69cb22898161887236131d71cb90931d2660da344257b1e9a0619050165c37f3

Analysis

max time kernel
148s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
15-01-2025 10:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_54085767d17ed6d7ea06f9dc48dfe19d.html
Size

88KB
MD5

54085767d17ed6d7ea06f9dc48dfe19d
SHA1

46b9264bb64bfa1fdd15593090cf13969d851e36
SHA256

69cb22898161887236131d71cb90931d2660da344257b1e9a0619050165c37f3
SHA512

62c947c70e831e905849c8ae7f8cda38f826329f1177f094102a10d26a2375903fb698b39b836f90116db8d492ae832db77b95676ffe8f2702c74fe46ea769c4
SSDEEP

1536:KC/A/L5ETQu0V9Mk+RHasslRNod3h3R88CB3MrXJr/qPPwGcUBZXmYx:KCA/40/r+RHasslRNod3h3R88sMrXV/8

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1016	msedge.exe
1016	msedge.exe
3588	msedge.exe
3588	msedge.exe
5092	msedge.exe
5092	msedge.exe
5320	msedge.exe
5320	msedge.exe
5320	msedge.exe
5320	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe
3588	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3588 wrote to memory of 4628	3588	msedge.exe	83
PID 3588 wrote to memory of 4628	3588	msedge.exe	83
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 4596	3588	msedge.exe	84
PID 3588 wrote to memory of 1016	3588	msedge.exe	85
PID 3588 wrote to memory of 1016	3588	msedge.exe	85
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86
PID 3588 wrote to memory of 4404	3588	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_54085767d17ed6d7ea06f9dc48dfe19d.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce88c46f8,0x7ffce88c4708,0x7ffce88c4718
  2⤵
  PID:4628
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=fallback-handler --database="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --exception-pointers=51067164213248 --process=176 /prefetch:7 --thread=3080
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:5092
- - C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -u -p 4628 -s 716
    3⤵
    PID:3252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:4596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8
  2⤵
  PID:4404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4644 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
  2⤵
  PID:960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4088 /prefetch:2
  2⤵
  PID:5916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13631433090173362747,411507045477132359,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7060 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5320

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3280

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5068

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2368

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6092

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
85ba073d7015b6ce7da19235a275f6da

SHA1
a23c8c2125e45a0788bac14423ae1f3eab92cf00

SHA256
5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617

SHA512
eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7de1bbdc1f9cf1a58ae1de4951ce8cb9

SHA1
010da169e15457c25bd80ef02d76a940c1210301

SHA256
6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e

SHA512
e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079

Filesize
76KB

MD5
40eb528d5006d5445dc5eaa24092404d

SHA1
b513716fbaaaad5bd2d866c53ee1dddf2f10397d

SHA256
0233e229b480801a82f782a08f32ec14d1d9d0f31ee7061462ff8911c7c3471d

SHA512
07649ac876698eb48893af8beca67655fccfcc76a6202fba800f6413820bec5d834b8e4c82336d759a494a3fc1d89a03a8a1075536a29201d607928a5d4f3e6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000133

Filesize
76KB

MD5
6c107a09994cb85edd6b81a8ac6a75d9

SHA1
242afb594f6a08ad9e34c8da294fc77da39959c2

SHA256
a02bfe1be007ce5565205c7b95e8d180febfec18100237dd98bbe222a221798c

SHA512
a7247082b218010e86c99a1d2508f0d540264445f006011ee5fb0d558f5bed298b8db44d0a20c8eef136827bfd7437aab4ba8dffdcb79851ed084ea32f1848b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000147

Filesize
70KB

MD5
8dad4f1917d0ba9e18337f038f62f38d

SHA1
4f6087ca33da94b8626b025c86532e5faf273460

SHA256
e0635a5d2b19bed2bfd2b92df0278cd19128d07475c29e126ad1bb4506e40948

SHA512
ae6f91b5ad3e61fb468026b526d80243b5d4fd7238663ecb94ded5c7e87e484ed3489553e074ad20fad9585b8402478f7a0f88346489a1ac897a8bd01cdcec1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014e

