a05a7fb57309550c9c56366fb61d3e98bc93bfc5677f4def64c199e06e492466

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
15-01-2025 08:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_522ce2746bb6bc9fd71c7c69d7765cef.html
Size

84KB
MD5

522ce2746bb6bc9fd71c7c69d7765cef
SHA1

f1b0b3484058767f43aa782b5f8b51d0286593f6
SHA256

a05a7fb57309550c9c56366fb61d3e98bc93bfc5677f4def64c199e06e492466
SHA512

292c632a25d023cbd666c2f60eee312410f4f85c7c7a744421858923156d5222894433e0c3010d540a8371a80decb4eb1d53ce9332f109af007c2408d12c1fc3
SSDEEP

1536:DC/A/L5ETQuahu+rHasslRNodlhfR88CB3MrXJr/qPPwGcUTZXmul:DCA/4ahu+rHasslRNodlhfR88sMrXV/U

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 3 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	msedge.exe

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

pid	Process
944	msedge.exe
944	msedge.exe
4020	msedge.exe
4020	msedge.exe
3860	msedge.exe
3860	msedge.exe
3860	msedge.exe
3860	msedge.exe
3860	msedge.exe
3860	msedge.exe
3860	msedge.exe
3860	msedge.exe
636	msedge.exe
636	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4020 wrote to memory of 3860	4020	msedge.exe	83
PID 4020 wrote to memory of 3860	4020	msedge.exe	83
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 184	4020	msedge.exe	84
PID 4020 wrote to memory of 944	4020	msedge.exe	85
PID 4020 wrote to memory of 944	4020	msedge.exe	85
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86
PID 4020 wrote to memory of 1948	4020	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_522ce2746bb6bc9fd71c7c69d7765cef.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xe0,0xe4,0xd8,0xdc,0x108,0x7ffa302e46f8,0x7ffa302e4708,0x7ffa302e4718
  2⤵
  - Checks processor information in registry
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  PID:3860
- - C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -u -p 3860 -s 1628
    3⤵
    PID:5572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
  2⤵
  PID:184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
  2⤵
  PID:1948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:4296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3004 /prefetch:1
  2⤵
  PID:2056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
  2⤵
  PID:4168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
  2⤵
  PID:4200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=15500 /prefetch:2
  2⤵
  PID:5796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=15344 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,8379648053179529146,6083934563654664015,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3412 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4108

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4688

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3672

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5708

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5856

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\51af0548-670f-4796-8fcb-a33f175271df.tmp

Filesize
10KB

MD5
a4d275c7c5f2e3dc1e2dfc85eb082ab0

SHA1
28b6fc22c3eaa4e0d0149daeee024a219652524a

SHA256
f67dcd2238903f5d757cef6ca5feb6bbdef5d627b7552f036143ca02eeb98d6f

SHA512
33853e8e7a6efbc372e63bd83c8bf9719d1c6b0a1888a0d9717a65be9e6424c97dc427b2ba81e2fd87b386d0283c979a23042e194e5a9859160af181875714d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\metadata

Filesize
150B

MD5
cfbf225052fdb8cfbb2a7736357cccd4

SHA1
5aa80c8058390b471d8d8587794dad6487e9353b

SHA256
6f0f2ab21db54692e77e656d58c339203c4864976a714c19148ec1fa0dfb5b42

SHA512
4026cc47a21279b26c7819c250c09861a698c974cad875fb066ccf498af1b48039b383a6a20c23c00f4ec67c534a45799c68b8a1158d767ff5b1749a909e8277

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\3a6cb308-89b3-4f2d-9c39-51fc20630788.dmp

Filesize
3.9MB

MD5
9e8ecc077e1452690c6d6422420ccfc6

SHA1
d0da7b36242ae96daf4c78cc28ebc1579a3fabb3

SHA256
bebb479caaa1b0561c9256507b743c7c0c8dec6e70664c898bd847687d0990ef

SHA512
b9a0cf23ba6732b624c7e833efbff75c756ab0f604c5e2153ef7f4d30bbfa72c392d0257c86e086b9498aa369675d264a80fd348bac676c36682039091ae3945

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
99afa4934d1e3c56bbce114b356e8a99

