bcc8b61d6660b2ac72691603ad18a9f065fc32fa4fe96520428dd36d564c0597

Analysis

max time kernel
145s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
29/03/2024, 11:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

20866820e48cc9c20c7d6eb61149ef69_JaffaCakes118.html
Size

188KB
MD5

20866820e48cc9c20c7d6eb61149ef69
SHA1

c605f92451b6236ee7a1877a622d2c210f35ec0d
SHA256

bcc8b61d6660b2ac72691603ad18a9f065fc32fa4fe96520428dd36d564c0597
SHA512

dd96fa0cc873b84be4c8f91d5e212542844d4e1ec942429008045dad28a2e97ff7d29e9db81ad9fb89868f34b0d2a71894d4ed94ca811a104cb82085df1c5d35
SSDEEP

3072:HvnLyGzt2jdpCI2bZAm38Ek4Y8xeI6sIB50mEKgwi+FgbepR099NVNe1C/KDHdTR:HvnL8pCZH38Ek4asE50mEKgwiAfM99gR

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3764	msedge.exe
3764	msedge.exe
3672	msedge.exe
3672	msedge.exe
2572	identity_helper.exe
2572	identity_helper.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3672 wrote to memory of 4032	3672	msedge.exe	85
PID 3672 wrote to memory of 4032	3672	msedge.exe	85
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 4384	3672	msedge.exe	86
PID 3672 wrote to memory of 3764	3672	msedge.exe	87
PID 3672 wrote to memory of 3764	3672	msedge.exe	87
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88
PID 3672 wrote to memory of 4192	3672	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\20866820e48cc9c20c7d6eb61149ef69_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff971ed46f8,0x7ff971ed4708,0x7ff971ed4718
  2⤵
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
  2⤵
  PID:4384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
  2⤵
  PID:4192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:1760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:2656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
  2⤵
  PID:1080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
  2⤵
  PID:1008
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5400 /prefetch:8
  2⤵
  PID:4896
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5400 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:3044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4196 /prefetch:1
  2⤵
  PID:4176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2924 /prefetch:1
  2⤵
  PID:3936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
  2⤵
  PID:4092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,7926042962711039527,8321070513136428739,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1816 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4500

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5016

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2220

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f35bb0615bb9816f562b83304e456294

SHA1
1049e2bd3e1bbb4cea572467d7c4a96648659cb4

SHA256
05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

SHA512
db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1eb86108cb8f5a956fdf48efbd5d06fe

SHA1
7b2b299f753798e4891df2d9cbf30f94b39ef924

SHA256
1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

SHA512
e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
696B

MD5
dcd66c97e6e8b3e2b4d91717a44b6f4d

SHA1
9680bd0eb4a370936bcd3326d961fc53855087c5

SHA256
21319a253bba93aafa11c7f77e0e19c92144c01d59ea969f947f314ffe511201

SHA512
dbab7aceb8603366181352def1399068346d70ca5a450a72ced58fdd9049db3b023ccb3ebca3d42e54d61adab71bca6d3918d368c0a8bd30a3b5310810f50aa4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cceeedccc4e2c2620ae0c6d7d21abb74

SHA1
e07ede35ae9dc6394f8c1dc50279d4ccbfd6566c

SHA256
ac0a6d32ac2b3c57cb0bc1e727144ce4372e2edad13ccf93dc14531374e32839

SHA512
a56314116f25c7eeafb880bb6067f48b746e62a4b1d5863ce3292a53a44e0759e84bacf83878986089c8ef68da0471522f4e0a237602671bb05f2169aa5267ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
78f759effd2d82b40e1aa5bd827d7763

SHA1
9471d674e92ecf07a068024eb1c43994e240a7b3

SHA256
df777bfa74376eb5660a0e33890ecc9e89152b1eb493ebc242d6d72bfcc5c8d5

SHA512
4d088c7371878dca1dfecbe2d389364e9d1fce988f951aa751ab34df943e0307370572a99d4d722c7baabd1a3425b22bebb5a246ab7fd6941c59b6e039e368ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f4608bc5bfc0a3177d966fc5a13f6cb9

SHA1
5daa2bcd94ab71455dff5b4b724446f7f430ae52

SHA256
3f173db326c6d76d9acaae49658455cf162d646ddc398b79a2f4793b68abdde4

SHA512
766bf038e849374d90117c4b9630e3a208b3e3442dea34e9dc3e7ba8758d26c46c33d065694cd6e10d83fd8bcb135755aca104fe79de78f322b2e71f017ae040

Download Submit