ade361a4101e458a84327f7330d947088b88a109d512089d9d7622e7f70dbe00

Analysis

max time kernel
149s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09-01-2025 00:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_b4e425df841324c0737b6f584d28953e.html
Size

133KB
MD5

b4e425df841324c0737b6f584d28953e
SHA1

f1f0d7d26489329382b4406ea6f19fa29ec33cd4
SHA256

ade361a4101e458a84327f7330d947088b88a109d512089d9d7622e7f70dbe00
SHA512

9517008e6a30632026df3220ad6afd5ea627d2910714ef8b48badb431e94577fcfcf925557dfcd26054bb33af8815696f492008d63069e065cd85d5be3b8b6b5
SSDEEP

3072:pUyCWDxYxQ2PDxYxC2T/Z1s0oEZNIUSefhENE/jzCqezmh3TO:pUy1DxYxQ2PDxYxC2T/Zv4

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
1672	msedge.exe
1672	msedge.exe
2428	msedge.exe
2428	msedge.exe
2784	msedge.exe
2784	msedge.exe
2784	msedge.exe
2784	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe
2428	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2428 wrote to memory of 1256	2428	msedge.exe	82
PID 2428 wrote to memory of 1256	2428	msedge.exe	82
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1688	2428	msedge.exe	83
PID 2428 wrote to memory of 1672	2428	msedge.exe	84
PID 2428 wrote to memory of 1672	2428	msedge.exe	84
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85
PID 2428 wrote to memory of 2856	2428	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_b4e425df841324c0737b6f584d28953e.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffef9cb46f8,0x7ffef9cb4708,0x7ffef9cb4718
  2⤵
  PID:1256
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=fallback-handler --database="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --exception-pointers=74981542117376 --process=176 /prefetch:7 --thread=4404
    3⤵
    PID:1804
- - C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -u -p 1256 -s 832
    3⤵
    PID:3380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
  2⤵
  PID:1688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
  2⤵
  PID:2856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4244 /prefetch:1
  2⤵
  PID:4648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
  2⤵
  PID:1128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
  2⤵
  PID:332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10388 /prefetch:1
  2⤵
  PID:3356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,16905414705478029658,11101412452545732446,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=12416 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2784

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4916

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3768

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56a4f78e21616a6e19da57228569489b

SHA1
21bfabbfc294d5f2aa1da825c5590d760483bc76

SHA256
d036661e765ee8fd18978a2b5501e8df6b220e4bca531d9860407555294c96fb

SHA512
c2c3cd1152bb486028fe75ab3ce0d0bc9d64c4ca7eb8860ddd934b2f6e0140d2c913af4fa082b88e92a6a6d20fd483a1cb9813209f371a0f56374bc97d7f863b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e443ee4336fcf13c698b8ab5f3c173d0

SHA1
9bf70b16f03820cbe3158e1f1396b07b8ac9d75a

SHA256
79e277da2074f9467e0518f0f26ca2ba74914bee82553f935a0ccf64a0119e8b

SHA512
cbf6f6aa0ea69b47f51592296da2b7be1180e7b483c61b4d17ba9ee1a2d3345cbe0987b96f4e25de1438b553db358f330aad8a26e8522601f055c3d5a8313cdd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

Filesize
76KB

MD5
3e82f31a351ffac74d9bd0da1c69c490

SHA1
caee40fb0b417d3d7a63dbc312ff82fa6c4f8366

SHA256
1fa297400a0ab2a81e552b33bf22c9c7ab9fde27b59f7eb83174bff9edac8924

SHA512
caa46f5e173afee63c2c9c283fc9505a2bfa99abbb40d4ba059b3c22c81d3dd9c453837b81577265a567046ed202bda881a4c2ab729b331f6b9cc76100394319

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006a

Filesize
76KB

MD5
0fb5977a2b3ab893884b791af91b7f82

SHA1
9eafce68773e368b79941334378d9184b34ca83d

SHA256
733293d979feabef93397977b726c2c4e5f6e8a3e7a6102b2694deb55e731c15

SHA512
6002238027e4a467c439498e7a9e4324c844455502e7a8ea265ed48da21c574f9c4044cac1e3f1c8f8c6ed1bdb92a7a502494476a2f8ef315e4acf1aceb910e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000082

Filesize
76KB

MD5
0f1e3a75d5f016468e260283168dbdba

SHA1
5ae0f51033ae214c7f61b060854104bcb58844b9

SHA256
00a738d0f680fd787b44c21cce316b8d3cc9b28a656aa3e6725aabbbf5a5b180

SHA512
9374061c36b58e6f9b937987db0a6479dadb2c9ed7759cab202df14407e918c86be595f126b1ecd14a14f1a8423c89f0144f8ef8f596227510a65b6e577580a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b3