SHA1
3f0e7a1a28d9d9c06b6663df5d83a65c84d52581

SHA256
08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8

SHA512
76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
443a627d539ca4eab732bad0cbe7332b

SHA1
86b18b906a1acd2a22f4b2c78ac3564c394a9569

SHA256
1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9

SHA512
923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b

Filesize
76KB

MD5
12d97eeeeb2942e602cd989d9cb9ebaa

SHA1
554f246377a318d4221fc817d4c567452639b997

SHA256
3475cf2a0e6c68e36f73f7c5f80cef35650b45a2341528a14aadaa46aa3fcff0

SHA512
f5317042849961cc74eae80166374a0d6a7ec47938b8075aca205a762fa14d448538dedb0fc0e945775fe292715cb2f2db2f48ed425c8719d0f50481a18a5ed2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009a

Filesize
91KB

MD5
9a82ed3b8de25199ff8ac2ee5cd1f588

SHA1
22cee75c694b683a8fcd289e00f2a9ad975c2960

SHA256
e0485b72b719a63eb22bfbffccda12b9a08a80d25e52a46ab5d1b9a8a0684862

SHA512
e7d0e4bb14fefcb2b9b6249ebb9ea79c4c3bb2318e87e31d0d09b9f2d100abd0f0c3705c6ec38a8f11195ed6333c3db9fcbf203fcccc6244d41b1551089cf5d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c2

Filesize
76KB

MD5
d72a4bdf58e77ba819794c6f34644770

SHA1
3a79262b3269c0b5748469b660762c9130fe7d62

SHA256
73291446c067a823dbc3afe208601722e05b98cc3703eead7c89a992e2a064ea

SHA512
c1bd428bb5dc160415f5c1dd9e93c1646dad6e2a33b578e6ebe554def8fc8f71300c14691f7fb329e0c20b28bbb2b5f78b9b53d1bfdf0aedc51786768e34521c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000105

Filesize
76KB

MD5
bc3a4e211204884a673e0eacae23e6d7

SHA1
63f5fb00900bfd3de4b926a4145708bf3400b617

SHA256
50f3b93fc666d9f671804dce63ef24266c7be45f5fc89ea59cca3cb4c71adeed

SHA512
74ed4e01352fa0e257737f2831192e49acc67f0c8bd5e4261befa2abe3fd2954aef2f0ee3be4940d968d161a2b12c279314ea48ef00544760d5ea44fd6a3b42a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000122

Filesize
76KB

MD5
341460224cf6caa9b5a54aec243a3366

SHA1
853a0a91e669d93901274099bb174179cfb89bce

SHA256
696b56393b8ddcbcfef584419586ddf364acbd99e9bd0ea37b2e79f6fbd9a646

SHA512
98e62164913d9d2e2bd6ced63718b078be34afeca8e22cfd404cad148e46e9e0f4d9584b8076ccb511228a9a2a896508f65ce9394a2610e813534c046dc99eca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001bd

Filesize
76KB

MD5
fb16c06b2e226d1a4253e634a41b7a9d

SHA1
d21c6942e53dc8587c9e3d0f2460b20f4f903a7f

SHA256
15ec9a76b09774e4cf3194ec7a1465085fe2a5a33a23743f7d1d4ac75e9f8623

SHA512
ba23c7a443175aa483e6d099635373fa3bd3c6787632d52b80f274d48f77e394f902abfdad95e43447030430e206dff7caf89a620d208c9ffa20350fd64c4659

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00027b

Filesize
76KB

MD5
5ef721df5ed055eba9df5f493e2767db

SHA1
ec049fd7a39dd47225afb155373749532e9ac574

SHA256
1dfdf7b14400d15696be783c211a3f9d548f2d072c77d471c61cd3a8a74140c0

SHA512
062b2f33dff9cde920e651222ad7ede9e596923fa70b787827c84dddbdf03376730fd8f3e8fe86ae86cc2a6d545fd434a6272ce5a13dc13b608941fe4a842bb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000282

Filesize
76KB

MD5
349b5400565efc66a4062537b32d7fbd

SHA1
ec5eeac7e5abefe3d4ebf91c10ee0ba197090cb6

SHA256
d2cbdb6b40e6ec19ff18aa4618492c2284dd9117d99623d188b61250adb80396

SHA512
b849dd9c1f66e6960f0a3c98cf73d6ae445b8564fdc4b7fdc57adacaafdbb1b72802ec9d8d3079aab4abc5fda8222ead7bb2ee15363ef71b6181dac24c27b9b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000283

