4433a1ccc3389428e48cf127806000a2557fa6c5786c55922f2bbb514eb967a5

Analysis

max time kernel
146s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
11/03/2025, 12:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_65550d8c0ecf9a530a804db7f02df341.html
Size

64KB
MD5

65550d8c0ecf9a530a804db7f02df341
SHA1

3dc0800d8fae09ba2cb26303d272aee1dc663039
SHA256

4433a1ccc3389428e48cf127806000a2557fa6c5786c55922f2bbb514eb967a5
SHA512

676bb50be9eb7c130098586aef80c87318972d028552bb20e691874adb9f1faac0dc6444ebdc2e3bac16b9dfba89add98d79b7bfb130593b755b642215b97207
SSDEEP

1536:okZ0s6mHeaGBe8MFdUnOjGR9ZgD8ujGRhFMEePxb6w3NEpImTHfKevEhyjbGyzQx:oUoemOMZjumOPIDsF+1D1q9dX

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1048	msedge.exe
1048	msedge.exe
5068	msedge.exe
5068	msedge.exe
3680	msedge.exe
3680	msedge.exe
3680	msedge.exe
3680	msedge.exe
1880	identity_helper.exe
1880	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5068 wrote to memory of 4252	5068	msedge.exe	85
PID 5068 wrote to memory of 4252	5068	msedge.exe	85
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1132	5068	msedge.exe	86
PID 5068 wrote to memory of 1048	5068	msedge.exe	87
PID 5068 wrote to memory of 1048	5068	msedge.exe	87
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88
PID 5068 wrote to memory of 2388	5068	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_65550d8c0ecf9a530a804db7f02df341.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe4fbd46f8,0x7ffe4fbd4708,0x7ffe4fbd4718
  2⤵
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
  2⤵
  PID:1132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8
  2⤵
  PID:2388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2156 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:1320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
  2⤵
  PID:3124
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3520 /prefetch:8
  2⤵
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3520 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5096 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,14451536988881470194,11143617871010733407,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:2112

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2732

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1124

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0d6b4373e059c5b1fc25b68e6d990827

SHA1
b924e33d05263bffdff75d218043eed370108161

SHA256
fafcaeb410690fcf64fd35de54150c2f9f45b96de55812309c762e0a336b4aa2

SHA512
9bffd6911c9071dd70bc4366655f2370e754274f11c2e92a9ac2f760f316174a0af4e01ddb6f071816fdcad4bb00ff49915fb18fde7ee2dabb953a29e87d29e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a4852fc46a00b2fbd09817fcd179715d

SHA1
b5233a493ea793f7e810e578fe415a96e8298a3c

SHA256
6cbb88dea372a5b15d661e78a983b0c46f7ae4d72416978814a17aa65a73079f

SHA512
38972cf90f5ca9286761280fcf8aa375f316eb59733466375f8ba055ce84b6c54e2297bad9a4212374c860898517e5a0c69343190fc4753aafc904557c1ea6dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
c499c41bbb099ddd9ad860ed1c7d28e9

SHA1
81a8055d73a5bff6826f6bd631db6bfcd12b2242

SHA256
573dcb35bef8b0c65e96aeb0334c8d6de182301e615051a488afbc79eba214bf

SHA512
be8f9583a43adb0aa38899a442bdf5dff9e20dc78d347dcd7d1a822ceea9150be030df63ec08256cbef7e3c7ea5a13906de2e830ff8cad13854ca7cd3e3be751

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
45b2ab355f9779f97dc89cf3491b558b

SHA1
66708f4f50bd195aeb136e1828b419555c607748

SHA256
0722b2b645af117b4067d89da6cef7666513bbdf3d96dd64cf579d25187a9c8b

SHA512
e548e0abffd65c9e7c305d57399155c15ecccfe1fb973dbe2cf2cf5cddb5fa9c7de51a0a569b6cc235e02d42e99ccda1c0f5c396f047d07e1c9e77c98e9320db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6ffffc99b8164547933aaa135b4aabcd

SHA1
5ebb1d434a75628e48d167298f1455ae259884c2

SHA256
946909938f04eb10033a78c7cd1bfaa21f59e8a12d158ab01fa617d2126ba772

SHA512
246da601d07f2580862a25d1b6f35dd9f860129beca15432ded70ab89198151fa39a772de557c0aba9e1e56272e928729922713cb248c63041067c5abba5fdcb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
13000ccc48490f9c9838a8c6ee86074f

SHA1
e7702eba2585f4fdf6bae7f5c612902cbf9e186c

SHA256
7742a00c60553678cda9c134ab917e2787ac342f8f0d9fb0f2cce58fabd54e3e

SHA512
fc94d0427887745ac3e6a63c878d14e66d8ee2297c78966de620b73a1529d0b61fb16365c4f95a341c3551211d008854252d6409c57d9418621d135c7b96f1c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
c4169590e6e9c0bdd86618d875143ee5

SHA1
449370bf9874d089d3db6377a4024398befa9096

SHA256
715106941cef1afb19cad45387d896584b579ed829d0b4d2af629cd41fb82a1f

SHA512
86f158ce9db50a335a2fee36f16845429174ad4edfa708bc8183c0e1b2cd5a45cc6027068ff80272b754377effa6d7d36af00e4ff26c9652d66734a56fdb2c86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
c8a56db74b4780466ad868704d621d7c

SHA1
39c507ad9f9d42139e9ce839cac80cea7a40aaff

SHA256
82f0f569ecf60326ff1154e0093e0b94be2f34cac18d7c5e7b78d3b9e4d45612

SHA512
fb3e030bcfae7c5ac7c115a5db6c3b86b68d0c0ca07a13abe9af9d9e45cf225c699a9ece395e119f641425cafaa7d26fdaa94f824d0c2c6e6a5a6738e281f8ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5815a6.TMP

Filesize
371B

MD5
34f9201d26895f10de742fe517ba7961

SHA1
3a01ee3729d19095dd75adb0ef5c3ce71e326251

SHA256
ebc2593965b1cf796fc1b2766b185165fc0e630475d00335c19c805bc40764e3

SHA512
4b827e6bb898fcff35e8890bcd3552a7224102d80e194b38eb0fdd123c705b6e6e9986999e7aa71e9dd4a0865d01bd133199f8ba5d60d546130678e5ad4ef38b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
743774b91782205c7ba9e26bd15025b0

SHA1
3153c2ca3304319e0ee6c7fb961ebb35abbba471

SHA256
8e4267a8a601ab00ba7733cfafde832c86b6249fe359bd3aceeb83d4117a4dbc

SHA512
b225bef558bae84d14749a00a0b1f90aee0761d5e4b2d6b3c16a8a300eacfb64845a10747847d26c545db097c415eedab10a376bf3fa1432288512249b34f679

Download Submit