e48f77fffc23774b3b9d485e130c66f2f191d84a7fc1f8b38f3ecaed6e21f6e1

Analysis

max time kernel
148s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
09/04/2024, 01:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e8f060b950ca56e5f95ec4391cfe5a94_JaffaCakes118.html
Size

57KB
MD5

e8f060b950ca56e5f95ec4391cfe5a94
SHA1

aa6d4620070fe443bf0cdc0b2d0adfa25b112517
SHA256

e48f77fffc23774b3b9d485e130c66f2f191d84a7fc1f8b38f3ecaed6e21f6e1
SHA512

e90ce0cd3fdfa043ac4182dd197c51279b8bb70ab4f932d18e824a393b1a7d9c34912c49518682af54343d2481e3c91f300fc5570c1f6d511143294017f33b96
SSDEEP

1536:gQZBCCOdN0IxCFNrb9fifEfzfefMf3f7fffOfPfLf4fUfaxfofHfgfcfPfufNfeo:gk2z0Ixy6cLm0vjn2XzQcCxg/4U321Wo

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2912	msedge.exe
2912	msedge.exe
4568	msedge.exe
4568	msedge.exe
4268	identity_helper.exe
4268	identity_helper.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe
2684	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe
4568	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4568 wrote to memory of 4880	4568	msedge.exe	88
PID 4568 wrote to memory of 4880	4568	msedge.exe	88
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 3336	4568	msedge.exe	90
PID 4568 wrote to memory of 2912	4568	msedge.exe	91
PID 4568 wrote to memory of 2912	4568	msedge.exe	91
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92
PID 4568 wrote to memory of 3036	4568	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\e8f060b950ca56e5f95ec4391cfe5a94_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa045946f8,0x7ffa04594708,0x7ffa04594718
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
  2⤵
  PID:3036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:2072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:3264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:1264
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6384 /prefetch:8
  2⤵
  PID:3888
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6384 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4088 /prefetch:1
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
  2⤵
  PID:1100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,2170726025736914993,1109873779412772496,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6540 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2684

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1300

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5052

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9ffb5f81e8eccd0963c46cbfea1abc20

SHA1
a02a610afd3543de215565bc488a4343bb5c1a59

SHA256
3a654b499247e59e34040f3b192a0069e8f3904e2398cbed90e86d981378e8bc

SHA512
2d21e18ef3f800e6e43b8cf03639d04510433c04215923f5a96432a8aa361fdda282cd444210150d9dbf8f028825d5bc8a451fd53bd3e0c9528eeb80d6e86597

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e1b45169ebca0dceadb0f45697799d62

SHA1
803604277318898e6f5c6fb92270ca83b5609cd5

SHA256
4c0224fb7cc26ccf74f5be586f18401db57cce935c767a446659b828a7b5ee60

SHA512
357965b8d5cfaf773dbd9b371d7e308d1c86a6c428e542adbfe6bac34a7d2061d0a2f59e84e5b42768930e9b109e9e9f2a87e95cf26b3a69cbff05654ee42b4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
198KB

MD5
319e0c36436ee0bf24476acbcc83565c

SHA1
fb2658d5791fe5b37424119557ab8cee30acdc54

SHA256
f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1

SHA512
ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
f12d7657e3d0c60f50f6c9a0cf568c35

SHA1
528c3d3196026870bf3e1c053195a90312cb1565

SHA256
12a025d4bf6bd0bcaa0d9889f1e97ddb199d70ecae6bdfc1165a759b266aa0a2

SHA512
07c253e2a66e46accdd38561ed41f6ec6c305c885000270750483d073f6af8c662eeed4b6b24d6c8199429fc7b19f7fe2622b89711bc2f6eb0f34df13d60b4b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
bcb2b3e6af83c4874e33b67bfa598e33

SHA1
067223171b50c17f4303595753104e17c36ff778

SHA256
624db2e7cc1b847ada134c050ba00d63fcb95a8732d5fe33fd8423dc3d4007ed

SHA512
3002471fbc1c68f42a76444b39eef43451f5b9db9de8a76a61ea872ede8babd1ba0d44a979bd78dba8535912154abe21dcea0af859e3dc35cd646128c40411bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a76e73d66442d0b671e984b6cce5cad8

SHA1
5aef9a3d054459f4d6bb75ebc6489559a7e64838

SHA256
a070fda74d79005cfc839e5ccf80cb8ab70b49d65c96db277af0f01c633c39ed

SHA512
1adf143974a082e3c31a9ac704fc2a3602458671c3cdd221cd58c3c3dd310e95d651d2f3d0f6161e58a96100f53a7d833337718d6a60a44cb09b6772790479e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ca8d80a61ab4ca34fb82c78a9842f1bc

SHA1
f41dd950d6eac367b5e52fe0a22d362757505ac0

SHA256
87fa9022c2d7fc315e5fdb548c545a806601d1272678fda716f0070739d0f29d

SHA512
7a58a50fa4ea8a3b5c7a7244cfe34f51277e9ea3eb88f3c601feb9e66c33be40d91f058ea0b0877b1aa7e69c0eb8b0e24c33486dcf5e017c30c412b290909fb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
9dd49974838c24e46a69bf920eecc76e

SHA1
1bde22fba1f70f5d89473c90390957b564b316fa

SHA256
02781b8edb2d40aba9014a14f3b8cf72604db7b2aba9453060a6bb7a1b01dca3

SHA512
ddacdbb4141d58bcf57d1f41c632b25089d7230be4ec477000e4444163e9b03354d34aaee6c615388fd8ce0226ca7fb08eca5693c05ad5481efe210b635a62d2

Download Submit