Overview

overview

10

Static

static

1

JaffaCakes...4.html

windows7-x64

10

JaffaCakes...4.html

windows10-2004-x64

6

Analysis

  • max time kernel
    145s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250129-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-02-2025 16:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_8aa398745bae42197e077797f2c63104.html

  • Size

    241KB

  • MD5

    8aa398745bae42197e077797f2c63104

  • SHA1

    6e4ad26161856243b077a7946d643ddbc1629f00

  • SHA256

    0e68301dec6cbb6c629e1e6d17b1f9ed9dc04199d2ae7208e4310db33188a5f4

  • SHA512

    d439fed455c9c8fd36c996bcd8380665ec9bb396bda6bc42c7444e3e8485d7947b6538326ba975ef1f6ac5114d3b8b9e89691fa7d4753c9ed8a4e75c52be3546

  • SSDEEP

    3072:14Z0gOS+IOrTHeodfhMFc+ZjXIPzpjmaLH9ZCroYna3vZSP5ZbI0ty/derD8f9uT:14OgDErTF+5MEax9YDPngfNwZ80

Score
6/10
discovery

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_8aa398745bae42197e077797f2c63104.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:828
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffa55246f8,0x7fffa5524708,0x7fffa5524718
      2⤵
        PID:4432
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
        2⤵
          PID:4420
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1740
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2572 /prefetch:8
          2⤵
            PID:2788
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
            2⤵
              PID:1992
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
              2⤵
                PID:4996
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
                2⤵
                  PID:464
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
                  2⤵
                    PID:4492
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
                    2⤵
                      PID:1632
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
                      2⤵
                        PID:2716
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
                        2⤵
                          PID:3436
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
                          2⤵
                            PID:4448
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
                            2⤵
                              PID:3384
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
                              2⤵
                                PID:1312
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
                                2⤵
                                  PID:3944
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4172 /prefetch:1
                                  2⤵
                                    PID:2140
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3708 /prefetch:1
                                    2⤵
                                      PID:448
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
                                      2⤵
                                        PID:1332
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7564 /prefetch:8
                                        2⤵
                                          PID:3632
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7564 /prefetch:8
                                          2⤵
                                          • Suspicious behavior: EnumeratesProcesses
                                          PID:4724
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1
                                          2⤵
                                            PID:4612
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7364 /prefetch:1
                                            2⤵
                                              PID:464
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
                                              2⤵
                                                PID:2768
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
                                                2⤵
                                                  PID:2812
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,6407720996781523705,4349016656435573872,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=904 /prefetch:2
                                                  2⤵
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  PID:1400
                                              • C:\Windows\System32\CompPkgSrv.exe
                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                1⤵
                                                  PID:3576
                                                • C:\Windows\System32\CompPkgSrv.exe
                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                  1⤵
                                                    PID:536
                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                    1⤵
                                                      PID:4304

                                                    Network

                                                    MITRE ATT&CK Enterprise v15

                                                    Replay Monitor

                                                    Loading Replay Monitor...

                                                    Downloads

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                      Filesize

                                                      152B

                                                      MD5

                                                      37d04af7fe040412c05f24f2c6cd8f2f

                                                      SHA1

                                                      2443f06f4525f3d766514f122857ecc74fc2941a

                                                      SHA256

                                                      1ab5a5199a050f7d642f1d2793d42657778c954a3fc31a799cdae6b5439cf725

                                                      SHA512

                                                      b3449a38062566d668b5823876a48762e67959723fd1ee37168f58d150269e25300e43342611a72052b956a2602c44ca3ceb452eed1a4ab12b5f752461e32555

                                                      Download Submit

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                      Filesize

                                                      152B

                                                      MD5

                                                      4c76084ef5a62345ea5fe42f496230ce

                                                      SHA1

                                                      ab677a8684211939ded110b61dcecd68d3e0b606

                                                      SHA256

                                                      1db95ee6e5eb9737bfb6df17177540cd05454c27f4fd73c916c39f690f749c76

                                                      SHA512

                                                      d0c3578750ae89785645d31a931c598c8dba7035a17b6fb9bcd3ceb76a69c8dcb4b23ecc89ed85be30599382db72d167bf91313ec44b59778247537e14cba66b

                                                      Download Submit

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                      Filesize

