9fed9ecc01e4b0e71c048757fa3540f9d1ec719184ded068f89d94eec2de2265

Analysis

max time kernel
146s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
13/03/2025, 23:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_7258eff1763fe56f9417a23b07fe448c.html
Size

36KB
MD5

7258eff1763fe56f9417a23b07fe448c
SHA1

59f76170881b97bdd295887a3d7779567088f54c
SHA256

9fed9ecc01e4b0e71c048757fa3540f9d1ec719184ded068f89d94eec2de2265
SHA512

c6a353b8f6d55eb4eaea5331aad6c48c3779606bb168059fa1cc7dd2b8fa2ffc22637a4e6ea7cde4cbcaaa0427f581ced27af5c780ab8112f3e59ebe137cf251
SSDEEP

768:Q65DmBQHS4pKbd7wqPjXcZtz892yR7Eqx/31299qfRf59YWmyqUml8TExiuWwNnO:Q65DmBMS4pKbd7wqPWtz892yR7Xxf12q

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2544	msedge.exe
2544	msedge.exe
3516	msedge.exe
3516	msedge.exe
4348	identity_helper.exe
4348	identity_helper.exe
1544	msedge.exe
1544	msedge.exe
1544	msedge.exe
1544	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe
3516	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3516 wrote to memory of 4024	3516	msedge.exe	86
PID 3516 wrote to memory of 4024	3516	msedge.exe	86
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 828	3516	msedge.exe	87
PID 3516 wrote to memory of 2544	3516	msedge.exe	88
PID 3516 wrote to memory of 2544	3516	msedge.exe	88
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89
PID 3516 wrote to memory of 2236	3516	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_7258eff1763fe56f9417a23b07fe448c.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xfc,0xd8,0x7ffec4ab46f8,0x7ffec4ab4708,0x7ffec4ab4718
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
  2⤵
  PID:828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:2236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:3120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
  2⤵
  PID:4944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3692 /prefetch:1
  2⤵
  PID:1880
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5980 /prefetch:8
  2⤵
  PID:1652
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5980 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:1448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:3668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:3936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,8009089647150498672,6329741734725786346,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5780 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1544

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3576

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2852

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56361f50f0ee63ef0ea7c91d0c8b847a

SHA1
35227c31259df7a652efb6486b2251c4ee4b43fc

SHA256
7660beecfee70d695225795558f521c3fb2b01571c224b373d202760b02055c0

SHA512
94582035220d2a78dfea9dd3377bec3f4a1a1c82255b3b74f4e313f56eb2f7b089e36af9fceea9aa83b7c81432622c3c7f900008a1bdb6b1cd12c4073ae4b8a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0621e31d12b6e16ab28de3e74462a4ce

SHA1
0af6f056aff6edbbc961676656d8045cbe1be12b

SHA256
1fd3365fdb49f26471ce9e348ce54c9bc7b66230118302b32074029d88fb6030

SHA512
bf0aa5b97023e19013d01abd3387d074cdd5b57f98ec4b0241058b39f9255a7bbab296dce8617f3368601a3d751a6a66dc207d8dd3fc1cba9cac5f98e3127f6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
20KB

MD5
162b642946a24839c05530fb1e6059c9

SHA1
077376b7a9f0305600a193d03f7efabbc2aaaed8

SHA256
03c8a9d542b931ca3b2d6a9236ab3af3f4897171727eea729d75b1bfcbd472f2

SHA512
fc77d2d1e7797f7586dce55e85046bd490c8821b8edef88a014ea5e7c5da22c258a9133e4fc303e134c2778e4005433f876e667c93187d399dcc1443695c3ac6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
9f06409bd738b03443d80fc3e34faf78

SHA1
d6d51499efb1aab7a295475ed9610e4a673a2a98

SHA256
0e1fc13720bcf1d46acd66ee06706aab0b21e8e20d01175c0a5cfe837ce337df

SHA512
e49c93fe65dd9f90b1a1853409e61c5b7f76c457072ee7b4e2ed11dd61b82e5069d559c3c6bcd22c011f86833483d05c33c82602d917bee50c5a0e920fedbde2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
1c6a8446aad30197773a31fbd4318fd4

SHA1
9785f41c0154e6c9a23468ca83fa5acbb5490df0

SHA256
35e70553428232b893c876cec64b4b85ef02b0c8d75e526b4ad23f4ff6dd2971

SHA512
deb776f72a66a2ffc47a4803328e66b687fcedbaeb862427b4b78699048303de87d86b1c8c17acbfb88b4790a0fefa387e736a59ad2231fd3f5645251f2b7501

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
12cb4bd9c3c17c3a0a63b705006b3872

SHA1
1294f07c3f23bee23afd6a4d1b67021398773b61

SHA256
741352342ff35ba17db3ffe1e9d29a013f0cdee23ab5a8f102140a25e90671a0

SHA512
46d9c09c7e3f23938292b4d64034d43150b00b246bf428e457ba7ca88e4be7072e0ca5e6d195033317522efc5c0b6ac5f370b8d642c976cc45a42d383917c4d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
482e7e595bbdebddd419bcc97b464afb

SHA1
71328340aa12fa6f9dc8a5fa4dd8cac7594c328a

SHA256
7d7a0f53bc845d0b6b490e5b2c9062a6f432c681c5323c79ea3d27b4643d5d7f

SHA512
a4d867eba39fb53a129dd7cfa69c06ef0b66c44b7f4e682b1eb6fe840b62ef3b8ed85a44c5b6043e34d9f9f5ad69bd5d72cd14e8e4b5f2f6ca950454636329e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1cbe95a50e78bff2ece5484523527cf8

SHA1
bb13f867da4732cc8538f3c217c2c865cf6eb742

SHA256
053f54b38677e6bc368deb5b4b30a1c450cc1f49035080d395fae2b6678522bf

SHA512
8af437432576985fe372f49345036b43ace1a840d572edf19b5c9b78722076324cb17f165d845204a95a10f06f8f353a3056831bd1c77a65b7fc54e8030439bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b9ab2873aba020ca99451c0d4bcf8ed0

SHA1
958320c0233017999cb566b72a78ff57553f179d

SHA256
5932b6ee5a77648fb61449447c8e03a6d708dd14111648c7ddfcb22b983b7291

SHA512
91a69a5c4ceafcfbbabc12e26d627f66a7dc8c56dda947b707f432cd446dfc7244c26e3874eaa5bc78341309ff161bc5da4cf62edb05e374f469d684d4df7098

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
40d36695f0f869dd498bd90a2d06fcca

SHA1
cf5f3371010ada451b85dfd9f2650c6265eb60a7

SHA256
9bb04582ff38f2550ab311e0c007577becec6b3392854be813f0303601d56d74

SHA512
3182a68330de3817f64e46103d63e79e37a9941594820a49a1170e5c8e9653f4040e90f1a3a510f38d3779bb9f5289dce84486351428a0ddd4ea99aa25aebc04

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
28355d2f1d4f0eec4959f16a86bde9df

SHA1
78490f7bf5936e811b6b93b84243d00c91601d49

SHA256
a5619a120fde3093c45b91542d8aefa21f8f7579de42dcc77ef583c1ec3e2681

SHA512
75cebd31cb769d841209df842405683b5bd7cd2e1649bc3b050bf7a0122ee735558a8fa6f2813f5f0a16ea74fde45c9656d5031aa22d9819d672b83022293a62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580d2a.TMP

Filesize
204B

MD5
7c80ef037fb51a3d9b8c2e977a30620a

SHA1
1ac055de54de95a64112177b319135cc22c6a6af

SHA256
6757399af9963b09604e11aac740ed1fedcae14d46f643e0cd1220d3def77a1f

SHA512
899ba668be8a8634053b0e284774b1726d972a6802d9f505897d60e0bb35b827289ba26e80ea8f96c281b0a54c12cdfe3b10a87b34fcb1d11f31d9d370d2789a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5b5f53d025500bae4129948b6a564884

SHA1
c9564570cab6de518434104bde3498c843c44a6c

SHA256
041edfe7e73b2262f900e6cfe2ec8ef49e4e9b327aa5af9adc6aec09c6fb2604

SHA512
6461b2cbd4572768361590616fc9ab3ee514b2006d3bb5f392901dc7d82eeed1b91c0da0b1e6718e7f0a493c266d688195fce1d8bc96180707efc31ecf944950

Download Submit