0f3efb0de3841a56a707601332ac5c8c13916f5e5aec58bf5bb180e7eb962df6

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
22-01-2025 23:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_11e1957ae05ca7a6b484734e70717776.html
Size

74KB
MD5

11e1957ae05ca7a6b484734e70717776
SHA1

b37ef06cb7478108f920ca0318cdebbdd729abd9
SHA256

0f3efb0de3841a56a707601332ac5c8c13916f5e5aec58bf5bb180e7eb962df6
SHA512

f5a6fb3363cf58f5cbd430cf5a6273e27eb33907e47063d9e0b66f64386f06a423bb284ff4fadc39d82a2fb3eafd18435024c9d47af6438b0adc01687d269540
SSDEEP

1536:xW6dP2l+7+f+7+x+W+N+N+CeG+Qxt4+u28o0ia4P9dgo27:xW6dOl+7+f+7+x+W+N+N+CeG+l+h8X4A

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2356	msedge.exe
2356	msedge.exe
1460	msedge.exe
1460	msedge.exe
3660	msedge.exe
3660	msedge.exe
3660	msedge.exe
3660	msedge.exe
3396	msedge.exe
3396	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe
1460	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1460 wrote to memory of 4528	1460	msedge.exe	83
PID 1460 wrote to memory of 4528	1460	msedge.exe	83
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 1652	1460	msedge.exe	84
PID 1460 wrote to memory of 2356	1460	msedge.exe	85
PID 1460 wrote to memory of 2356	1460	msedge.exe	85
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86
PID 1460 wrote to memory of 2560	1460	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_11e1957ae05ca7a6b484734e70717776.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff38e146f8,0x7fff38e14708,0x7fff38e14718
  2⤵
  PID:4528
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=fallback-handler --database="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --exception-pointers=4475358986240 --process=176 /prefetch:7 --thread=4228
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:3396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,11306684011831373793,10266666456199174616,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2
  2⤵
  PID:1652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,11306684011831373793,10266666456199174616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,11306684011831373793,10266666456199174616,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2816 /prefetch:8
  2⤵
  PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,11306684011831373793,10266666456199174616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,11306684011831373793,10266666456199174616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,11306684011831373793,10266666456199174616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4228 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,11306684011831373793,10266666456199174616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:4100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,11306684011831373793,10266666456199174616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1960 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,11306684011831373793,10266666456199174616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2256 /prefetch:1
  2⤵
  PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,11306684011831373793,10266666456199174616,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8556 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3660

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3816

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1312

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
85ba073d7015b6ce7da19235a275f6da

SHA1
a23c8c2125e45a0788bac14423ae1f3eab92cf00

SHA256
5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617

SHA512
eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7de1bbdc1f9cf1a58ae1de4951ce8cb9

SHA1
010da169e15457c25bd80ef02d76a940c1210301

SHA256
6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e

SHA512
e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
77KB

MD5
8ea40e11a0a5e5cd62977d32449e31a2

SHA1
05109cf8b3615ac03818d47d3f7f529743930df3

SHA256
e55e7caff2b090f5a0c6f196b97482dec12a36b9bb83c9aee92a4a7d3cf5c5f1

SHA512
86e9c92e0bd0ffd01fefb9d2d74aacd285486cbc75515e99b2bd15b74414aa6fcd5ccf139c1c45dbda25354f5215595f7f596f650d7c7d8e630a380f0fd18919

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
77KB

MD5
271236236844c80e9b1ab75efa95da2c

SHA1
dee18a66c2b3c0d4e719f6362a8a5b860028226b

SHA256
a8a7fe21d358d03edae2cec9fcfcecb0e8ac091137e58484b3326a420edd35f4

SHA512
f14d8a59962f012c6dbdb41424a50decb851f2b2e719ae3389f72a8f279cc2a4ea0f101f96338650aca990a5d300b2c7fa6f7b658fe7d8054ac316d9aaa8eb63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007f

Filesize
77KB

MD5
d75b6fe72072f779322023f09076a597

SHA1
916c35c17f6f3216e75856a63455050a35527222

SHA256
8e3176b8875e000bf3da455f76d5e9bdc37ee7283b3c446cbe3e244b97fb1afe

SHA512
a509a4a3af86b7eb51be62fc4b6fc7b9bfed857fa00e56b9fa64cd23dd4b8ec52d6f6674ede6687ef1356588718bbc36d7851525ecd431d57d2f5c57ceed281e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000df

Filesize
77KB

MD5
2305dd9cfc69124257dbcbdad0434850

SHA1
12ef08b924d465c0155a0e322ed7bf2f1a4be6f3

SHA256
b9aec770c6621029fac2a86b00f059a26f0dab8ed50b574cf16a18c80212e7d1

SHA512
ea85f3068d0e088662e47dc02c6301b3b7ee0c9734f2597e99fba733df17ec6f6217c8d6f832280d2b90ea1cc08bd1d591230725064f2b1e927a30fc7f3ae06a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000152

Filesize
77KB

MD5
b2a2c5e307b343e8e44c1600adef5528

SHA1
1ac10f174b30a1a97148040f965351eec8230607

SHA256
e3c67465c563c39903f7341bc34d4293ebbc624063ac9af8152e0e70416cb059

SHA512
bd79e2d36f8cffc698c8867de3c5ea212c8ef1f4588418ed8e6b20d39fd0366e02760626c17efb3b073a06110ddd66632fc13ef777ba5140463391633d128e43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000220

Filesize
77KB

MD5
5818132722fa3cd79a7cb8e9f7079db6

SHA1
dd778f833058264b4cedc8eea06b40a3bec8ddcb

SHA256
76a0688b334c80be6a9d966229501e636c557b3bbf03370f0e3eda950f120bfa

SHA512
b01a4c4cb4953ffd151e5a62b5a717a6768c2d97eaf5f3a4503952736dffe32457338eac1956135f2ae03a39e5d9337e511df7c198ded57d4261a7ad567d21f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00026b

Filesize
77KB

MD5
d388f6d33b08182f9479517c60b11fab

SHA1
57039e2d4cfd7ff143cf95d4efba18cdcd0e6402

SHA256
867d87312eccfc5f2aa828228221a455f91fc62053bedf6fadfa4e3ebcbe9e98

SHA512
f68a9203851ee1d9526df429d03a758f16e37aca3aa1657ea8a07f04a285507cf4c69d4a18270a8acced66e08f166af281c693767f577f0060374c9a48902950

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0002c5

Filesize
77KB

MD5
807985e26c9c8694e5e0e20d71a7948b

SHA1
b90abfdb01bcb72539bc5dcbee363e22350ada84

SHA256
bc92bbce9d2d54a3795bf6c7ba25011348fcb5fc62372c4596422a1f0ede9489

SHA512
919ba8c5d31d9047feeabf5d9ad7d8007a31ad095efeae3f9eed17a14c922dd8befb5d4fc905654dc8926554186f4918fe6d3da9e1e75a0d3a64d4e71c6018ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0002fd

Filesize
77KB

MD5
ae3163c4a267057f126e2cc51c1e6270

SHA1
978f95c2e60674ec7881d5f9b35113ea2ecd9c37

SHA256
c993577f5f61ec780ea8d5a514f36d6335b3dca78535e924303f5eda6689b2a3

SHA512
7867f127f8778408bd5e9e1c3a6e7a873f66de04862eccdf54c49c31cc6bde1131bfff08d35a11f81f7f3b31f592d513ab273f274e97b5767b947e0c608284b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000395

Filesize
92KB

MD5
f8d5d61915d1acb3a0869e493a2d702c

SHA1
01cdcaac271f1d696ce584ae12ff6290f159c600

SHA256
4d612f85fb12eb64f0cbd45f473ae54f9a2554e1e12a398e897dc85bbee24d05

SHA512
7c9b4a3179f868289cc7d598d0720021fde45960ed6a9ba587f0760f8a34fa7d749fca26faf593287ba5f814c62f15ade200629d6ea0e148ea71ba567a29c131

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00039c

Filesize
53KB

MD5
1c1ae37879e698dd009a387ebaee38a4

SHA1
f71be8d37f5a1f2041ef5b3968d1cdf8331ef620

SHA256
d89d3a98e01a4291efac8e00adfa6f4f44883506064db1a16b73dc7a602c7239

SHA512
3dc89af6a8a2474d1a48fb3bcbd4b5866c701bdc116c5d06c2efb679e526fc2190d63c8d23828edff03c82d1300a109e40d6834495bbc2ab60259093cdc6a59e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
207B

MD5
23fb5a1e3103da9a9364ac2bcdd5bdb1

SHA1
56d901b8a5e4dd21f49d8f0df9e52a525927ca57

SHA256
75f0883ec18014e86b74c5a3d58bb481e6d1b06e9c07c62ef350d2778594b194

SHA512
e1674ab2d3fbd0852b82829021d12e12466be8ce08f5c36ff9e14dce4be4b08876a62607ddab14f47551e037dfa7510e38b69dace6ca4ef922c056dc1bacf837

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
255B

MD5
ad0a6141cf3bf16051f52c3088114b27

SHA1
ac5f4cd573234d3bb33a57e972c5f554d6e4c7fa

SHA256
8cf9f6ed05d39605d2535add7060a6139471545993e83603b0d878f60e534b0d

SHA512
73556f496598a6f1278fcd2521d265979b952629fb982de27c761e507940527567ca165c42e1a9a1d5c118e3877170f6512928c432222f9994d3b1a8ec506c4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
207B

MD5
6b686ed3f972fb273227a6a8fd503ce7

SHA1
060ea130bd2c712b55a3726dcaf213ab921c54c5

SHA256
f697da6b4f08234048c3ab292e07c6120d0da68c0509a2323589de7bdfe2eaa9

SHA512
05eb4f4f6471cb72437e31716680c7788ec019d5c2bad0fc50f589a3794a5f9644cf75ed21cf45fdddd81978eac935c46d7aa224bb2a3e38d010d2b36bf8d130

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b62cd03f7f70f73f_0

Filesize
72KB

MD5
47206bc4dbe016642dc5ccb479282590

SHA1
5e3db7c8a367bad3d21e6e0d120202fa95d2ac10

SHA256
253aa65098e1b33f297e1ab38f02e76fbe4d290fd949f45cc775a1d9d3800d76

SHA512
adf3b1df10c6f398f83b28f21d0925201b40329b191ef156437425a4f867e9fdf0f175a379b1311bdc6b93e9fbe76f38e339bc4f3630494cdf23236192d7cc32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
33f141908b110e6f7a6747fef4d2c3dc

SHA1
ccb730b4b7ad87c82c771cfb15b4fba89001ca42

SHA256
59bb77ff9a0f06cf1670c9a966c121600a92ab5998e5d9e5448ff5a2f1ebb725

SHA512
3beabfdeaaa4c1bda8dcf0ea0e5ddb2ec64b8939578c2719f09ae32d2d81b36d7483b8126925d327acf1668843bf924b8013fa64ac0ed8a8c41ac4777500ed10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
bdd77ac045a26880dfa3ab67eb4606a2

SHA1
5bcbc6ebce23ae615c25260b86cd13e731ef1e71

SHA256
2cb0da954a24e6c16a2924509aef09e29c9774d11819156356dead8a110a3e7c

SHA512
63dcd5d0573fc744d12b28a06ff0c3d1636275c58ef0552421542393315a9bd54191b20dac8e665861019a0001542eeed2cd71491520e579cbbe4b066a138fa7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
51c2e68965f8b9835e8d7432e662e37f

SHA1
be7bd5997b15160b55493dee1171b7a7d7bb7174

SHA256
fb55ecd19fa7aa94d5beb4c9d2d9694b6e551c5dad0b78e474c33b43054929d5

SHA512
afa66c81ca05dd90a09441dab2749d60b83edbd08619582083057f4d7903ded271cadab0a5907a46d0413eb71b70d929453a1dd74024eab4c1cc43d94d5848de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
6733d61423905b015177c4e29f5a9a06

SHA1
7c0002901635d69c8bc95e9455e0adc0dbfce136

SHA256
78cd33a2e83311d03d7f0be4b0fcdf5388a3654f087d751f641bb32134740517

SHA512
2ad5b7710489c9c3910018cc9e9c38ab45f29f2866b9438d6ea8f094ef2c572d2fc4157d27b3934a07536ad391ffd58c13d3a1aab5f70e7d770a46d61941a851

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
bcdf804d9c37dee0eeeef87bf031641d

SHA1
fb103ffbca6482d578583f32bddce797712bea26

SHA256
14e4f8fe39f74f44ff88800a09fd330f65cf975267b705f4df17f7b3ec14007f

SHA512
9d30280f3f3bc13063566fab0866606e87a352930598063cc7f87e847e46206118425c071f095819dc6236861eeaad89b67868fb6ad03b02b7d460c26669cfdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
a9beffc256aad46be449eda2977a6046

SHA1
4c4cc5d12fe81477c1112c997e8f8d4535429dbd

SHA256
37618adffcaf4bb84761336bcc3190ec77b6224f8a4c21e7891b0348bfb06d93

SHA512
cbf9cd26e9808793857243a228156743b91f4549fa9e8be243a4f37b995a530013c415da530a7d94610ac13c6e4ab74c55bf1884e5e80f37c59cab08d4a49129

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
5b4623919e3f8ef6c6a4352c5261a558

SHA1
a66d7ad82b3acf710f0d2ec6a98226ff846aceb1

SHA256
61463e163a15a86bf7129cc3fcad1f9014f06b48d59611d3d3ec00717e76c260

SHA512
7a722fda304a8aa1eb4040704c251cf19035ec2a143bec7ada7d7c690dc1b0bc96fafd90d7d03dce2868eae64bae3f1083b3c52aa51d03f4ac5218fa466a005c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
34feb8a689a50291c49167c575417b58

SHA1
634adc8b03bd1d71e91afda2271c5f2d2514cd50

SHA256
eafecfa554922dc32e98c5531810edfaebdbe2d02d422113fcb23c6fa2650fc5

SHA512
6e3cfb7929c28f3d8e8e13f62880965e069bea82a233ca2d20601fd578744dab6927f8a4c167e95f718ab3c45eec339c29e2f135ba2361805990058847686ccf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
25d24f418674cd6919f7852897c07297

SHA1
9d3df10bd825a4ac6e1eb3a74289480add1af046

SHA256
a54975ff9eab70af10633a3fafdd4a5aecf32693116e32e90c368e4ff491f158

SHA512
e629235987f1111b22e4e2a4b3c6e7c73ee3e497ef8e4d4aa7c3176f4161f5cdc944aa74478c4ef2e69a23fe3f604f051fd3d8232e51fb472a8f41e1cfa45206

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
2eb62f2490db68faef99c85b75c691ef

SHA1
39e7784a413069231b216ff1d8fef17462fdfb29

SHA256
09e51de09ecf6747eb2df40ffbdda62ac90d6e5031f0628464cf9e83efb9b3d9

SHA512
2400a9fb05d04cdde306d1a31441f039b3f5e7ffb48e875ae32b91598b47da636bb32db1c32966f68db51d7feb9a647b8c4323dcd7c1a3988a366960f7518e9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
c1a6fce86d35b8d1ff195fe609b4ea63

SHA1
d80af966deee874b5d4deaa2c4496ecffe726d34

SHA256
a63291b2f093ea28b986d983083709f18be67cb4812de870256a579371d0882f

SHA512
1ad8378179a87be485b6edbce231d0503d4bf3bb80ff75f8d6d4babf6ad40bfba68da25662a3fed0980d9f50f6ea9c59a2eb524ef1209d2011c39f25bcc9a698

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
1b2093be1e17318478ed4b28e9c4be0e

SHA1
f0359b5e4723caa97be97b900134afd075a82795

SHA256
ec51ffebdc1ea1d71684ab1b6be8d70f155c1e64f74743698cc368ffa64291b9

SHA512
a519baabe28ac729082aca6da3fefe61c967148f324bfd150e11ab435f4d4bcfb89d8526525caaf2e4ccfdbb8676ae1f840dc7a04501b674bea1f51d70816803

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
ef755854deed9162fa947dd74cc800be

SHA1
74a1b86d732654776ec970bd19db98c952c5a34c

SHA256
a15cc24c8d952a51ad6d8129ee5a2ac7b434267e59e8033fe9433eb1bedfbd36

SHA512
d2d956cafed1786b24497ebbd4af97826ebb3fc2e6fac1f4c7976d9fc1cbc14a5832c0b729a870ff54b983dd87d922820944af69d7ec29833290210216ead1fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
95fd16b7ad08e3e004c39fba59548772

SHA1
623ac7ef591b5bea50fbbb7f0ff62af24541e8b7

SHA256
4f0a3ba62516105eb87b73fc33938860275f43f437ebc72832f49caca69bab3e

SHA512
82a151df63d307e1c44ec028597c6959496de660523d770e50470db4ed3f94e228f886a903002a0a696f11a67c597cc9b8dfe780188413936705bf456293fd80

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe588f6a.TMP

Filesize
204B

MD5
757741a1f229fe50f0f7e0d7b2121ad4

SHA1
fc4d6e68f3e3b1c7630c0e00c6cddf08b18f49ad

SHA256
9c8e430b688d3eba3e942d28baddbb5b45cd424a80b9be21acb628335af1415b

SHA512
b36ec8824a695574ac98e04d2608a9b4c630cc978139c3293671b11dea1570ee3e38263f8de4e55a0173fd2ec835922d96d7d8704ade0a9d685b338dac438ca7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
1bb05cce3f4921d81af8047742f68c6b

SHA1
d48d8378ea931eac98d6667ac7e5e2a77e152b3d

SHA256
f0c024ce815941dfbd778d35acda156ffcf405b5e157ddf085649343e0fbb65d

SHA512
6cff222bcd34639b5938ee435bb46f4e8500d745949ce2676cd8c1110441e2e74d12cb20fb11f952c01f2e7e940ab08f657e26c91651fcdc0bfcde533ff0f6eb

Download Submit