6bf5c9745df78eff89a0668c98e6ed9086f001294d564f3e7d49c0fbf957376a

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
28/04/2024, 02:49

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

04361742ba1e15731effcea4cf505225_JaffaCakes118.html
Size

7KB
MD5

04361742ba1e15731effcea4cf505225
SHA1

feb79d8357464df5400dd0a3ed2675a360c56536
SHA256

6bf5c9745df78eff89a0668c98e6ed9086f001294d564f3e7d49c0fbf957376a
SHA512

9c6187996a353eeb3e5e97fe3a5d1d53ed80bf8b7075b73397408b8b7d2df6c59b6de1404c7e46ccdca2e30b8f82f527e670630ade77db069679fd92c5d1489b
SSDEEP

192:J805IrZz3kvrBt8RGDUXds1Cj7Z7AdZDnl7jTu:JN5Ir1kvV7wXdgSt7iZDBu

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3664	msedge.exe
3664	msedge.exe
1888	msedge.exe
1888	msedge.exe
4440	identity_helper.exe
4440	identity_helper.exe
1288	msedge.exe
1288	msedge.exe
1288	msedge.exe
1288	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1888 wrote to memory of 1344	1888	msedge.exe	82
PID 1888 wrote to memory of 1344	1888	msedge.exe	82
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 692	1888	msedge.exe	83
PID 1888 wrote to memory of 3664	1888	msedge.exe	84
PID 1888 wrote to memory of 3664	1888	msedge.exe	84
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85
PID 1888 wrote to memory of 5112	1888	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\04361742ba1e15731effcea4cf505225_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffadca846f8,0x7ffadca84708,0x7ffadca84718
  2⤵
  PID:1344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2000 /prefetch:2
  2⤵
  PID:692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
  2⤵
  PID:5112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:4320
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5632 /prefetch:8
  2⤵
  PID:3516
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5632 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:4060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
  2⤵
  PID:4904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,17942292937097108230,11366173896540988427,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2324 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1288

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3196

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1632

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2692

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\873e03a7-b873-4710-a582-7067d0710e49.tmp

Filesize
11KB

MD5
c707faf86c58147d42bc2ff5d8050c80

SHA1
eb3ba5f672c9675e65262987d380e9c43ae5ecd8

SHA256
322faceefc20c1e3ecddcb3b2897955d80f31ce5ca68f9770c77cb630ca48db6

SHA512
4b02594638510424b270f98be81747c0315b16cb4f48a0f06c1f50c02ff29e590dcd587a772c1c0deb5d462e4f78951194390961b053f90817f1373129a4c972

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
537815e7cc5c694912ac0308147852e4

SHA1
2ccdd9d9dc637db5462fe8119c0df261146c363c

SHA256
b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

SHA512
63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b167567021ccb1a9fdf073fa9112ef0

SHA1
3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

SHA256
26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

SHA512
726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
e8338b756516b4f59856d908648caf93

SHA1
34718c12298585f27d4c95620dcdb37837a4d363

SHA256
bf1794e711aa8477926d9a9e3231f1f39c9f350295a584678f5fd1cfef280afb

SHA512
139b43947f4b9ac5006d9fbc23955f0cf25c550b5b38dc3d9336213ac3f0a63ef4f82730c551dd3a8cca5a7ab8a9c2499b1460952c86d59aa14459df9807aeac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
357c8099ec3d8d8e6f3d69b3e11291b4

SHA1
5ceaf67e3a88db3341f0cd2f2cb4aee289a39257

SHA256
1762f00634d43e3015468b7f590e28c2e1e1749ddd658147b4da41b12f725728

SHA512
5d5fe75ebc4654890887298843c1f15752a8adb70a2fc632733262555d8b3f2be2dff98a40026477e60629965bea436b38545b41016fae03153383aef9f7ae22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3ff43661e239b49aae6f95a82e4750ac

SHA1
846ece799453f716d975f5460ced9665aabf20f5

SHA256
44ce2cfc57b3b31321528b29a1a613d85b856281fe80c50dbcf20bcf0d467724

SHA512
c61dd68640cb79e2cefdde2342149a9b09baf25f80cfe4f4340cf4aa50e45e5f80b096ece829a4e130ab1c68961aa257f2a9a3d8873b7ea5c2a8a183188dcfd2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ffb7090ef15fc0311de0d8e5676c2ca1

SHA1
4020636759ff6dba2760b744b4789d54bb3f425e

SHA256
d651c83a4549bfa67b5410340dc7ac585c9414d82a9311ac2bc0b92c87013305

SHA512
8ae2cf7915e9d46c84ae5af3a33883bce84bad3f890661259ef85365b6d0822084414ec7b42fa00ecbf7f7f58e99aac333ba3907734241c8d117892bbc3e2bdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
69cfd78b437270b28ded1abcac7f096e

SHA1
92ba5e07686cd702998eb2f675db078195916288

SHA256
94cbee8159d7f1f3f51d48ebe595772f499e3437e60c7c8bb6de718f17bab802

SHA512
979edfbe4c1ab9ebafb4ccd99c4cbbbdaaef91946798d81b0ed15daebcbd0046819a12d45ce31279134de8cfe002212db66ebd6d4ebaf98d8e5e5098e0acc169

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
93c12033eea82f42fa2c86214197c120

SHA1
9d0a9829b40ba9ba24b3acf7481489c96c86819e

SHA256
80dda3e8484fd879f989ffe474ba757bbc12d638448e69cbcf98dcf5927d25cc

SHA512
b368a9af65deb5b57a70cc145ab1af91a5f5a64a1a3be6cfe1716ba7decc000d732b1ccfecf5c81b10e922fca8db5958f7a89f1ed77447dc658cf7c25a9c3eb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57bf68.TMP

Filesize
203B

MD5
7e5a171806ca0a0c5195639717d25c8f

SHA1
e931ff25a1e84b434a78604b87a057cd0d0c33ff

SHA256
bb9af9665ddb4543986e4e369c3bd2bb15030bd81a7bf55a63a34fffc7e132c5

SHA512
10f85d09fe543773221f7c1cc9ebb555c5932e51541e33f8aa1940d5ea36be94fbed47a7fdb3866e825d88cec0788b18ebf695e927219a0e20d2ac4dec434902

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit