b425662086e876811afc32b2aaeeb5002b61e1b2b971e81b8ff5fef4bab66d28

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
10/04/2024, 10:38

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

eadf527eb15e7d090b776d136e99178b_JaffaCakes118.html
Size

39KB
MD5

eadf527eb15e7d090b776d136e99178b
SHA1

6e5824c0757cf02e494709ddd5ea3e8e0bae73aa
SHA256

b425662086e876811afc32b2aaeeb5002b61e1b2b971e81b8ff5fef4bab66d28
SHA512

b11769f0fe256ff6bb4b82c83ca64be9fae9322a320b62c468f45f18a92eac88b93ddc595ef3bdc890782d10a7434e2a3212813b394a18126f8e5658ae38674c
SSDEEP

768:u4kA7PORIq0W6r6f349eECXScIrHdlqY5B0XQkPpL3k20XVEuFV0XV4+qT:VkATCIq56rrMECXScIj7zgQnrVEAmV43

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
876	msedge.exe
876	msedge.exe
1548	msedge.exe
1548	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1548	msedge.exe
1548	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe
1548	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1548 wrote to memory of 3760	1548	msedge.exe	85
PID 1548 wrote to memory of 3760	1548	msedge.exe	85
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 4596	1548	msedge.exe	86
PID 1548 wrote to memory of 876	1548	msedge.exe	87
PID 1548 wrote to memory of 876	1548	msedge.exe	87
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88
PID 1548 wrote to memory of 728	1548	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\eadf527eb15e7d090b776d136e99178b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe221b46f8,0x7ffe221b4708,0x7ffe221b4718
  2⤵
  PID:3760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,10411919845914378464,16723551054613981087,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2224 /prefetch:2
  2⤵
  PID:4596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2200,10411919845914378464,16723551054613981087,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2200,10411919845914378464,16723551054613981087,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,10411919845914378464,16723551054613981087,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:4456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,10411919845914378464,16723551054613981087,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:4196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,10411919845914378464,16723551054613981087,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5092 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4392

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4256

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2420

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4d6e17218d9a99976d1a14c6f6944c96

SHA1
9e54a19d6c61d99ac8759c5f07b2f0d5faab447f

SHA256
32e343d2794af8bc6f2f7c905b5df11d53db4ad8922b92ad5e7cc9c856509d93

SHA512
3fa166b3e2d1236298d8dda7071a6fcf2bde283f181b8b0a07c0bb8ba756d6f55fa8a847ca5286d4dbabc6dace67e842a118866320ac01bd5f93cccd3a032e47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
19KB

MD5
2bd5ff47201c524c33545c154446926d

SHA1
edc55cfadd8d17b5c83dd3cdc1e7bbd1ca16e643

SHA256
b72bf5dbd932b317bf034fb0a8d1bf0754d22319c5b16b055ccc71577f5cd3f8

SHA512
a0430c90beec81fa0d54f843c76ddde9dee5d04c7c1f24b7e4ec3cdd63c87698e0cd3bd07aef3d7a2cb1e5ec4d2873ab5c12bd7554891dce5b8c2d60206e47b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
394B

MD5
0d54b8990583d1cc868a9e46b0dd2c91

SHA1
e4210c3ac32ac760e06c6bb94fff956d35197ad6

SHA256
1dee2aeb1af8d36e2b256ec2e551e15b777a1861e01269109be0ea58768f65b2

SHA512
4fe6c17edfea0861127431c97aa8d11ea5bedc5b6d44d816fd022d45806abd208896b0d49c7d3c4b93e9ca45db6f556f8e13ef665f1d2f1cad20e1bbc7615df7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
63d76be9c0fbfed5cca61b22c0310a5a

SHA1
278a8d9c54bde70a31184e9a4d7c484b5e64c940

SHA256
da4109b3369b789a4859912e1712ad5829e4513a1191c36f5c339db5b9e005de

SHA512
ffd6c1d50f2a8a591ce1e42985140699eaee4a8adf1bf30e89df9abe6e50ba943f0fc57fedbfcafb5bc29ab907b28daa1fe05caccc1bf2e3819d807bca61a972

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4409d9e4aaeedc5abbf19ea3feb3610b

SHA1
105aa2da9cc53ba88b323c17f334d98e5cac2b99

SHA256
b849f5938a31681e5df011eb9b12a9b2aff9ce256f1162b4a4e11995d1812cae

SHA512
31a9e6ea8ff4ba195af6a05e519973e96ea0aab9b44939e8ab4fec2c8a3537770fe3a2897e1a4664ac1ffcde768369f5c874a1519d2079ce48b6cd1b5a5e1994

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
57103a922540d630ee1acf4266dbb522

SHA1
4c150c78804d94d84439dba751e28624aba95e97

SHA256
33f8420381c2c52d17f7e19e3a27a3aec516092cc4bdcfc2bb52ec9c3535a6e7

SHA512
899a3a4a432b2c6c186c0a89a94dbd298d560b05a1457d8d12b724cd7552208a3de712a2e9d84790ffd939ac2a288b81eecc33db37153af4c4ff56ec9e555e76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
10156b9071e86613cb7d4af227bc0fc5

SHA1
b758eb45f9211146da910759f41926798384ec4d

SHA256
55307fd9f4fb381d6802088871ddc44e11ee16bdedb5394bb5340493bf14b35e

SHA512
7d1c92ac77d16cc1a4df888073112b308457ae848567e5582c01b020a4815b409edf21818d70f9ff96e7c2b106caabce8827f643fe5f2d58a61cc6f3c2e284de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
5e34d9956e8b8fc319c91339457f65fe

SHA1
871c35878767735be41c11316d548fc3bf7b6d42

SHA256
e5f64513accddddf2479422e5f8abe8c8269977b0303473ebac0214ade22581f

SHA512
8a9d922794ed840536fe4e6c83e18be4896b3043c33b2aff3cfc6ae58f4e52ce00a4efe69cfe4c5df7404af3087c8e8e1ae533ea1df440c316bc740b44ca7423

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
704a653e62de82166ef4d173b2fe16e5

SHA1
180575d52d2eb3285414497a76646a2816a0637a

SHA256
a9d6e0d720f8aa7891ce2bf77b0e3965cb62d1239858aaab0034df4a3a64237c

SHA512
3672a36f455e24998560f2874064693b73a9f40cdc86771674afe57a31ed03e7d5233542a882ee164a8b098139f0e4215ff246894da10af37540ce7e58780ebd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
19880d4ddc715aa7675439624dbeef6c

SHA1
0b102beaeb34a2a27555fb2c9eac34c98a67700a

SHA256
cd84481195752ee9cf0546b1dfb3bd645cd06822f6739d1f27a892c225165b36

SHA512
55d435ae97a45568928b8ca436777fc447f77059c622cb8e93805fca990f966b0562ca4b4d4d7ae5518ba5a99441f0652cde08b9e5f83ef2906e5cac93a6b17e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
3eabe07d7846ad67fbbe9b55606abb19

SHA1
63a0dac8ef6b916c5afe0a7e7fc505a0431a2c8b

SHA256
f5fc97fbad98efdd9109edaa787f31463b08182551f7ed653c798d452019554e

SHA512
ae17796a33cb1f8ecfc151c46eea61b9818a177ea1c8add9469a26ace4eddfbc215edf6e3c20a60da2dec28423401f2b2e5847bbe8eece7c6a36b8899f656fde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a0cb44a7e70129cf5ae766b311d4dc5d

SHA1
95d7ea06826835e9df086aa6c60158f9168d5923

SHA256
5511c9da70541d7e2d13f224b15e369b3e623eb38c35c6d09e00bf6cd0b668a3

SHA512
e61a69b1aff58cb6be4b74fc076abb753d03f20163937000d8308578ae7891452b61f41fd0a7252d7949b0bdf08b41c310096ff3c3d3cc4389e3edfd64358ffa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c8665631ecac50932001de93e1bdc855

SHA1
bebe4ff7e8e1ad17771df8bbdfc4850885b3da4c

SHA256
c4efc558e92667793b34e7befc6ce8c231cf27a40adf7a8fbb2acad651848f75

SHA512
9fcb5224ace6669f5ccf72117869f600238e6d0e58733f6a64e35c7d3e4b9c01ebad46a56bc0d4a85685966244c3251724a7c0e9209025f93439aff33fe0694c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b8d783bec602adf94af9ad7ff18ae720

SHA1
f7771be918d2de8d76487bd552f90d558c4bdd10

SHA256
a0ae5f8cbbc44fa08d626c42321a46a37a0349ee900e7249fde213582da0ec39

SHA512
b308e5c237d795a99fb61cc633a573c8865cdf187938ccb5e8c5a481c9e17719612fa67b5b64405fbea61215ed852066b985fc8c9d815997df09816805b56d2a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
c2ef1d773c3f6f230cedf469f7e34059

SHA1
e410764405adcfead3338c8d0b29371fd1a3f292

SHA256
185450d538a894e4dcf55b428f506f3d7baa86664fbbc67afd6c255b65178521

SHA512
2ef93803da4d630916bed75d678382fd1c72bff1700a1a72e2612431c6d5e11410ced4eaf522b388028aeadb08e8a77513e16594e6ab081f6d6203e4caa7d549

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
44ee5c02fa0c25532a48e8972cbc23e9

SHA1
956362bfabef2910cdece8a4178914333810bad5

SHA256
dbe34a6ffa666a21a49bebe7168a93919a841f856790725d0b5a6268ce1c721d

SHA512
7e71bfc363b00d39d81a62dc95fa8155ebb6e995b285801dd6f2abc6acc68ba0931e22e0822379fe612cda6ff283a4139d509808c51c4f504b62279af96f4c3a

Download Submit