f89ff7ec8d99caeeb233a526797da8087f25e86ded1720e02ddea1aa51667d3d044be3beaa0ab444

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0b73b17a36459e6f70b1598fad8f8752

SHA1
33c80a2a753beacccd94183fa343fe989818555f

SHA256
6f00bdab3a99bc334d56be9fb65d4b9a8da1a5be026b50032d99dd76394220d2

SHA512
22e5014ddea030f1965bd1c9c975a12f00fe10f5103b32f9e82912a191d30012b7017a17a514eb17aaca0ba71331734612e69356bc7c3f78882f92b9f66ed1a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
58645d1593e9f74ea7f6b1d98011b47d

SHA1
0ed774119a595670e36e6d56bc416aa4a38c2b92

SHA256
480429cdd622f53bfa12d9ed5b4a3e3bdda00ffecc3e633b9cf0c6f4cb460bb3

SHA512
06004cf35bc380978c94ab3a88943f661a7c40cd9ef258a54713ca97b69aaca525ae25f2fb60014e6ec696378fe89b06a7137a04c5437619a3365923e66e0887

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581d76.TMP

Filesize
706B

MD5
16653fd0b07700f92c212491716684c9

SHA1
2d48ebc77b86f70df39be30cd0dc991594b2977e

SHA256
96cd7469e125399833220a4bcc8cfc5b124c3b79b4f7b4e6315c39546ed11af9

SHA512
1e8e10a8900daea6da4dd112c5a13651b98d02fd53d2b5fef8a497eaf547071cfab0aae6e2790203540f71c3c2dbb599a9a1110367fe4b80d05ed11069b56822

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
33a7f80ec505cd3068813b4f47bfa4a8

SHA1
3e2eb85d2375db5808458a8f6418abac4cc38147

SHA256
559f0ed7a4fd9a45dde03dc5359e6244f84f1ea37eecb0614178cab4132ff34f

SHA512
48bc08f9838d8c419563b6b52991d509b85336de34f7a0a4c653722cb846511be8072d4f81508badc22c17fbcc88f7959524e2d43bbc7c94b9bc345641323dc6

Download Submit