Filesize
76KB

MD5
99ee9da62ad684883cbb1206282ae442

SHA1
4d4b8522a105757b61d5ca94b5869ee898e70f7b

SHA256
5346ee4ea1fc3055e9bb376c09eabb4a2741649dfd56a35fa3a6b18adfbe6e46

SHA512
57e370d7443f05dcd3658673336aa325e207e376edc4831709b5b373c6125c49a3ba79c2719a6b406abde0c33044b468693de0381caf457fa24c1d454f006567

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ca

Filesize
76KB

MD5
4e658db95cd7d09e1848a356a345e618

SHA1
4193ff78ee370dcdbe6bc701eb2a4871566eca85

SHA256
a22663a234dd3dd5c845443eeb070948e117888d692c5927e5c56c2f75046c4a

SHA512
d8f48f2126f0ef29a21f3e9453dc801ed9810e6bc473aaa23bc136de02c54b83a6a31824154c78eb39a48a0030d2283e3d6271d44c155c3b6ab9ffbcd53dacc1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00010f

Filesize
76KB

MD5
0a9e4b7178a16fd9b4ad3f17d8826bd8

SHA1
3085898d64f5b6bb9ac5744e6803b4d27a86953f

SHA256
c527f0abf5ab0935fd3826597ce99377576718fb1abb86b7e0d9e1aa8f91dc57

SHA512
c63b33adc859a70cdbaaf1d862a6a3260a8f740380e34bb39a99e9f904ba05c701f65377215cdf2fd5914a53ce9580df87eda0d0b87a02621cb122f4139df7a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001ba

Filesize
53KB

MD5
10f930e92b180dcb7844a9e690d06c36

SHA1
de0661d826407e16b568b29ed145e05059756b22

SHA256
a65484fdb8e7073f0d4341e3c02550957f4a4f5ef207b8b36056a8d6d290dc5d

SHA512
94f1bed116633a1e6098e038bd11eed4f5153f53caf4b4b2804ce7e8fbd775ec479071a011480a54d39b22640e994ce358bf08ac0167359cd021302f83959f6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000201

Filesize
76KB

MD5
2891f302095caa4575ce65a14de630db

SHA1
a7422390581cd6cfcb985297d16f89199558b11f

SHA256
cac55d45418e443286162da5e7005284623d1009ac12bbc1de3bee5ebf3f4241

SHA512
f67ebd381fdf8941489cf745d8ebc34c35cf6524c434222f0cbc1ef7ad0b63e4a7896c170f504086bd3bf5a66da06800a55e7d8d308a117d3ca9d1de1c647036

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000208

Filesize
76KB

MD5
e9eb3425ac87ee856e9675f220d2d287

SHA1
01311249ac86bd4887ba4d33cfe754ec66141bde

SHA256
4b41dfb8b167983f06d525b13b1e6af153cb0a57b3e36730496f5d6646019393

SHA512
d6f9b1615a244d87c4d7d55fb93f5ca2999abe34cd8f67c98acacaa23a381c27f87cc2e875fb536c2c41d70a99c69c2cdb0f3de4dd84af1677cbcafceb6ea32d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000282

Filesize
76KB

MD5
07b1d425a50cf0cb855e612424752487

SHA1
cc8b6b255caef1d23b09a05b0853ccbb22edc0a2

SHA256
8bf25e8e8c1166af0abbc2836b9ba878b55a9d3a1ebf738fa6672fe2184c63f9

SHA512
0697e5ed72f5935e14aa80d4d0b02c3ae3b9eae0e1a8e171364160a6ee451c123336cfc071ab7269264252fb2bbf1d5448cea442d543611caa20438d1760a644

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000293

Filesize
76KB

MD5
c551a4aa42fa7fdab58e589b540e6915

SHA1
ce23f10147f1c4048bd5344fd303ead9fcac8c3b

SHA256
496d2bcae3fe11b7dc6fad75cc4087e34bf22c5025fdc9c152eba7936edd4417

SHA512
97c4c5399b7032766b3595662f17e8b7c090f8e1c558ab69d4194747f176bd3d55f81ec9f4bf41e1e693849e3f99fdfbd60b04678d3f1f32a3c828c2a9a91b0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00029a