                                                      528B

                                                      MD5

                                                      39d86c3f5782dc6748a56a2e33f2d2d8

                                                      SHA1

                                                      4db0ae91ef2226ec19fc9c7cdaf09be189524999

                                                      SHA256

                                                      27d52dbcccf8bdd95fb0b9f59c5aefaa37451041067a593f5981b58cc5b7c4e4

                                                      SHA512

                                                      f221d024c32039dad4ba093386e41dd3a9dfa0420b53c657dbdab87097d638e77b4f3a5d0557c93709e1a7b2fbe00b417309d08d9340e48efdebc33a4e41cbfe

                                                      Download Submit

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                      Filesize

                                                      3KB

                                                      MD5

                                                      356ce521c3177953d828263025db2a7b

                                                      SHA1

                                                      94ab54762939704cdda0d8012e04cdd1545cf4e2

                                                      SHA256

                                                      b3776146708aed884b042503b9dbbb888c891cbe27ed442d7cf693e8e0ac22d0

                                                      SHA512

                                                      f3c0f961b0450b2f7cfebd887c443c8a264755d1db85d21879727eca5e109f9a50d0e19d03bf233b1184d44dc07d85cc3540346dda4a0df814e53e79b2ce75ea

                                                      Download Submit

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                      Filesize

                                                      3KB

                                                      MD5

                                                      5fae89c560a84874b9eab85e65dbc48d

                                                      SHA1

                                                      9b977ccae2d9e0907c08797ead7777fe87bfea57

                                                      SHA256

                                                      d82b476aea5c8513b17d294db0c12c1773e021b8b4b3c35d206e78fbf40e266e

                                                      SHA512

                                                      fc9c359adedc5ca6ae7cf3e0e9920d836ec90c0eb6b4628e677ab3c555efe08abc3f8d9f9ccaef1de0d8bbd1ae9bde22bd06fc8d53a3125bde5b438dda4a3d39

                                                      Download Submit

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                      Filesize

                                                      8KB

                                                      MD5

                                                      d4d190e6729e31c4f4f0e4a049db0de0

                                                      SHA1

                                                      723faf148075795062c6f58fc80797be2228f169

                                                      SHA256

                                                      d383fdcac54a75ebf1372d0a0984f0c75c43de3e56ae92af8d6e9d23e43c0276

                                                      SHA512

                                                      d3762fbc10fcd75652a21a93f567320cb4c061fd42132936c20799652458f4140c784165291ad0af47825f5d08cae6778c194bd57a117057d12b54ee6654e079

                                                      Download Submit

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                      Filesize

                                                      6KB

                                                      MD5

                                                      09fd6ee344f816d9dc88cdacddb5ef8c

                                                      SHA1

                                                      8215434568d41843ec68863f31471ef210121590

                                                      SHA256

                                                      17508763a0dfcf918751d638026e6591331f3fe475763d6065c49e93ad9554b2

                                                      SHA512

                                                      ea03125dea029a0366dd892fb433f3c1ccd6e4cdf56e261e4e0d05567eb19643584f77c8ad229c03a88170433986c57d19bcd85861214b6aa696ba3f568b687c

                                                      Download Submit

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                      Filesize

                                                      8KB

                                                      MD5

                                                      7dde2a57c48e5ddef11b7eda392d8eeb

                                                      SHA1

                                                      1f0cd9fcb68a7d31788f9ed31afdfcdb91523e43

                                                      SHA256

                                                      4d2f476e4cb727e45a13f55478fe67d0788c2d7db0012439777c03061875a660

                                                      SHA512

                                                      ee600145dfff7400a30cc90281de31efa02a792f44433972adf8eb8b2754a846f4c71cc0b04d01926e94faa0f3a1d9b423d500144b9cd4769a55b3a8bb777ecc

                                                      Download Submit

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                      Filesize

                                                      16B

                                                      MD5

                                                      6752a1d65b201c13b62ea44016eb221f

                                                      SHA1

                                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                      SHA256

                                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                      SHA512

                                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                      Download Submit

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                      Filesize

                                                      10KB

                                                      MD5

                                                      5ab47599331b59b08d2c814772dfcfcc

                                                      SHA1

                                                      0824661819a2434a45b2886c30adb8115bbc5530

                                                      SHA256

                                                      d0f868d2dac2ca6f21a9852dd7ba03a0f4675aab494bb11cb3128c2ea51b2129

                                                      SHA512

                                                      638bbd52c7487febe2308556f122f4610c3bd9f9d9917d56d2567fac6e68ecb00203971d59b2937922db03e75d4dd324e03fb6facf57a8e60334403054e3254c

                                                      Download Submit