c3717bf2158cba4886af11dce059f81e1b70a693d0fac932dc06fde4516aec75

Analysis

max time kernel
147s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
09/04/2024, 09:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e9ba14106c6b0ae32a5226678cad1922_JaffaCakes118.html
Size

570B
MD5

e9ba14106c6b0ae32a5226678cad1922
SHA1

eb16e5ce669a9375d891e587a7017957c712dd6b
SHA256

c3717bf2158cba4886af11dce059f81e1b70a693d0fac932dc06fde4516aec75
SHA512

0cf8bba001de3f40304cd75bfa902d5d90976ce5dde711dd7ee74bf3931f36ea05a3415bd6907b89e3688cbaee5b6c893885be3b5dfc4bfe9dd005e2a14b1220

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1768	msedge.exe
1768	msedge.exe
3488	msedge.exe
3488	msedge.exe
4316	identity_helper.exe
4316	identity_helper.exe
2964	msedge.exe
2964	msedge.exe
2964	msedge.exe
2964	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe
3488	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3488 wrote to memory of 3896	3488	msedge.exe	85
PID 3488 wrote to memory of 3896	3488	msedge.exe	85
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 4444	3488	msedge.exe	86
PID 3488 wrote to memory of 1768	3488	msedge.exe	87
PID 3488 wrote to memory of 1768	3488	msedge.exe	87
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88
PID 3488 wrote to memory of 1816	3488	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\e9ba14106c6b0ae32a5226678cad1922_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdbca246f8,0x7ffdbca24708,0x7ffdbca24718
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2052 /prefetch:2
  2⤵
  PID:4444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2968 /prefetch:8
  2⤵
  PID:1816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:1096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
  2⤵
  PID:4112
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
  2⤵
  PID:952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
  2⤵
  PID:816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,11551953870850740933,16194522814212005750,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2332 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2964

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4756

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5088

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7740a919423ddc469647f8fdd981324d

SHA1
c1bc3f834507e4940a0b7594e34c4b83bbea7cda

SHA256
bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221

SHA512
7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9f44d6f922f830d04d7463189045a5a3

SHA1
2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c

SHA256
0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a

SHA512
7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
987bf5b0cf2184c2e7a1a440aa8ce1c1

SHA1
e4b1d7debbeb256b3a5d6cf017bb2f6004fde544

SHA256
4f2a9dcc93be5f5f21ca93dca68478a29b7a3b6b041434a1940a9a133c898ee1

SHA512
c01ab3ffea958df79b46728ca76c3741a1d5fc242996ac65a37559c6b8ff27f00a142afb5fb3ee4f1dc6ca8a154d4580a006aa315de64dc559705d4754df9c35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1014B

MD5
cc11ffda1106b1e02b93b052e8fc67df

SHA1
f6fbff57172e2db82007a2af94a6984e5c0b2b6f

SHA256
e321d67fe9f8ab4e7ebcc134beff9e5c442877cdc82f98be610db7961f73c0ab

SHA512
a39db91af23b4dfce186ee882b7a65d64b7d1c515aac027afd514887ae44d4e5f377437e4cad5c9ec72700c9cec5b8843e360edbfa1984e928ebf3c390beef23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d8c20a8972e35aaeba0673f8171901de

SHA1
e260ac1e72dec5fce29a4567f345c7dc164e0bd4

SHA256
493420818d126df2474b0f5a127f4784f8f90d8c659e6c1f414149bce62b03b4

SHA512
99ff0508c2b0eb95db8fcd830e7d4dfe8f689dde9e2e2154cef3c7fdb45fa17f3b1becf2ee221f853b52d28bb12bc09dc1ff9836dc6ce5359bff9e3b4a5062c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c87d6a315b6858ce903dbd0cdb7d4708

SHA1
46ae669d468bee05e4560e8b0a89e7e44df92d24

SHA256
0de121e0fb776ba67bc3a855dbb51bba1902209edf286d5b616890ae20428ed5

SHA512
bc8621256eb64ce68729da0122c2fe8e2e4a0c094aa01967b51f0d4390b6b6779f0f4881af5b6b5bf1726df8e82e1182abf0e837e4febe4ec47de4f287919835

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c048393369f5c193b232dc5243962704

SHA1
33cefb74491a931790173fa376575d573e1db486

SHA256
ea379f2d819ff6fd3278752ef9b520118679234b7e684ff914749b4a7a4953be

SHA512
a66dbf49ff3e265390e9b608ecd158ccf1acd38055760d3a54f1f1adfce634d9dca208847bf03e543684792381db8d9602f38aac01cb7480e1028043ea06d4ca

Download Submit