Filesize
76KB

MD5
dd76313669af38509fc989e016a7f673

SHA1
313d866bb7eb894592d25341f637df25fbd9b696

SHA256
13a7f87711225cb5bd3f770c5a6fdfc00fbade259a21d3959ac4ac5200023965

SHA512
890b7011298f561f00926733d5902abdccdf728662fa0b346219682179065b6ebc887e098300d7c86ccbc42cba8f243f7bd8550f640a871f0df3ea2006d3d2b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0002c6

Filesize
76KB

MD5
1d634ce811ba242810b78b9a2fa6252d

SHA1
c6eab62b02708704bb91bffe228dfb6d992d64ad

SHA256
b1e079ee15db5c0c33a3da883e905564b4f71d27e289d3431e651ce026a3b19d

SHA512
3a17ed859c9ab6847999080757aca3fbb9539972393bd39d0b7c2170db7d02850e42cfd87a873a3e9bc4abe7f98be74f56922e82b8921931413044797afe3833

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0002f8

Filesize
70KB

MD5
b92865ff70084a1c27640780cf3e089c

SHA1
286088c16a916a3480481c4f856e67d0c15e82dc

SHA256
061bc316c1c51a4e2aa86467c1c4a4e51173fd3669a4548ba05c544d5284dc4e

SHA512
bd8ba7b7ca21d99adb18ab7c2d4eb8d4d7fbf302bd5fd37ae0095748171f1535aff04b2e7ead8f8656de1652338a6f6b5a5135cbcbb61723587aea17c6b14c83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00032e

Filesize
76KB

MD5
1dbb28eeb38dfcb2b6cc8a2aa3e3e574

SHA1
f69042282742929434a86589541ca082337970bc

SHA256
f314a6cb2602e778e8dac313942b449542997d802a4e74fa3b4e5d94ddeba82a

SHA512
fe97611510615d227f122c98b1c453491726bc1452796c312e256211a99051e584116af052673ad4642b9ddf9f82b75545b1a62291559d0148c57786c6a698b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0003be

Filesize
70KB

MD5
1f4421c7d65752a1d64c589645ef0034

SHA1
4234a358bc5ffa7a1a354317db2a2cc9e0e7076f

SHA256
8f56802c743aae7759367b05e66a4299f4f3f477031af97937425362566bc3a4

SHA512
5a2723fd71e55ef66475459546b21c3186d64869dde0aef0005aea28c29acd7c669d3fc28c015d78902163e4aca6b398c2d71416ce7a790ae8f1d570f350ff64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0003db

Filesize
70KB

MD5
dc15fef2c1f62c19499e57b7fa9b689e

SHA1
e64ae9bde8e5e7df55f268b0ec213cdaa956bd16

SHA256
03740607f9bb64f3d50ab14dd94037002a07059d6c08a48251be4d4deb8eb49b

SHA512
2be2aa96c236992a2a780b64e9ab77e77676388376f2044851151a239d2b8e71744a32d404bbbb0bd055f9a7fcb43de3513dee2a53ffc13b4b87653c72e8dd22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
207B

MD5
e786b48192d250e5c32d79a1941b1963

SHA1
fe1a8656a0973473ddc4244458b7c985204b027e

SHA256
1e2b76de6c9794f3cf0ec55b5cac0c25a837ab44c4fdc64ba4a56aa47a79342f

SHA512
15c8eb1ba1377aee4bf905cc2386f0c240eebf331d47cdcae4ec568396f4584115fe3d23eec02cac696c6acba835933aa9228f20cece420d6752fc3d5297a07c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
207B

MD5
f70cb67ad8fa9ae25b356c54f15ffe13

SHA1
6b2811d213adfd2a1dfabed24c64d344de647c13

SHA256
dd81d52847e96ebf0badb75776547b95c0510dcdb644c4850d46a900e657f061

SHA512
37621591ddbb30e31c972e28eab5542e3e4b265cb19c8815f686c362c9ac2bf803683cf09f1a143737e059985034069640b69993b0e0cb8042910beb7020b056

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
7ee425c53b33492fd8a9a9258cd42fbe

SHA1
90ea202f7613b3199f59fc7ee24ae9ac9cf5df27

SHA256
014b0d0c5ad93958012793102d29b33319d70fc728cac77280612c1381ac77d4

SHA512
59ecbd0ea3deac51a4900c3fcb13aca6a43af03f0bdfdae5dfb37efc0d5af68be7f1b1b10ff138810cab9325eec6595b05196cfc1ba811ecacbe8f0867ee9481

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
7d9266d5007efd6dca3283d2b5397f3d