Filesize
76KB

MD5
e67f4d45b14a24dbcf6039219d9e2c04

SHA1
b97d3cddda0284145a01308d6bb649f9e505a7c0

SHA256
acab253a06ca5fc631bc8738900138ec0f62522dd4912f989043bd775b526ddd

SHA512
a4c86dae6965cedc9b18b578d1b34eef1a806ef4fc6f62506fec31e39cd5bf5d9b6a85438cbca86c3927dafc79b3677dafc0d9a1e500fbfe6a3b1e2b4fb3ad30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0002a1

Filesize
76KB

MD5
ed0da5365289550680f9b902bcecc32b

SHA1
8b50791ad4bc23d75c28a54884a7e995e500c459

SHA256
e479b8a24ab1f958410cdcd0806c29a39927e6de14f3d77b3b71c8dfdc547336

SHA512
cec1bba2773d4c76f2d3c872ccaaae5b75cc146d8f31321eaea61026bb75f198c462617fdef768bb8f9d3531a2210371ba0b1efdd7feeb99ee28e7416d4d2bb7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0002be

Filesize
76KB

MD5
09cdc8601f367a0ff570874ac40e3277

SHA1
14b367102792c57e6f1bbd747af1d5338bb822c5

SHA256
6221e05e392a3aec2dd49b6421da573a404e2624a292970a9c6e721e64d8ec50

SHA512
622b7906d7a5c7c65bad9f608a7b3138343a0020d7a6adff7edc15f1c1b231bad70e23875444fcbfa2817c36e6d76c69fa2a25f4776f6f96f3bed18d4009e03e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00031c

Filesize
70KB

MD5
6041213efdb1b3e6171f471a7127718c

SHA1
6be5e5dd805372ecb2a153b4145537659cbd8546

SHA256
ec47b544f1ea83e095866327d5db13c4b7b32507e5609fae08e19adfc5491d78

SHA512
6b2f05fcb646ff80bdcbb19665ef841c2617a9432b4aab53d08b0cd37a479d1b89741e0bc80da9b77e0004fc4ee4a04baed79fed1b24f3cb7d384d3de50911ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000333

Filesize
76KB

MD5
02fa64a49ee8c8dce384d441f15337ec

SHA1
b4cbca2199a5ae38191e3202bd8c9a0045511bf7

SHA256
7adc3668de69b2f5a638c76be711bb53842e71105eccf62677eb552c31ab110f

SHA512
a501192dc345df1ab074d3651c2762836fa2580aef3f4e431fb38fed958b215628048406c2a7292381dcd5b8de5060d4bca9d780168cedbc044f149830f53176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000337

Filesize
76KB

MD5
2f3a399243ee3947e9e2c9a7438ff80d

SHA1
36e0e035f07138e4a64dd5bb0a325e31fbb0b2ac

SHA256
b580939c1a9e51fec1e2a92424a1a10503a8b91d1d9f8b33cecd4e73443698a1

SHA512
e300e094010bfa25811f7bdf31a0fd6e204c67d7da5155c740b5a5be03ad81d6822ef6a67c64308fa93e5e18e6f2bf2ad14f8c9d621f233d5a48f5b97f172d52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00034c

Filesize
76KB

MD5
e6e328cad91b2793cf39e6c0359b8b95

SHA1
90e8496c6e7da3379bc41e266b21dbc86eca7963

SHA256
a8cc78f4fb26d44c2be98d749e454c1403428af23a6abbd34c4aeb665e52b673

SHA512
7bc31b2e22b9d16ac08323cd556f0221edd16fe935bdac1d9cc3ed9574d1db8d8ef3d690c54a2424d324f6f3abb7876962135a30208dc2d21a263335216babbe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000372

Filesize
76KB

MD5
ae6f0976f9711de16ab2f95ef3d55001

SHA1
23f876c31eb2218cfc166382750c23c9eba9c858

SHA256
3d0495b6bfe80153bcb38921766995474a2470e441249176b24e2cb9b8a6b751

SHA512
543037857113de36adfd0f8b8a8aeafec297ffd15258d3d61354025ee7ff7a51538ec3c8f3130fd1280ca78746bade2a4fd7e93c11ca721a18854d7aea35ca4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00038b

Filesize
76KB

MD5
893e8fd0457f4e65bc6dcf5e22036428

SHA1
6d9fef7fec6af904f91842846ed6310ee5384e32

SHA256
6ec5990eda9b748841e9d6cbde6141ecb315b408f05b61b535d3d5d1465183cf

SHA512
c42cb7df59b79ffa951cf5ea9ed032d09d0029c09d3a41e85b0e321cc8bd5668e9e94bae1649c81a6faab251ce26abef73d54db1bab624b06ff18d2538eb99a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0003a8

Filesize
70KB

MD5
58cfeba041b6807635d0d765bfdbdff8

SHA1
ad5d74d2565e5b959761a5c80bae619df3b584f0

SHA256
306cd69ae3f82577985f9f069128a41a118d0e76e6473d18cd810844971fd3cb

SHA512
2b501d98fb78482e67ba15304569539fda1d0ed5c9d5838aab1087dad823f2d087790c4ec9725f7f92ae5f888b02ba477c90772e41b125ffc3b05e3707285dc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0003cd

Filesize
76KB

MD5
b01b423b820420dc9b0c77907c4829a5

SHA1
39d29ac64e4cba9131eecfd4614a10d78dfa6d87

SHA256
61a9e1898f431fd41812aa641bafb189cdf5d00c85073cb623fd728dd079b32d

SHA512
4fa1897997387d55c8242f3f67167fdcc1136f06ba59b95bb68aaa6971a9e25a245ec620796a384359d963e97ce216fa4451d5c95ea10845ad2f6457e1c4885c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000442

Filesize
91KB

MD5
0b596e7cf89fe2349858eb262a3d4c7e

SHA1
18c74674f3662f1a7d82af60caec1b8fce3010d3

SHA256
eee234ff51a47c29cb86b8722f91f5577be864210cb9f9610eec2bbf3c8d6690

SHA512
4968a26630bfb57d203900fd13edccb2b4865983e98e677d77a7405d1a8f461c5470c9c75c5f41fe0ec7b5a80c6a0029725d10258491afd6d045a2e1f6879812

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3126870a63ea85f8_0

Filesize
67KB

MD5
199438c16902883198736312434ade07

SHA1
3bf9fc5c47406187eaeec9bffb5d47c6124082e5

SHA256
690900281e90517a0224d742dcb7e1a62ce6734215581e85a71d6c88af99a113

SHA512
78107a750f676833ab3b2bbb1672c60389112fee8c3ccea1d5f5138cc068cf8925f9c153e954c7a56e56d449148523e6912d372c9c5db50574ad24bb8f610575

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
255B

MD5
75e86bd1c41c376f89132cf064e2db3f

SHA1
b63aa268e07957df953e43a9f18325d1016456e4

SHA256
e6e46ad17754e0dc7b815b7ead35e25e38ee1a5dddc10970fc9dd8bd7196325c

SHA512
82c9e3bdb178118d52885f7b90aedad089245de149ab2babb7ed501e223cce610b461b4eec0cbb3caf3efdd1fd96ea415ec50f18363439ac43332fd28a560284

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
255B

MD5
704b2d2469fd8bb4860179fb2a2480ab

SHA1
87219c71790706793e1e0b296124936fecf68efd

SHA256
630d0305622bdff0b0e703046c58fcb99548743be459756feff6c374869aef3e

SHA512
abf56250e50627b971b6c6f2968a79ef7182389d92c00834fd0bad027110becd2078bfc2cd1e13098a69778bbfcf562d89c711ea0d3c6f4f3ce2a81458fbea08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
255B

MD5
7dad0dd7aa2ceb68eaef74298d08786e

SHA1
eb8efa24f040fc3fbd5757f79e1b7562cfcb71c7

SHA256
f80f286847cf92199cac54b16984d8baeef4d52171b0e515c582d31c5dde2b75

SHA512
9c90438cae4a526fb566fe3511ec4e35382b7ba61d856fb2f18b8af661f576fdeb99c28544861f8536bb02b7c4bafa1b8bd36da30714acf219f74ef01cf21857

