6f81c864241a7a6d0593f1e75442c4e519bc0ceb484208942890a9873174aaf5

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
08-01-2025 10:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_9b981be8876b964e360c1c37ba644d6d.html
Size

75KB
MD5

9b981be8876b964e360c1c37ba644d6d
SHA1

d1a35789046824787c86d441ba17916ad1025609
SHA256

6f81c864241a7a6d0593f1e75442c4e519bc0ceb484208942890a9873174aaf5
SHA512

5c582539d7debc57293f6119e30f013124417b903390a511829bd113d6d4b9fbad939ce83712bbfc479cf702e8f4c27061c3aeb0ba907ae1173f803ba299430c
SSDEEP

1536:E4wgr8VkeO30mAnnybE6IYhJAoflDXmaaS6cgRr9nNMhWfg:feO30mAnybE6IYhhRXmPrnNpg

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3728	msedge.exe
3728	msedge.exe
1808	msedge.exe
1808	msedge.exe
3028	identity_helper.exe
3028	identity_helper.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe
1808	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1808 wrote to memory of 5108	1808	msedge.exe	83
PID 1808 wrote to memory of 5108	1808	msedge.exe	83
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3156	1808	msedge.exe	84
PID 1808 wrote to memory of 3728	1808	msedge.exe	85
PID 1808 wrote to memory of 3728	1808	msedge.exe	85
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86
PID 1808 wrote to memory of 3620	1808	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_9b981be8876b964e360c1c37ba644d6d.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd7c1246f8,0x7ffd7c124708,0x7ffd7c124718
  2⤵
  PID:5108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:3156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
  2⤵
  PID:3620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:4176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1
  2⤵
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
  2⤵
  PID:3084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6852 /prefetch:8
  2⤵
  PID:1056
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6852 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7136 /prefetch:1
  2⤵
  PID:3844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1
  2⤵
  PID:836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6504 /prefetch:1
  2⤵
  PID:5140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
  2⤵
  PID:5148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:4180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:3584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:2356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,6199829298611153043,15854589367643513592,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5548 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1400

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2936

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
99afa4934d1e3c56bbce114b356e8a99

SHA1
3f0e7a1a28d9d9c06b6663df5d83a65c84d52581

SHA256
08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8

SHA512
76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
443a627d539ca4eab732bad0cbe7332b

SHA1
86b18b906a1acd2a22f4b2c78ac3564c394a9569

SHA256
1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9

SHA512
923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
52KB

MD5
f9ad6fffe23fad04422671cf2fa4a661

SHA1
b8366163961f1689411636988a73dbc16d13ff3c

SHA256
f0ca592df98944df58f4c281890809d30fd2117e471b8021ff138314efef5dab

SHA512
e9d95f4f0eeed04413a1d798161d1c20d876f5ea4440c13e9fa356a562e931f98d84b3f6a907d6541cf6bbbd7e84f0e106b48fe2f5fcce77d66f70e114834aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
5565ac1015c9edb5ad2a8f79e92c511b

SHA1
46dd10d2411022f9115e0a3fadd39e3e164a9301

SHA256
7702d08b21c080b125fced1df77fc954c4d6f35e3dcac432e6bbfb164f7ff7ee

SHA512
121fb6d95f6eefe093612c56905033ed7b0d78852a7141240d7d5a8feec494f2f40f34e7fefea11da750a1df5cf9ea19300a4639eb56836e93cf3a601582b4f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
ed98dbc19ca7787a6b50d339725afbe9

SHA1
a289bde2fe55d30e801b054a17edaec54806f932

SHA256
365da24dfec18730e826acdcce9ff163a25bc354b2d2ee001c0cd57ee2ab13c0

SHA512
5e5664364d323971ea5c054a9905433c8f3c6117ad444d953b89d4b0a24b28d1103bc28cbbd688ae57ee94b855d96c6591ac2e27171ad1394d569bc6972ae394

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
42aa8ab8e13bc1aca7f526e4e8cb8027

SHA1
cdb70de1d6bafe90ae839d05ffeace881a786641

SHA256
c060da72e15edb9794c1d5123ed38567ab7f5fbee162954928f3d5c7e8243116

SHA512
7d1add2947c089ec8b70b094d9765546cc0186179046c60a81f3914c30c2c9ddac7011c3514020047555ce8f29abf5b3d58ae6e9794cc9b86011342ace128572