SHA1
81e7ae41de7047705d1fa9df315caac5e0d86937

SHA256
b7213a3fdcc99f6d8d62794936843bfb32d392df125461aabfc35b7a16d04880

SHA512
bf9b019630494725afb0a70b992a3f643ffa79f235a7f2a441486353a05e1e9249ebbfc2a7ec15aa34e34fa2d19e9e9cfb6e459b54491fdd6a109171b6fbe2cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
5e4ebbe5abd0305a021ebf10ddbdf7f4

SHA1
fc19d213ac9112580e97a75f3dadd725f7e42b6a

SHA256
bcd092eb79fe50e2321251a67a2d38492e5424367021037403c74c07189b78f2

SHA512
7fe41612a47783fccf772138a0097d1a2d220855f4a286195383ba9a4e62b70d5d1d3c6de7c8e8019a995fcafc05a21a4d15e709a0442bff52bc3867679e0446

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
3e27858ad7137c585a0d3a0266775a39

SHA1
dc8ed4abc70a708e334eaa91294109fa25544883

SHA256
aae996f7b0ee7c1a443cdb21bf1e913d2756f805313f5e3ab635263e8fbbe8e5

SHA512
72763c486400bc522f13974275ba69da9e59317f8410dda6bc677271ff6aade29ec1c91f03daba3f97e827daaee024d7d2631a130df01a8775d798cd27da4145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6da0ba245d50ca9ca752a6a936ee4ce6

SHA1
fc158e27f556953056994972bf500806c3d31897

SHA256
ab21013271e3e74ce2636f7a0fc2268e5551ca30345805d203e1d05f5515cab0

SHA512
7364f38b585e2a6f63ba79ec0539841ea21a435a1d56500db3646ab6d09ec6c6d372511fcafedd8bf910a0e13621a364b05b1e842df31c7631fb719da00a2f8f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d457e3d191942658a82fe7e3ccca2af3

SHA1
77f4f6039a6dd29ae343ba4ab3e738b784dcb683

SHA256
886edea04ce41b5da94f89eac4582231bbfd35cacc618f75a2fd1f14d5c9ca89

SHA512
7f5a4e227aaf99cc9d1edc535b45cac0bb608adf89b56c504562d1be95aa052732ab31d3e4ff5a4d977c723bccee80580b9693f896e992a5cdbacf3b1d5101b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
2d94b9311dbb41dc8811598ce03777b7

SHA1
aa0194af6e96616a16b0f8e61d4198e65517dd9b

SHA256
80409cec09f271161dd17d6c0f83891682e085b65ab2d4236bc8bd3ef57c5cd6

SHA512
1209af1fa4f1a6035fdb434170e75f1d6b52acd5b7402e236765116bb1cc8e036ed1c0069e54fc08531aec815768d81f53a431fc6fe5c92f44a92d6564f66262

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
535B

MD5
53af8450d4b1f5052cb838dd07ca50ac

SHA1
d3d81fda5d3f47b739725d9e7f9492de8272a01b

SHA256
2f83feb88ee7cf64b9a5aba96eb15fa93a8dccf6ffef7011f12c6ff79f6796a0

SHA512
7ec3a4a4dba18c5402a05073184073fc7eb5a168323098e96a244c257d110c5490d1e80bec7f8e91a18f2fb28915ca9019de0efb551891c7d192d76c9746960a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
9c14b7b731bd826813deb01829172e88

SHA1
c212dfcd72eadedac89dd45ad4775130b3fea14a

SHA256
158f3a1ccce42f35e050f2f1ab7d76cd8cbee48ae9b3c97f639b53b5b13430de

SHA512
7a3c8cb9cf30bff774e16b8803d50b4a9ed4da514bf1cecce2f19e4698255e27623732a0398265cf9dc0fa94ed2459b7eb948fef45a70db1056297027b35f9aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
ea6b34b86910f3f0ab3e0d1bf67adbd4

SHA1
b492ace731206d659c05a7cc099f79605517ed7a

SHA256
ab1429eb0fa7a0b1d8af604b21f7ffbc1516aabfc78152d024fcad7a087b4f8c

SHA512
0b9aedbc45303355668e7dc367c5b78cbd5c58e8942ab020e04bf13b10fd33c209b8979c52ef5d546c7b0bbf07a49a9866e9a7290bb470763bd72785878fdb01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
30bdfd108970edc0f5db129b8938d0c8

SHA1
999256c6811485f6e53e9b856ef86632230c52a1

SHA256
c6ea6947ae0e152b8969000b222ffaad4c392d27bd40ff70cdd0d9d2bf2cb2af

SHA512
1bb232744019bf248c1701b2a6bea7b8e8e257269e915589b2c7781213c227372fe4b367e66ab239f6b5c99bdcdda77614c50d71cc0d7fcc219f41b56f8a2f23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
ecf2588e6185741e35e78c89e7cf321f

SHA1
46856aed3fda6cd082d1579c3da987560aa12665

SHA256
05afb8ad52416b7912e34f6699885add3f47e92003497af91224a8743bcd68c6

SHA512
42fd5bc414c772f650fae6712b505618200fa5306b632c8d7b0cea73717a7d2a88b77ca3fe40e994c00b4e84f655d353a8382033256fa8665b2ee18ff59e9e5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
4271330e965f214c9464a4ab60d60da4

SHA1
aa453e93ebaf971318238796ea0e4c34288ed8b7

SHA256
b17e49c1e4bb6bdc74d5dd6511a51387ec7230fa3f955d534a0af62b842b0532

SHA512
6a066a94e48c9eafa7bc55d6e019b28276eac4141dadd220a14ff7b5ae0e62e71f1be782aded04ed7030e5001210cfc5d2c3f3bad6daf6f6d06a385b6856d711

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
535B

MD5
0ac1968ee6b2807143c73c8d05ee5673

SHA1
400663715cd12081609c28d62d87322f1d68469e

SHA256
3e59bbaa9fe023e9e7e76e5d51cd84983c00902561ee46749a7a733b3d0010ff

SHA512
72bca439bd6e1bbe5632d0ceb6af408050cdc4700ed04758f241f800320afc64c62b83d43124926c6ec37a8e3b3281d0d720a65d25543ed62a438ad5c73dc0c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
535B

MD5
61bd4cb7c61a92bf0127f51e8f259e88

SHA1
012d66e779239131f0743514ec6163b460d81b75

SHA256
63e1def541b849506e177ea6e03b7a66769129c69a92735b5dbb98f6ed2e9a00

SHA512
9319b65deb839c122dca37bdbf45537824e3a5bede81774b6342df600e53efc57e9f797a97a516d2a6cbe74ab9017403ab7cf6563982239439ca4f44fdce6ee3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
3916a94f6fcf60fd065d367b5563461b

SHA1
0bb3af5eb9b01d5eea990108de72c86ad6dea87a

SHA256
351a02fdd8dd62062bc5e684ed22c8c9c124f25d4133adcc628e90a02400790c

SHA512
d76a96ba1e76c55510fcae4ef631ef12091ed4db2b9d707988b1237660f37e92bdf68ae9dc6f0619c84b46f3003172be45217bf0ed564383d4b7fb2f2e9a5ace

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
8033eb57dbd14d67b97f4f667ae4f6ae

SHA1
d576a31c01b3c7da5364bffb182e2b810949b360

SHA256
1e53bcc12167cabb5d4fce54fc6ef3810111e759b859ea9d424baf9ac55ea280

SHA512
6babbaaee34196a67888b113676bf56c08d38439c2ced038d692f68c5729489af5cafabf2dfcd9e8c29d64232e4b1873238e53d660a3786b3f9de7bd7e634ceb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582a95.TMP

Filesize
370B

MD5
430348538b4a9b7bc440e6c2bca71061

SHA1
149454be99612b4a7017df1fc0f5d0ac8321e17e

SHA256
7d1e7a6fabda11c86a22211793c781dddb14b8df489447774825b6f42b03e482

SHA512
c6ad7e64a2461924b12212ad81d1859a46ff526c0af8c0d076512bfa81f17634f3d20004f4b2601c3d02c67ae2763e7baf2d7cc78c3a924ebb53baa5ef5c3bad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
409712a0b198ec660a2bd89e1ffe017f

SHA1
1afdca366ce8c4a98a9ecb8cbf2c1f94e9d502d7

SHA256
7f0e8a5d637207a5bfd5b5aceb7481c6ff9899f8be740e0f3bc72c3b63de8805

SHA512
b367cd6e43147fdc91e874aa0416166736fa5465b5e045e439737ce840f14e077a4e345e6c73f0506428557d0410a61794600f6421804d0cb8af19a1ee341d07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
96bde972e58c77cd602373e4cca5e062

SHA1
3adc4c93571166a24f64a89b6e8a02d00a97b412

SHA256
9de3a9e5a67fb741ee392b24d160c16ceedf9e2e97055bad1257bd7e584f7682

SHA512
3e5c909e99c7ccd6ad05594223059e14e2af21881059761710628ee07e3531a22c8e4d68fb2255538783eeaa5798c16cb20575c7d28bea8a96ceb3926b8aae01

Download Submit