b5cab10fa895cd2cab7720c51b20f0552287deb8520a2f0d115eaf1866e0a994

Analysis

max time kernel
146s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
13/03/2025, 09:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_7001196c4a08a0e0b8ae20e49e1f15eb.html
Size

206KB
MD5

7001196c4a08a0e0b8ae20e49e1f15eb
SHA1

9584d5f3cad27747f19d75eec69e78ba495006a0
SHA256

b5cab10fa895cd2cab7720c51b20f0552287deb8520a2f0d115eaf1866e0a994
SHA512

2d9027f30b31e83119ca4699f5eb6761570cd3374451787550061c0a11bfd602abb9bbf324e4f31fd77dc875ee9dfe455f395f392e9844f6fcaa2f77f2d12bf1
SSDEEP

3072:7HVodJhPGodJhNTCMf/CVeLhysyWegZUFvhKEoBGO+QU4H6SybtSt:mRFlRUFvyIit

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2332	msedge.exe
2332	msedge.exe
4060	msedge.exe
4060	msedge.exe
1684	identity_helper.exe
1684	identity_helper.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe
3576	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe
4060	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4060 wrote to memory of 1520	4060	msedge.exe	86
PID 4060 wrote to memory of 1520	4060	msedge.exe	86
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 4016	4060	msedge.exe	87
PID 4060 wrote to memory of 2332	4060	msedge.exe	88
PID 4060 wrote to memory of 2332	4060	msedge.exe	88
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89
PID 4060 wrote to memory of 4640	4060	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_7001196c4a08a0e0b8ae20e49e1f15eb.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa207d46f8,0x7ffa207d4708,0x7ffa207d4718
  2⤵
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
  2⤵
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2668 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
  2⤵
  PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:3068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
  2⤵
  PID:2908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1
  2⤵
  PID:2648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
  2⤵
  PID:2340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:1
  2⤵
  PID:4860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1
  2⤵
  PID:3152
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5552 /prefetch:8
  2⤵
  PID:2584
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5552 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6336 /prefetch:1
  2⤵
  PID:3364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:1
  2⤵
  PID:4492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,10264074648955214247,4256207783705019880,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6484 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3576

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4828

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4876

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1204

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\5819e20e-336b-4c83-891b-76f355072bf9.tmp

Filesize
10KB

MD5
4bf1bfa6a3c1e79bebcb2947708c05ae

SHA1
2ce08aee09c38992f5da22e64e6ff169705fc326

SHA256
5bc58e530b73d29118772f699c43dc8eca32502743470e14570c985b1c84cdef

SHA512
c077f256fc43b4c6a8865db19261162481d477df0f212e6bcd881b972d15c73b7950d8bc99748e399fa63ae47d4586f897a61b079fb160740466dca40c0df95e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
395082c6d7ec10a326236e60b79602f2

SHA1
203db9756fc9f65a0181ac49bca7f0e7e4edfb5b

SHA256
b9ea226a0a67039df83a9652b42bb7b0cc2e6fa827d55d043bc36dd9d8e4cd25

SHA512
7095c260b87a0e31ddfc5ddf5730848433dcede2672ca71091efb8c6b1b0fc3333d0540c3ce41087702c99bca22a4548f12692234188e6f457c2f75ab12316bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e27df0383d108b2d6cd975d1b42b1afe

SHA1
c216daa71094da3ffa15c787c41b0bc7b32ed40b

SHA256
812f547f1e22a4bd045b73ff548025fabd59c6cba0da6991fdd8cfcb32653855

SHA512
471935e26a55d26449e48d4c38933ab8c369a92d8f24fd6077131247e8d116d95aa110dd424fa6095176a6c763a6271e978766e74d8022e9cdcc11e6355408ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\82e1d32d-d632-4183-abdf-71e747165e21.tmp

Filesize
7KB

MD5
fe0674b39fe06b57a264645200752f13

SHA1
0074ed9669cb04f1a4f34df4dd05501c74993057

SHA256
ee9d20d86683eb87f00ac7c1d246eaddb8b3564e7078ba40d1a3cc2971899bf4

SHA512
31ae136f15e771aa574d9c69cecdaa02ad9dfcc6aa40c9eac742e43a4c36a2e349433051628e534e2b6d172f87dd207f4f282c7dc67d5ff2b12a1460a50affd2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
20KB