Filesize
76KB

MD5
c92a62b010d7db793a70340684b5ee65

SHA1
541220b0246b800e25cf84df40985ef1ef4047b2

SHA256
5e0d593d8ac3c922a87362bba04e1151d9a398f312b52d251a16909e9ec64341

SHA512
85b9b9e3bfad8a0c7c9ffc659fa4e86a0c21db1203f61f36d5b5ac3680de66341d622d6a54d0cb6ae935984c424a556392e34825baf6f1d69b08cf83264a94bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015b

Filesize
76KB

MD5
3b4943197670829ca466e077f874022c

SHA1
d5122cce3f42d1a11555cbcbb007debbc905cfd6

SHA256
b9585765d4071bada8b651f0fb2e3a75af1f25ce9a248a490fdd4e96e344da16

SHA512
26cfb1244a8888dfe66f73e7e8be0e9e647c213972a04f39bd5f70de626e1c4383e4a1876fb455e18e214d8c46f2180a9e19ce5a88075bf66a3bd9cab2504671

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001bc

Filesize
76KB

MD5
7e5b8c1c881058294d578ae26ea6d836

SHA1
e691acf401eb52652249d385e358d5425a513e04

SHA256
d2593caef4f922b008489aea09b0176ac9fbb25425c1070a0037eb152a4a224d

SHA512
de1f71aab07b0fc5abfc0cbc7b733ead10f2fafb481902a156a34f9c8d01fe7ccde8577de130b988870fac50a3784f297635e30cbf34a113897df7142ac14e38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001e6

Filesize
76KB

MD5
c649fc56d82a0450140722d225c6c119

SHA1
5de16ef05a2c64a96e853fcf1f0af49da4d1b905

SHA256
d6ac7309b9dd561805f32657e4bddaa6f4a4479ff11c08c3018be38b7565d64e

SHA512
f2ea23cc73565960c8f6b892c8c718ec53377828aaedf738a758eebca408718aaeb1f055704020da4e3ef3122340b22d4f4e61a70f00a3578a4311c350b1d1b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001ec

Filesize
76KB

MD5
9b4270911425dd41b2b874b64510bcae

SHA1
735dd75739d77483e75033b5011b2dc4e8eec316

SHA256
7d6934a5c5a0e57d2e56e0a51b9fce695201d63e5ab427364658977fde542f2b

SHA512
f1344a181ae9d9816a81da2894f435d0db48b87019de09102875e36b70b3c3a7d7619faaefd07d677fefec58efdaf488d169bf90b581a199d2b78bec409d323c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000229

Filesize
76KB

MD5
390e3cba1663d17f460b3f4835cf730b

SHA1
f4f5683ad74ee29cf745274cf9bdb260ce7f2f93

SHA256
47b42020075c50ce2a8aa9a406085ea3f913b54c0b6de66386fcb263ee761796

SHA512
f741d8879f52d06f1506f77e6f057deaa70e7e90f9fdb5aef52f232c781c4a0b7a91eb54135d1bd9df1ffc750756f1af584a1c382069c11f4e1764b4a583aa2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000231

Filesize
76KB

MD5
5fd447da95e7e7a4230f1e170f2e2724

SHA1
7710ceca65dab91a867ac14eff7ae7558981a27a

SHA256
38340afc88e1caf65bccde44ec0eee5250329700909067d939be7891d7c6d247

SHA512
2be3ec1cb004fbba07e364f54d6146eea8c186b880be9f705a5c7d1f1178b9d3ef91a69d4fe076b3a24f1ad40e78b9ae0410ff5f6ee851efa2ff8612a2c0153a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000252

Filesize
76KB

MD5
61f096cd565e4665e0b0379980bc5f23

SHA1
cff8a604f75bbd3089489184d58c0d79015d8cbe

SHA256
a89d2ac62f46bbbc8a666cdfb70545a44ac45e2e42c3435f72e29247f6e71595

SHA512
8c0d4f6a99f5b184eb2f86daad9f46d71564891f4ac4df512d4cb6e2c079ad1e1444e86eaaa69c54e99d53010fa93e63339f1113b97ed327b1ed9410afb00180

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000266

Filesize
76KB

MD5
dae470fab938b25d4754bc7ed128b6da

SHA1
a503c7ea7c90a57f04cc22852a80f2ff23fd7570

SHA256
f391ddaabfcc081b565ca5f47aac342056d0487b2a51f91a7335673f0276e827

SHA512
e6b29841b98904e52871069f1a024f851867f4853cedab9d28c109e6f0f2816ed2b738d819cf52d5238ab2565a5d9d9e168145cdda0623a3284746fcb0b52d81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000279

Filesize
76KB

MD5
94d477cc5bee0c7ee27e31d4841b75e2

SHA1
17f7f190e229c85f4caf76c4f34234276f6b7667

SHA256
6da671a33220d1238aecbec53650b1d0f956f3efd46b3e484dd6cc5053f0f7b3

SHA512
e0c0f9da4af48ae5eff362610e9bc1306dc7e7c3a1684874c5e231abeffb8717b232d6a37b401e86a6488607ee4b1d17b92f9a1f76c21e0765ed298cc8c27573

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0002b2

Filesize
76KB

MD5
1c2e3cb2f49dc45a5749152f59d6c27e

SHA1
2330b3edc21cada1efd4c7f3fa11b2a674b5aeac

SHA256
15f8c6d44f7236f8019a090dcc5eff4ed84a78e785748e5edc159476f735a240

SHA512
56a40ca0c73c806830fa8c20a480a96a09b8d353435117886ba5fdb3579b38c9d9f61555cf711993b9a70e28dedd77619e607fd62dff783d62fb42ff76fb29dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0002de

Filesize
76KB

MD5
f1bf78363c133bace5402f287e45ce62

SHA1
a01462fe881b08241f163ae604c5a6e4ccea46e0

SHA256
2ea7fbe752452938d775c0801fe594fa2dff64bf94754ff35f9a381e21df55c4

SHA512
364954f792e03faacb53c575e7911ccc70021b508a7d09678bb76bc0c590dac1cdf041536baaff3b9e649374cda40233c8f5b7fb024463b93a764696e831b6a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0003d7

Filesize
76KB

MD5
d7cdbe0e88fc3106e3f5ee456564209c

SHA1
616f6c1e245c0964d563bb49286f36426abb0d46

SHA256
5bf331a8a7bd7a5b59caaa4fd24084ce0c8f9c553dd01f2edafdaced4fccfba0

SHA512
640e552f3443ade1993be8ab4a2a00af848b8d9f6d0f85782af513db836aec903b40554260c5a6d24dc66738ef7b42e44259fb6d8663fc0099111dba14502bba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00048b

Filesize
91KB

MD5
3f7d27f126fdb0b8760ef401d0ee3652

SHA1
dbcb230c60b3afb273b28c9b45324f6414d89e0b

SHA256
9a21f19a71d0b3d9f19070937e108568898093f218c8f3f1d777f90ff479c5ec

SHA512
c93eb2a68efed45ce170860bc686b923363456f465591aca3c98e55e304e60b0985658ceac643aba957f8884f983636342c29057950f73e880f727594ed0af0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0004b3

Filesize
91KB

MD5
1d20003c317c6c0b786ffb0b522c97d0

SHA1
f8d7c310a6bb5586c12a3f0b14bd2a32818db9ae

SHA256
40fb55689e1ebe1dbc04243d826afb7c98ea51fe4d05b0733cda76a063ba2d55

SHA512
57d7e92a1fc6e423d99d741d3bd44aa1d6c253dfd03f555b6b6b56a1d9d38c157c684b782833b9f36060f96b2bf596d5f1ac1d3bd76c35d1ae2d09202ff63864