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
297647ba118c41d20dd6ee430df2a0e7

SHA1
c6e3b8d2e6931411dae74c0fc90f702d70c01630

SHA256
e5a6f4c708201110ad77065aad9dd4d5bc21ba5951f8b0faa1eb40b8a3d0ca82

SHA512
49f80aff162bb2334a4ba67c981d4b28bb62e7c95d42a59a58bf188c2ee0c401d3b3f9aed95f43192188f39451090faece63090fb8951e533eee2c84130766cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
c05bd0288b5106c226b68873347dcd73

SHA1
a166530dc5fe519f201db0895a5bab6a917db49f

SHA256
6e13ba7b84959383f14c458abedff1f5af62048df0ec333f0e52fa69c56ae9d1

SHA512
e0840b76a970f866cff30a504e8e8e2797d313390cf142b27455c7efd54337fe2af86031e225d67fae1eb8d70bc43b44b31111658bf430acfb0fcdd1d31f7ba2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9b951ccf61bf78fb3d829f8ac4389849

SHA1
a6260dfb3532ac918485c99fc472e064bd7608e5

SHA256
9cf8c11a205fc9e7299d937f30bb24a338fd31197a9f05849a81ecaa9ca970ed

SHA512
067956b347989bd508d1a0eb0a97852a816beff881c3b89800178c402c59ab5a7007d76cf79be37291f5d6c88e2bb2e11db5935b4e4c2d91f495c5652e9325b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
79a1d4fbe6abe38158be7de20f900d62

SHA1
dd7f82f1b20dbe8d8448d3db4e7986e58911cb14

SHA256
f7cea9b3fa7002cabd9afdcdd77e259a27ea5922407fb3ba172b18d5c2fde229

SHA512
e834b9e0e50f956c9e1b34ab1d28021471dd0d570239a45d01b31b17845322c41054675b9888eeabd3a5a1d3b1001097fe2c0e374fbb6ffc8a6d3e6c6c448e15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0fe32b8411b15ebede96015e92bc8537

SHA1
936ba1ed799c469e605f49d32e594e532eefd648

SHA256
44131dd569da3be061a12152c33d2281144a55ae577ed40d57f93ae9cf98ad61

SHA512
b00cb0ec921d9eb91a5d119465a19f7f0328cafd70c808d31cfded08185e1ec2e72cea9cbf946dd269e210c8a8036a2dc185cbd6b73bd81787d9a656caf5f695

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
4d7c16efd0c2c98c666ce20c4d9ba24c

SHA1
31168e9dc3028e3fdff2ce2f36e4c1039b28d366

SHA256
9d1c417f3f90b2f7dda225034718c4d1ac7735f6b09eabf3f6e3e7119df99ec0

SHA512
6479cd3eb30acff47e87e80d1109fe1b55fc7b7e38f6e3cf993d1a505f62e4d584482eb27af8d2ead33df0c5d5dab02d6652be5c36e8bef446d47f3d63fe4447

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58b61c.TMP

Filesize
203B

MD5
a4dc487e6a59e3eed042c00d188c7f97

SHA1
0cf33c7dcc5b20bf00d2efeb42841dac3e1df57a

SHA256
cc63fb7a96f705373170ffa9b67f7f47d34536d42fbb59ee84e2493e198ea255

SHA512
cfe10548ce78b20c9dc344c68bd25a204958bde7c46d1f4214b17cec49d2a6f6880c2df7551d23c5dba913d1625e0d764ae92330b16d243d6ff1d4cebbe0fa8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
2700973d0260f0eb3e0a5146ae806270

SHA1
35dad00568253df04e44d42ecb2e2261cfddc877

SHA256
4b936629b5de90e4ed2d2f5dd26f93a03407340793ffaeeb723fb33663c4f1b0

SHA512
95470e3423c998124953bf23517fc0b2f1df888534b58f0311c638cf82a450b14ef84f59723b75cb21c7b154e88a75c921ed2b5ceaa96bd336970d2269bd2f80

Download Submit