2225d605d4bd7227172a56d99636ecfc955e4108162abb0e0add0992aa0a486e

Analysis

max time kernel
145s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09-01-2025 03:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_bb46708e84fd805ff086ec51613073e2.html
Size

122KB
MD5

bb46708e84fd805ff086ec51613073e2
SHA1

678f131945c6a7f8f85cb84d469a39ab507c9cc5
SHA256

2225d605d4bd7227172a56d99636ecfc955e4108162abb0e0add0992aa0a486e
SHA512

ec9f789fcb7de3382b2aa9eecee386bf4bbbfb5b6e743a37d8369dd1eb6c3eaedf9d36c03f7e38b30f3426e9c416c711fa0b70c785bfbb7aaa1c864d6e108ba2
SSDEEP

3072:C/VFb7/v5izt8aNuJNMdWRifs19yVMqfh5eV:I5kt8aNuJpyVMqS

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
11	sites.google.com
16	sites.google.com
17	sites.google.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
5072	msedge.exe
5072	msedge.exe
2928	msedge.exe
2928	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2928 wrote to memory of 4204	2928	msedge.exe	83
PID 2928 wrote to memory of 4204	2928	msedge.exe	83
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 4060	2928	msedge.exe	84
PID 2928 wrote to memory of 5072	2928	msedge.exe	85
PID 2928 wrote to memory of 5072	2928	msedge.exe	85
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86
PID 2928 wrote to memory of 3284	2928	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_bb46708e84fd805ff086ec51613073e2.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ff82df446f8,0x7ff82df44708,0x7ff82df44718
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:4060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
  2⤵
  PID:3284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:3876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:1720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:1132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
  2⤵
  PID:3120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1
  2⤵
  PID:1404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,9678619157858035156,6069277113763697182,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5496 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:768

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3248

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2276

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4700

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7cb450b1315c63b1d5d89d98ba22da5

SHA1
694005cd9e1a4c54e0b83d0598a8a0c089df1556

SHA256
38355fd694faf1223518e40bac1996bdceaf44191214b0a23c4334d5fb07d031

SHA512
df04d4f4b77bae447a940b28aeac345b21b299d8d26e28ecbb3c1c9e9a0e07c551e412d545c7dbb147a92c12bad7ae49ac35af021c34b88e2c6c5f7a0b65f6a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
37f660dd4b6ddf23bc37f5c823d1c33a

SHA1
1c35538aa307a3e09d15519df6ace99674ae428b

SHA256
4e2510a1d5a50a94fe4ce0f74932ab780758a8cbdc6d176a9ce8ab92309f26f8

SHA512
807b8b8dc9109b6f78fc63655450bf12b9a006ff63e8f29ade8899d45fdf4a6c068c5c46a3efbc4232b9e1e35d6494f00ded5cdb3e235c8a25023bfbd823992d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
fc45860b82a61ac8f6c31bca9780acd5

SHA1
18e214c0834bffca0c993823119370aa42d077d4

SHA256
6932fe1382c91652374cf637aa034996fa5d34cb334afebe8866441d6a158cc5

SHA512
a6f2b4665f70785e41e8d4daa37ed24e6e622d3caf9116657042e98c18506aebaeaff3255a6e4b6bac111dc05f69f1e11de0f3e51ed7fb287dd5e5ebafdac1c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
73009edd6727a6c7a83124167376f9ba

SHA1
918380becf908869dae63045e74fff8ddfe62a6e

SHA256
3f613317aba30cf3cb0701cdb685045b8de08693309bc379318218b1a5aa453e

SHA512
a4812e6641c2daa486ca697db9fda981cefd42ad5a5596b4da0fd4ab93731d1381038c5db9de1f9a5199b11fcf29d9f5e90c2c70d5ad7bd0a65474c4982d4c48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
bc6f842a9333e00d77f0f1d8744ff0f1

SHA1
5345df762d149b8766c560ce2a790749dcbd51d9

SHA256
3513331540fbf127cc14c6e66eaaad0e0680f39099dfaa525473685f5482ecf9

SHA512
915cc87730435d6519596692a307579e7abd382b57fffd042c4fb3c5932c2f6747bae84e23c3097dba51a20ce2a46e94872dbfc4c8feec637d8895cf90ffd2fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7b61cb3855fa9851c8eef297d9860b9c

SHA1
af4ecdc6bb5d428bee89896c3ce368712b9cf1dc

SHA256
f8259f20c6aa6d25e84c192463a37a44efadc9f7333266a81ec6ea3460620043

SHA512
cfecc8ef71cd8a96a097a6296409ab2afc1bfe2642086d880c38c8f30a78ccbe82a89e3b97851af7645447d39a4ce8610d4a5d1061aef0eb1d02053810ca4706

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7121824facfaf3fc0ea539fea36ccfee

SHA1
fe52d5ea4862097abe5121350d61306878b19aea

SHA256
198868f4384bb68c374a95f9fca07968601a630b270b746e80088ea5fc8d9ca6

SHA512
2670d4846e69f63f982aef8b547ee0d3331a909d29d0ee63186d0895580098c94aa9c7cfde5a2fdde3f20a756a5de1e87fa3d5ed308185228179225ce99ec98d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
77d008af98af01e5324375e031a0b2cb

SHA1
d8ddd153199db69faafd722b711ff3d8314d21ca

SHA256
d575f32d3f0236af873112276595037c6676cb18056c529129c0aa29e9cbfb39

SHA512
adca2b9b34284fa6d17816671410eee75de5556ddd09b558d38ae22dc1984bba45ee24df6f42d7e61a7ffbb1dd0c63f3ca39174a61c988ea2ae2ffcd7252a6a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582093.TMP

Filesize
706B

MD5
6d26e878d4685c06d074d31ab951f185

SHA1
584f1da9a2968a70800ea4cbd5f7b979dceb1506

SHA256
64dd8b994e8f91c0668fba3490eca979a095601840d94eead04f46078359651b

SHA512
2b66d2fdc67c669fb7dbeee08229fba922db9eb06c6aa82395de0c903447318ac9301e4cf853c398c7d5af2c79def639d59c6c5291c7c8b8732fb22dfadbf891

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
555c60c11cd412476bf3ecd84e587049

SHA1
260d1b0626a09e96207f87cf2ec24700a66f587e

SHA256
2ebadd8754c2189b2b62e727fc14bee2916e79c97deaa86c3edd8aa97cc6ee24

SHA512
b1502c2edf329bb906087a5e82cea83f3e8392e10ae039be98bab3dc53d4320678023c06b9291d28e0604987857278343f9af212d63e32a73b3e05abc3cac1fe

Download Submit