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
255B

MD5
1baeb597dafa96e0498f712e90d1a450

SHA1
0d1a076e4cc568e59931cae50797f0152ed3df67

SHA256
4e5074e6c7786d3564241c7ef000479a66b7fbb99784021952d48b6a08a13ad7

SHA512
601a99f20ddd5d92b1d73bae3c7cb86134faaa4c23635479d6244bab0acbb7fa66140673b64c8f7341156856a0cb29b6105c4a233b438cebf1a5357a9c21caca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8053efb3963095ad_0

Filesize
67KB

MD5
2103354a0b2546c37265ed42f22e6134

SHA1
2ffa3a7f90cc02cccc6ae080e6e1b87f81f43fca

SHA256
4ad3effb2bbef3ba885497f66f0efd60c6d92e6a6d164ef8f2573b50ff947703

SHA512
efd1b8de4c7fd8297f66caf357d83a28f7f0d4d7f8b96c73838a55d853e802359c34654dd0855a10d3fab03360b4e13036570003ece69f9c9c6a5bc3cb67b596

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
f68be2d9f7156fbf45e41789d054ca5d

SHA1
8573b44e6afef15a120318ea23108231daeaf389

SHA256
876b14da60f1f80cfd36f3d1720e2093ae230ae094dfb7170f27e89143c55eb8

SHA512
e939cee8e413f1eb6e809a7cac34f573c8348a80ae1cd33e1d1bcc9181c5ddcc5ce7dd03057094c9d1df8aa1a66159fac6f27e70a9cbbc6629108f2b499197d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b34f83fda111ce4b47c7c20f46d36205

SHA1
b1ad7ac0ce391899e15393306754c2ab3079bdc0

SHA256
4a2bb4af98fbc0bdb46787253b18e1dec9b16abdbbba493c5e52b0b7912ad866

SHA512
eb06c8ec23335dc3ac257df52a5f33a0861073dbc06982dc21c171ce48ab0cc9f7d07609e9fd67278e65c5388a6f79b60551e4e2f49b4ae85ef8e870120375a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
3e55a3e9e1447d5c7441c6cdd54c10c7

SHA1
8618c432c3cff0c510b9a1cf0aa1523cedaa13d5

SHA256
24f7230618d8d0cc4edc2359e7da4d1573039279a427e670e64012586a724bad

SHA512
1212a7ddc7ce0007c1c7fbc0f29f678f23c5786ba0d86035c3c061c403f2ae2675a831cfefa3685bd9ae0a7e2dd3322f289e16b02b428f7df553662b87cfadd6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5aa1d2ed301b20b7720c2b8667b13bb0

SHA1
32e23c0f06970f5ea185202538822bce47fb146c

SHA256
8ef845ad9436d379bf9575eae7347b6de03078138e7df91f6af81602268daee9

SHA512
6f99990ad278ef8a98ea394bc8b8a6ebc9a624053b6ad0c805243db8d59a452c20a976ad18b44fc9988a90c6dd41f963941878d4779c3142e4cf975251a6249c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
dee48ce8e4f4c3682549c7c60f68e932

SHA1
aa26f929ceae57dd6a821a07d8d4e523a4052e45

SHA256
ebaa5173d8c527f97df6268e27571cf6c47ef1d2865e4e6443c3eda35ace6d43

SHA512
0e71f84ef2e01c7d6dab1cf74311dc249c74c7eebc33fdf58e72d1a5c26d7fd03ddeb7813fde09052d348ee88f3f7c8f0817a83668e936b791a6dc74e00492ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
6f3d5f62cf9389c27e6ac4f61d50606f

SHA1
06e998b6c946a63b03e8be7a48de51d5cbe516f4

SHA256
334ac8edce5fb36074405deeee24b340fe94ffbd66e77c3fbc5370be62179363

SHA512
ff7ca22dc234ea03432d96f617a7ecff81a648db98876bf2dd7b23ed305008b294d9f2afff961198703bd6c0f79ee9b430845249b222b7b62b8cd97bb99abee4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
ef2fce9737bedaa2c3b6771e24dc08cd

