b228bf9e967950b510ae5fc07dc13411351eae957f9eaf25d20f0aff30b646ad

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
16/04/2024, 12:30

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

f3809b56592f9ef69596fefdcbc2a974_JaffaCakes118.html
Size

31KB
MD5

f3809b56592f9ef69596fefdcbc2a974
SHA1

f8549be32e131256238501d8e70f4dcfcb9783a0
SHA256

b228bf9e967950b510ae5fc07dc13411351eae957f9eaf25d20f0aff30b646ad
SHA512

3e2a3dc31492291d9c62bac4ee2e2462c50cc824f51f7495b8f4733fa52f5d5fd139fd5874e19eef03a7bb0e885a50ce105a54757140c79c69392dea7a881c8e
SSDEEP

768:BIRIOITIwIgI4KZgNDlIwIGI5IMJ7StIRIOITIwIgIfKZgNDfIwIGI5IVJ7SAUne:BIRIOITIwIgI4KZgNDlIwIGI5IMJ7StW

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3464	msedge.exe
3464	msedge.exe
2988	msedge.exe
2988	msedge.exe
5096	identity_helper.exe
5096	identity_helper.exe
4612	msedge.exe
4612	msedge.exe
4612	msedge.exe
4612	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2988 wrote to memory of 3040	2988	msedge.exe	84
PID 2988 wrote to memory of 3040	2988	msedge.exe	84
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 1808	2988	msedge.exe	85
PID 2988 wrote to memory of 3464	2988	msedge.exe	86
PID 2988 wrote to memory of 3464	2988	msedge.exe	86
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87
PID 2988 wrote to memory of 4320	2988	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\f3809b56592f9ef69596fefdcbc2a974_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d5c546f8,0x7ff9d5c54708,0x7ff9d5c54718
  2⤵
  PID:3040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
  2⤵
  PID:1808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
  2⤵
  PID:4320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:3164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:4208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2072 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5748 /prefetch:8
  2⤵
  PID:3232
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5748 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4608 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,7245380265995706144,4575211354364612616,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4612

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4624

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:760

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1592

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5e2f0fe48e7ee1aad1c24db5c01c354a

SHA1
5bfeb862e107dd290d87385dc9369bd7a1006b36

SHA256
f13b3ebe8d71bd0086d5bb82364c35f59a95d32b39753af251e8639360e291a9

SHA512
140d026437fd5e8a874cd00b03950c8f010e1a0732a0a1cc5bdde477e7f8315ccb95790bb4c15b8dbaab9468ad532eb885b6c429300a64e39412d976d079324e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7e0880992c640aca08737893588a0010

SHA1
6ceec5cb125a52751de8aeda4bab7112f68ae0fe

SHA256
8649a39877c190ec740a5422284ec5f9ff509b30b2d7896635476873dd8824e2

SHA512
52bd0a38ca7f43b26731966035045b1cbd8b60b2d81bdf9aad791cf444da8af8b722ebf3cb364a6e660bebdf23084eb0e30bc23562575b704801669817549f8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
138dadc023c3501df996d580348db858

SHA1
107daa8250d2d2e38a380a5e10c4a350fd63cd55

SHA256
fc1653a622ceccaaa468507aa85056aabb64c70349d7ea78f8e102526488610e

SHA512
97c3196ab3045797b656bb122da43818c9aba371d3d462aff542221b7851cfd9cc6880280fb80546688c331dba00397b1186b3de0a271c311a10ceeb89a19ab4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
4a9c94c107837a204b5473876193d069

SHA1
1396ad4483d77937d1562c6d815f5543b5b49571

SHA256
803469ff0f61cef3560f89176f208043a147453e7ae517326f7fd72a1442c267

SHA512
c15a670bb1d7251d5fb17a7ced85523b374f83f26dbe5c2e68b04f23768156a119bc42e68eb0b701ceb15c5da3ca13bfea09ecea16a1434bb03eec8a98f66a00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
328bb5534d956257a27f1abb443427e8

SHA1
e7523ec106ee3b078b09203e1c6105a8ba5f91c1

SHA256
6c14177c06dac7fad15355963d6d70e45e5cb29d16f84434050a932667bd5178

SHA512
63130d7220a8a373dc8b1ea0f855ae3d4c4528c810a51a966c9cbd59e18f9ab204d6f534d64b4cc41dd23949533d1b080a0a08c6ef8583220140a1ddbc7065aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0649d5796834e42cb505be4ce5f89bf9

SHA1
7a14c55aa088b64e0a52f7a99571d5badcf21437

SHA256
7e15f65807d675b3212bb9606ceb87ce282fe9588088f4f062d486edb5229f3f

SHA512
0691eb467dab59a63d3333f0f829e8a2688f2226a80a009feaf2ef987747ec3f3df0f86d0c7052ea595698f3693c8ddf67f4c52de3222093a8c0b47a4c061b11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7db737dc1ffbac7673b324095be647c2

SHA1
0dfca1540867aa389d569abbd9324e1cb7b06a23

SHA256
a94b99e9b68b01d991f72dad34779b37c0dc8ad32633412e6697c34a3c4e42ff

SHA512
e3d760a9c4c0a6cddf5250ce28a3c7375e429e37e660673be4e9141b440ea3d896298f0b0b64ae0bb07b440d59e3a240a677ee93166ebd9333e784ca3913cd4b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
49819ee7ee36e7dbca26e918f3518c07

SHA1
0fc5f5c5eb950857ea3c37b82442dc1a414974a7

SHA256
c37111e8fbb82b75db5673f903819e7f3c9668e0a0a5bb58a43166b87de16e7a

SHA512
50c8ddc6e401de0dad04e1f069657f3890e6ef69023cebbde97d00c8bb5b682bf52c1d2da09ba50946bf95b7121a4dc49428003e0a79279151bcc917ae8ab8ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e4a3b691c4dc0c33966afae0f6ccedd6

SHA1
f9349d5b787a2c61ece25043d9a0b1ea349635aa

SHA256
65375ae710ef2ae502630a52603983a1f49bc01ba66027b1de26fc3037f05729

SHA512
86738e7103a3f38531ce0fd847772edd8ce409991cac6243f5b66cd6ab6f27fb121030f8dfeb8b28bb89c1fa934406d4550e03b53f2a457931fb3c32793bb306

Download Submit