dcea34421a65317b85eb08c9e279a029d93e3289e228b4fa094609409082ac23

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
11/04/2024, 14:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ed9c04c71846850519053b14047e6ff6_JaffaCakes118.html
Size

15KB
MD5

ed9c04c71846850519053b14047e6ff6
SHA1

7d70fa23f13bc0a21c74d1455f41fa4780947f87
SHA256

dcea34421a65317b85eb08c9e279a029d93e3289e228b4fa094609409082ac23
SHA512

d716071105f7ae6a580c79aa9cb88eb451207decc24d3682a94339b22d8c99ce7412b2333f2447b69f8c2c56a3935e85a0e4726bdf5e2fb97f3017683a87a8d7
SSDEEP

384:YLc0dvP2nzpa3aXj/0BFelKR2+Y5zMYab2V:ic0Qnc3aXgns6QMRI

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3460	msedge.exe
3460	msedge.exe
3104	msedge.exe
3104	msedge.exe
4108	identity_helper.exe
4108	identity_helper.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3104 wrote to memory of 116	3104	msedge.exe	86
PID 3104 wrote to memory of 116	3104	msedge.exe	86
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 1820	3104	msedge.exe	87
PID 3104 wrote to memory of 3460	3104	msedge.exe	88
PID 3104 wrote to memory of 3460	3104	msedge.exe	88
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89
PID 3104 wrote to memory of 2248	3104	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ed9c04c71846850519053b14047e6ff6_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffa82146f8,0x7fffa8214708,0x7fffa8214718
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:1820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2452 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8
  2⤵
  PID:2248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
  2⤵
  PID:2748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4312 /prefetch:1
  2⤵
  PID:2000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:1
  2⤵
  PID:2584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5720 /prefetch:8
  2⤵
  PID:1428
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5720 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
  2⤵
  PID:784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
  2⤵
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=180 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,15172743824710354398,2422644652060964848,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3100 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4124

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4232

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:592

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f35bb0615bb9816f562b83304e456294

SHA1
1049e2bd3e1bbb4cea572467d7c4a96648659cb4

SHA256
05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

SHA512
db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1eb86108cb8f5a956fdf48efbd5d06fe

SHA1
7b2b299f753798e4891df2d9cbf30f94b39ef924

SHA256
1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

SHA512
e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
198KB

MD5
319e0c36436ee0bf24476acbcc83565c

SHA1
fb2658d5791fe5b37424119557ab8cee30acdc54

SHA256
f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1

SHA512
ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
70781ddd23ea852f0317713beb1db5c7

SHA1
d332cce10e11ede28ab70f10dd7f21cd7d29b670

SHA256
3f096173eaf60c837916978686541aa520bad183f0c997a2ad912bfc9b3aa97f

SHA512
8cc2bdb8628264c5b1b75c1c201c856c8df90f8a5a9e72e8cb613b4fb2c50307aa77ff7fe1298d6039841f9a9b2f489b5c9c3f27cfebc637f93f9d4322a54a3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
c16f99a39e00b6cf8324df5d0d5b2f15

SHA1
ea8885ac0639fb29b224062434a0fd08d6fc074c

SHA256
10bd43631a5ffce31a0e27e65514936f9037badff15ab6167adb2407b9974b92

SHA512
fb0fca2967675468ed67ba340b5708eeb43f0ca1b4c24ddbe74146239952f80e22438350c0a2fa23ac6871c09a4ce0f8252befc8fe563b956906a86f6c292d72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b2d253cdab66a31b4a31d0255c5de084

SHA1
684020446f18623393f09adbf039d9037b68be78

SHA256
7addce0000cc63387815ab3f8b3c369521bf2a40fc2a079177ae65097b098678

SHA512
5022a9324c76e31318a40162fb83950a183d27b14c1b53ef7efd030e62d161d65221e9040e92be7993cfa32975a886236df6861bb768e05d3229c17aba311150

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2e117f0974a9795369247821a02bd455

SHA1
6bedca823ac870dce2cd32a19a3f07d31ec3b027

SHA256
a718a79ea897b4e34c7d96e0ccaecea47828b9740d118673ec584f003913dd94

SHA512
e96ec7d301310b9c7fcca17b0faf613ae38e9f2b2dbafea42a825aaa5c2a71137bd5d48f11259e44e2571292154680d2402545bb56c51febbb2d9a1fbc478ccf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a3a26cf61691935a1cac8c58e38ac1f3

SHA1
537bdaf05479976240dc9a4bcfd235dd04216771

SHA256
e9adacdf6257668b9f982d7d6a5c0c4a4d7ad3f27a8f8ba06d2651c20d6c5038

SHA512
da998a1d6ee57290a365fa5412e77e1926afb4397720db2fb04ee8066eaf8889cedc34a8e3a7f46f6af6288c76f6a6d51804b7c9979d866ff68a58a5d3100ce3

Download Submit