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
207B

MD5
8166928ad35ba6fca307d127b6a0d7fb

SHA1
efc6e7f7ae027dd7498d695f5c01490955059345

SHA256
5ac0ebf5e50d89a20f6abd2ba658d52e010091628417c4d272917f54eab18c1f

SHA512
801f669bc9c20b45f7c10030e19edee5f7b15ba6c516587a26d6424240e55a25b79319ee3424883e7ac2b92b97093f755d507233558a79a0cd169030dee843a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87377f06911300c6_0

Filesize
64KB

MD5
31231cdf8ec39a89c7c0ac82287afce5

SHA1
96e6a91b2559f5634f460b953dc5320a15214224

SHA256
0eda657f044d462968cea7b7c38a3925a74281b71447344f09eb7751ca503b3c

SHA512
a1037b88d6ff8f4e25964fc9f4eb389a66c8e0ac8ee24d222e43d6aa18faa3e2d416259069f72a531c765742be46604e1e94f1836b34fd7b092fc56816f93949

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4baf328608a1bf3_0

Filesize
66KB

MD5
a998e8a4331c896badcc20e3449eacca

SHA1
e586598f21b709ccbb8c33dafc3336e0830d533d

SHA256
9b8b27c3be975d0097c7e87575d39f8a56a705ad2543ac54c21318c1b5581a4a

SHA512
9c16ec7d7f85faea507ec8d567a850eab245c0d9d1bfba7bafb609755740e272f5630bb88171122408ebb258aea6db9e2a81ae48fef617ae76af3ef81b69200e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
24KB

MD5
10fbe251ec8cbb7607df033b1cc83fa6

SHA1
c48516d058ce207f2dc5d8f5ad17862574ca7ce2

SHA256
775775180244d129a2aed6c84ab2552d669f385022b0d9a25d174aeb41102600

SHA512
3b11569624d563301c538887e37253cb7d12493a3a9a322d4f752ca9a6b42c28b270a1cbaa27b92afe87753120b790f99f4b9c5c7784aa4cb5f3b35b44146c0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

Filesize
20KB

MD5
44880d66b84820d728c545fd1bf30c47

SHA1
6157cecc9c70f47461cf58ede52a918361f9c432

SHA256
5c65dcb8f53770337bd70a4530bde182bcfe600681df885cc7dd687e819be53a

SHA512
c301f978bc86bf53110953714ae74d14380abc9e15314924c04855b148908fa68fce4740926ac7cc37ef6246567e2cf84ee3d0b223dc45d3ef799a193b200d04

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
e5bc8b4b1e8b80ad3e6d79fc60d7eb18

SHA1
75df22fc3cc8e7360f015e4e1f19b14dbaed40c5

SHA256
52e224c1d5bbbbb4f370bdd7450c60bf9146944dc3c5eaa8567343833b602323

SHA512
5665a9b0f8ace1506c2e9f515522fce371f0fdf2bef6c374e54a71ffa58ed5cfe5a4fc877d427d53537c2970734ef9e531325a072e6132b2a4d9fbb4c33e09f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
dea6ba8bb7fa431e9f7ad04a3ac70642

SHA1
d52d7f493cdad9c36b967ccbcfa548eea106b92c

SHA256
7a408b124c13af1223328ab516e16a42a794737f7fb283d38dca8c58ce303890

SHA512
0d354ac8582ee0d60bee8becc4fa64503b7ac1521076acc9f788bb9d8a160e4fa49882fc75b131f1f261792dd418404821dd99c6458bce23157021b5935116a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ea36d52e55dee3789295dc6048e5ceb7

SHA1
3b970a0af0f41d25d34db0833cdc1e33972d8378

SHA256
b29a0b2522bd8fe8b72493db4fa8874445675c14df2d3a28b6e0eb5690b8c788

SHA512
bc14abfaa30cd4a12c75ba6ef983733c8b6b951d4d4ed2774fda2b7476dd5efa5b8b9f764d3f389db4d9b7452760c0c807b4d2bf7ea6cf281b16f451ef5a0aa5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3ec65c226c11fe1a10b7c286cc78979a

SHA1
39efbe290b2498f2289ad95bb0932fef66967717

SHA256
28d51bf703e1fbe395a20135a648cf133d19e71c0cfd5707734263647b595913

SHA512
3efc8cf1e1144faf3e5016ad678c79c93bca957ff8469eaa617e8aac9e1c2382c878e6c54881a78b43d25cfffa1f206fd84481d2acf95a23158e6e0e6bdec99c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
5fe715e0644e72bc593a785650ecffaa

SHA1
3be7e582c8d85d23835c3ee7ac0fe0b1c1ed42ab

SHA256
cc3d522dbd5ed1e8d78a62d3882668a07c014c1944328b42320d75260e4d6786

SHA512
b7191702e310ffcb759a0012482b8f6ab93d99d2ebd38ec267ab55d59d0a1ccca6c6569f49a39ece1ec46a0ebfceeba596ac703acb62e3c9e78296f68c5c2960

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
795bb8392c02c821d8054559733ead83

SHA1
c34ca9e057ac7370132f28865ce129ae9b7a62cc

SHA256
82a0f04336454937a0ea5d81c33bf7d400ef56cb7e1b7360ec1487b9398c0e0a

SHA512
3418dd649090bdc0a7da8500a7bf409f0d6748d4c0f0574b023dead807607ebb14af801965aa8f56297c294b4ce5235693bf92b5b46282d0fc021eef4bf3f0ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
a503588022e9554e4ff5cd0d20fb667c

SHA1
f00bdf2ba6864ad6cd7a008bc08015f5fbbb29ed

SHA256
641f7b1c292ebf75fd4d01e360c18a545d91b56d9ab2dd8166162eeb76ca3f4d

SHA512
ff501cee81fa757ae0c44423f770f81c2b9ec98837361dbe68dfe89b025b28d2ad7bcae775aa299612e79cd63bc7afc73476c399e402fa2443cc84245e6e115a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
3421bfc226d8eece0229ce20b049b63c

SHA1
173a870b2dd796c20f023aaba3e9b605331651b7

SHA256
41fb16970ba365210197e1feaf42a249997f5f288f3c8a42113612057f948073

SHA512
8899835232c8d35481246e7365cd547ad89738b13475b25901f63d7e6d7ba71d2e7f806dff8119d46b38636214de0dee1990fcd3bce5b01b300095b965f3975c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
13ff8fd261f2212611b2648552b2d557

SHA1
b371b0801d891f78f3d510181ecd98b645971919

SHA256
b23e84520f8ca17ff6efe471879426a73fd412cc1e25ad1ac094acb4c1526ec3

SHA512
b606746d208453e9a4ee32d57bb4e2ba2df32be26c5fb02a33cf1af31c88ca6c18ff9be3fb7112c873eb23a7c619b6c95cc10a0b9963a949007e50a967b811a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
c81af695d75fe7d98cd472621f5804b5

SHA1
e17ac6ae52aa93cd29c07996bef2bdb398295d90

SHA256
237126bf7a6a870ed2f2c2c3bed9912d5e5e1cfa4763dd5000cebea5f7edbdf4

SHA512
f3bfc4ce03dfa5f31c6fb26cffb88e69d56ec922d73da3abe2729d4b0619d6d30e9800d0855d7bc0266d1ba199ac4a3f2346f8659bf6af27f89c4afb3fdeebba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58464b.TMP

Filesize
706B

MD5
b649498e614ebac46cc837a7ff106d07

SHA1
eae3273bcd2ed0f607f7cecea2de260ae9fc7566

SHA256
67abaa0f06608ccb0427839a17527f3e5b0b28b2f38ff5d60ff7dc65948f8127

SHA512
ba779130fb5581f388b7c8ca5fa46003b4769ec159791a8c49db91e651166efe108c222c628035fdb836b9c662f44702f715d2e9252be8410dfd1de005fdc294

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b634a9c1fdbd063e3c62d01c69ec274f

SHA1
965179f9057ed0ac36f48d6570154007a2e8b057

SHA256
893d759dfc0fc6f3884ca0f38f60cb444310658f7f4a8d7ed389155b5246d27a

SHA512
3972617b0c185a404a109b54319fa4a1bcc02f0617feca239a559ee9e8dc362ab1c3314e4bb87acbe4f458d4681883324bc3e18de05611a68a895f8787b79412

Download Submit