SHA1
58e8aa310b82fbc094e1adb7df5d1832c86b1a7a

SHA256
d020e34f845cc7fc7f92e7b473ff4d59f3cd8f5276df18bf714a360477c182a2

SHA512
d544644eaf783cbf3754352aec845118e287c8d7ccb0439f7968b38c8131f4166b9be1667e4c8a81b3d35d144dae48e86ea933fc9064f58f86631c985eb88201

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
3a646d114b7c617efc34140b202e26ef

SHA1
eb5b0beb22f4b6d34a90ded4fd6f00d22a338cae

SHA256
4ccfe68d17f288ecc0839705d8f6b9b3aded2853f12b25df7e41ecec564d2562

SHA512
fd244d0d400c29b48a3eca7459db0366e16ccbb13c8b7bc1134361aa66b458ff342924cebd03163b0039c7b63e2311fe35ebe5b21a5de207c119a61c374868ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
93114eb4d334d5db9c94c4cc50fa9c48

SHA1
762588aaa59a1992515104a8183cec5472f3975f

SHA256
6256e91f6b6acf57c147367bc84c0c23ecdfb5a25a35c637e58ed6cd31ae2ae6

SHA512
e442129d094834d5f18b4be47a3e62a9e05d9aa85e8ca1ea6acd27588f642f2fbbcc0fa32d28f3bbfdda9332351f124575af4778f1b9b49d9a850644c2ab7dca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
5b1c6bf9c6b65e2ba284a1741d8d3856

SHA1
bd948124c229ee21d1f4941f9eccfc7c92c36d46

SHA256
bce75e519bc0b924fa75ba3b59f7993636c19cfa175d39e4b8646ab828fe2a73

SHA512
e756a2bd1eda6cb96e99c6e12ddc4c0d4250d34ebf324dc202b7cbc857368dd90c8bc60b9ee04eeafe0cd1a7a104fac7eb88df636528baaa08d0a6fd30bd82ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
8d4f10d71750ce45b581691ffd4163f3

SHA1
0255871d279fe76efce5060fdb80383d0a8b332b

SHA256
8b3fea1f3fb1e86e8b9d687311d1e87c9f498a3304c0dc0b2dcf54d3da368fae

SHA512
76fbf960cec78faf126857fd5df9c7a8f54a9c08d3ecd87fa184d5d0e17e399ef58f12e7c4dc654d4b2b6ee5a0d0bd547960690528c64d830a54cbde5156a90a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ded7.TMP

Filesize
874B

MD5
f841b733aa793167498139d9a3ef6618

SHA1
3ac7207c5f132a7d64f5f5a82325045c2553d331

SHA256
a43914038b7ecacf5533460e197eabd857f9dfafc944ba114db342bed75816fd

SHA512
3154d0969f2e0188a3528f52fc41a9b672c6f48c9f80aba3c62c8f1db6315a945c084664af3b6fe92e97895572ba12e0a1a5d06eda1dbe57287efea28ef86ff1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
441a17469d840f0d3fabbedc4ea64fc8

SHA1
ec52882c14e70d43ebfd0719397d1f7f1a309ecd

SHA256
faa383c3e80f088f1a140d63253f54b59732506b792664e07940df34a5cecc8a

SHA512
c9334dcf30985d6922c7e393dd439e893f004a0829558f4d4750bc5bc50a271cba9d8c3c38db85dc0dcc3681de9e7518d869e67091c1f10a9834c8e20e875436

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
37359395b6d6353173e73443833ae415

SHA1
9f0d7f2ce2b5373e8dc11bffed25201194209f74

SHA256
e51d4d46bc2ac3847ed811d7f3a3513018d1a9b7dacfc58eae76a1f4556bda44

SHA512
d2ac81ac960fbb384d8d522468decaa6ff31244b0203e55df3a3e3704eabaec96b25b71b44f49fd7634acd4f59140cc7664356c53598fab7055337c9f3f1e524

Download Submit