45d776809d718c71adf41c69e9a6521228b671c42eea6d45639b35d63aaaffd1

Analysis

max time kernel
145s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
11-04-2024 09:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ed23dddc7d20682932ec867fa0f651fd_JaffaCakes118.html
Size

432B
MD5

ed23dddc7d20682932ec867fa0f651fd
SHA1

6959d4b1aaf0f6aa5cc5739c1b674a8ad8d4a715
SHA256

45d776809d718c71adf41c69e9a6521228b671c42eea6d45639b35d63aaaffd1
SHA512

41b9be626f867ecc6f19be199fb5c150a8d5885f0e26d204ea8f9e9c64960d27447ecd7c230a1230c341673d1c1f8eb684c80acef643bdd0f582df928ee7886a

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4980	msedge.exe
4980	msedge.exe
2768	msedge.exe
2768	msedge.exe
3920	identity_helper.exe
3920	identity_helper.exe
5072	msedge.exe
5072	msedge.exe
5072	msedge.exe
5072	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe
2768	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2768 wrote to memory of 3816	2768	msedge.exe	85
PID 2768 wrote to memory of 3816	2768	msedge.exe	85
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 936	2768	msedge.exe	86
PID 2768 wrote to memory of 4980	2768	msedge.exe	87
PID 2768 wrote to memory of 4980	2768	msedge.exe	87
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88
PID 2768 wrote to memory of 2068	2768	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ed23dddc7d20682932ec867fa0f651fd_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdf25946f8,0x7ffdf2594708,0x7ffdf2594718
  2⤵
  PID:3816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8
  2⤵
  PID:2068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4268 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 /prefetch:8
  2⤵
  PID:1288
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
  2⤵
  PID:2340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
  2⤵
  PID:3584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1
  2⤵
  PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4340 /prefetch:1
  2⤵
  PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:1068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,18204995081669179033,12927966778646756766,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2040 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5072

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1064

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2208

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cbec32729772aa6c576e97df4fef48f5

SHA1
6ec173d5313f27ba1e46ad66c7bbe7c0a9767dba

SHA256
d34331aa91a21e127bbe68f55c4c1898c429d9d43545c3253d317ffb105aa24e

SHA512
425b3638fed70da3bc16bba8b9878de528aca98669203f39473b931f487a614d3f66073b8c3d9bc2211e152b4bbdeceb2777001467954eec491f862912f3c7a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
279e783b0129b64a8529800a88fbf1ee

SHA1
204c62ec8cef8467e5729cad52adae293178744f

SHA256
3619c3b82a8cbdce37bfd88b66d4fdfcd728a1112b05eb26998bea527d187932

SHA512
32730d9124dd28c196bd4abcfd6a283a04553f3f6b050c057264bc883783d30d6602781137762e66e1f90847724d0e994bddf6e729de11a809f263f139023d3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
360B

MD5
6e1943f5a783b2412c667b828592af5c

SHA1
983becf61c44577a68cbc6f75993f411a46884d7

SHA256
934af73b3ef7ca400e625fbd37cdbe89439c25a5fd7349c206a82b99f3d61969

SHA512
e397286603cce28ee158163246d9a788ba47c4fe340e5825f9b4b0fd7154f77663f6235bbe5e8adf18a4e1a576260186b4e29b4223c6a7f82e801fbc74351175

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c6b8952794750c098435a04bcadc8adf

SHA1
65d298afc835c4a061c4aea3581ce80521a141e2

SHA256
3fdbaae9763a1e7aaf9cd0f111a481fdb38ee32283eda7ea7d65c97b0de6cf34

SHA512
ea1484f671e0c5126d2eeaa999a87a30e6030db8ebc607680a1bc4ed476a51a225d24cd0583f9d430ae2df5afb884c37060e4c4c690044136868074c6a6e844d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
c81b7230db6f71b5cfcc3cb5a0012003

SHA1
fc0a9d016537c38247fdf4348ccf9794b752365a

SHA256
83d28a4a901bef5208e5970fa542b65be06212f95f14479026417b9c8c58d497

SHA512
9d6f0517087e70e4612efb3ebf62e140aae09099a534e4cb4a3111b3c768343d9843ce23d88380527c5a40deffa3c2f46b6742b884beab7ced967bed420bad6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
cb925dc3c7bb3be2fc9c7511979a0b3d

SHA1
d813554321841578760c77dc10f9471d48fe1dca

SHA256
8d129b65faf367764942beb7e9cb6561cf18f2dc34a4d394295e8f71f7ae0560

SHA512
2d7ec56bd9cf27326e3233d030778793237133bff931d1a3442236a0df51f586326f81b94652ffa4e0d739e551c0b27e6346bca35bd5b7a53c1afb45174810ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57bf29.TMP

Filesize
48B

MD5
428c0b4129ab8d87dd89a2aad224a17d

SHA1
4e71f535a918a0d339524df3714ff9bbcea3c893

SHA256
46bc12928e2efe02357f140c545538faaebed32388a283eb27ef1a019eb3142f

SHA512
205ac56255ccce97ea3077b6e074f453c67f3f238e6030937f40425d09f9ff7d12fc69c84108f27c0f332be4634fd8462c142702fcdcdce3892a48d1c613550d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
4b8b076fd052428ca5c7b6435a4c598f

SHA1
62802ba2538142f2d149a9de0dfa388918424ee0

SHA256
ba0d7f59b14aab35146defc72f5bb3e859555616a99a56d8ca08deea936b0490

SHA512
154dc16285bd515ef3a76ae87c76b44ad98fc8edaf8bd65b9b62a7b149bfd115fdf2d72c7ec88fdd93a2db5800d1a5ca4ff93317bfcc0d675a345cf3f84d82af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
6b34cd90459d01e5b71695764f4708b9

SHA1
e35fe67f96a7f92e166a39b92d6e60e6665d2f09

SHA256
d7639423b20c01dd6476a1e6a707ab9a4c184866bbd952d5037a1469d2bff1c1

SHA512
1862d9171100f2e433895952a08d2637da0dce45867b4d9c320bcd0c1f5620543b8458f5c41351237c6d30b8cb938d3791d949c446565c681efb2c7dc0268b47

Download Submit