MD5
162b642946a24839c05530fb1e6059c9

SHA1
077376b7a9f0305600a193d03f7efabbc2aaaed8

SHA256
03c8a9d542b931ca3b2d6a9236ab3af3f4897171727eea729d75b1bfcbd472f2

SHA512
fc77d2d1e7797f7586dce55e85046bd490c8821b8edef88a014ea5e7c5da22c258a9133e4fc303e134c2778e4005433f876e667c93187d399dcc1443695c3ac6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
ff4c340498c87bc9410fa52151bbd9f7

SHA1
da972e23512db575537469677583d6a201e5ea86

SHA256
544df0d7bdc8af70d5924153deefa55c25784dd586265ab1cc1938016a622972

SHA512
c4a57589fbfcc19aedefd882cc26fea4854d6853b73150f5de2dcf0631ae58b4d9dc82aaaf788708ee2515bf26ff9fce883ff87848e9ee77ad0ca86b74338ce4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
d06d185725eef2e7fbc460394c80b10f

SHA1
5982adfcadb77b9732cd5393f4988a744e33e1a3

SHA256
5264ea39f6c7d4571f49b5d0fbd191b4dd39020f5564a302c8e7d00505326f3d

SHA512
f88196991582498bcfee616d7886cb7080c0445eb7c7f93e388dff6730358416beeb4e313a8d25cbabb8a54b4fd53505d2a8e13d0404d6b2dc1a223100367191

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
801d247fd523303cf442b85e7fbd01aa

SHA1
1853fcec146f9724f3fa23b97dcc4a279b5ed83e

SHA256
a71c629e2028f6cf89b0c9c5825edf0083a3cefb5505a3bf297ffc065de7ce38

SHA512
f6c639c4e694b295c9e530fc77e58b0ebf276e529ff787c84c40b75cf57a0d9fe63f56c0bd68f490df01c4b518a5fec3ea5f4c5bf3380b3ff7299244c69922e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
74ec84472e7eeabb066f42f3949547cd

SHA1
7824552ce905a467e232021ee673714545e12429

SHA256
c07c15cb05066dc7017e3120f4e2c6d019da7822939def0d3807116c02e1319c

SHA512
7c745b6cb299420a2d38badf66808eeb12832829f07659e605776cafedeb0e7bd1c20af072d8644ddd6a37dcbac594473a9d5ceb7a75bfd4b7f6802c1482645e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
124fb56bea5f74aff77917888ae5b830

SHA1
0e2ca4c5e6229a77ebd7a6502360700cc42e52e3

SHA256
10233d840bd72998d3f2aa3afee667e0855c3d5030040b706864aa41ad862f25

SHA512
9469a04b08fd5bb7a03ee76038a39af770bc98e05d2711e30f92ff1af4cbb23c1638822e7af70499433abcc78a819596fe6ca696f8830c24d0d56e8535f16ccc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0c7767770dd5610524cbed5b400eb043

SHA1
612acd90fb48fec168fffc11a229a1a1635b8564

SHA256
22c61a448e8ddf0c48a0356f97725f32735e49e5e79098dbbbdf5cf8c004b5c6

SHA512
80f8b3ecf6101e9df906eeced3728cb376b635217a7066c59b25f4f47632e1841d51513798e29f3e724278f8325894d8d3bc39474b3cd46a5202bc58d76c4a57

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ba4972e3093baecdb965ce755c876910

SHA1
6ffaadeccb50eb146d9d952bc7c27bf20e119cb7

SHA256
e29a35c57d39a5b0deebf766d93947f6110ddfc6de35fe8cb50daa9ebbb3f269

SHA512
50e0752d1436eef8353873b70da684672357b99343e06d098da3c3130c1b825f22979a3d3c98e3da273452680fbead0c150dba3c93e6c036bde7f1cd92a20471

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
40dc7f9ff1d323de336e1c79178d9e88

SHA1
7e108efa0d143dfe4de42a8db34a6f7d3b64c5f7

SHA256
6909c5eb61125151eb8fa663d1464cc89de2b2940417284a418e31feefb2bf1a

SHA512
5f332c240077575f47b77f83a7bc396c820bb9b844b9952336706e30a3a4fd37111e37b21f0cc8e2e4a4061f83c3ccc7484df35eb9e9b0763bc398aaed2fc984

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58ba43.TMP

Filesize
539B

MD5
082dec4077d2ed6fa953eb497f017dfc

SHA1
082834a1c3dc94ac4fac836990f07eb8e1dbdf83

SHA256
dc6f5fb8709f27aee6999ef5ea3058661e605967bd80e219806c3f5f4c330467

SHA512
6942975fe544e5b63656ab76f7e7efcabd0924a7edd6faa338b76ddeb167626a5a05fe3a0062cc68b089955511427bcc98e62312d0234a815e33309236024e7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit