7bc4625a561d031c7f04d6fffea82fcb4ba48467ad0b3bfcad281cd59a815d9b

Analysis

max time kernel
146s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
01-05-2024 18:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0c7d0fcf126fc2d5dd06eb0c49d3c947_JaffaCakes118.html
Size

73KB
MD5

0c7d0fcf126fc2d5dd06eb0c49d3c947
SHA1

f3a3f3a7e7ad420866ed4cf69e7ae8114812f32e
SHA256

7bc4625a561d031c7f04d6fffea82fcb4ba48467ad0b3bfcad281cd59a815d9b
SHA512

164b1edc76ccc68fa09fb5e92c1b744b0025c3f44c010e95ab9a23f60827bb47b49289773b28d80f6bd3f8be26c70378c26c3bf16d2157a7d669b5d9867bdd83
SSDEEP

768:Jt+upO1fyLZBnVWkO1fVcWyqN68aWLQ0pyywn/RjM:HJpKqL1KByqN68aWLQ0pyywn2

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
532	msedge.exe
532	msedge.exe
2276	msedge.exe
2276	msedge.exe
2384	identity_helper.exe
2384	identity_helper.exe
5312	msedge.exe
5312	msedge.exe
5312	msedge.exe
5312	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2276 wrote to memory of 3528	2276	msedge.exe	84
PID 2276 wrote to memory of 3528	2276	msedge.exe	84
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 4676	2276	msedge.exe	85
PID 2276 wrote to memory of 532	2276	msedge.exe	86
PID 2276 wrote to memory of 532	2276	msedge.exe	86
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87
PID 2276 wrote to memory of 4448	2276	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0c7d0fcf126fc2d5dd06eb0c49d3c947_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea46346f8,0x7ffea4634708,0x7ffea4634718
  2⤵
  PID:3528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:4676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2416 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
  2⤵
  PID:4448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 /prefetch:8
  2⤵
  PID:2964
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:1508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3748 /prefetch:1
  2⤵
  PID:716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,15929265234278921536,9696479177714422258,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4896 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5312

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4864

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3088

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b2290ca03b4ca5fe52d82550c7e7d69

SHA1
20583a7851a906444204ce8ba4fa51153e6cd494

SHA256
f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2

SHA512
704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
919c29d42fb6034fee2f5de14d573c63

SHA1
24a2e1042347b3853344157239bde3ed699047a8

SHA256
17cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141

SHA512
bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
99741fbd531b275c6e8052b49020a07a

SHA1
5cfdd033b527ba62d1d01f9c7b74fde258569b78

SHA256
3fdc8ea950b59c22ff2576f17afb5670bb9783e02712b79a43472d702a3ee43a

SHA512
056281a10b0799cfb966dc7a305a11e0b1513ff8b596d08edce8fb2bc9927dbcac7c7f0b7a96f6fb7087b4e079f1f43f2792fa6b46805699d69c99b310540af0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
253d2232249d0d28c51355df53d46830

SHA1
dce8fdbaf7824c2d6a817a734130b66e237bcd36

SHA256
decef0fa5167f478abc49d1a3916821c35fd7d78408b8b5b9ee4dceea4b2c197

SHA512
553dae3ab8d929d51f61762d78d0181dc7d9b6d5121cf39ce01ac14fb27ab440eb2fb2847f537b7f847530c17c90711b0f5df26a657cec4b9c82f733507b4f4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
66be523f8303ae9426461ce94991f8ff

SHA1
bc0f943eeee1f671f3813a1989213b6ad9873480

SHA256
09f659457b9e0c31769fe9e73d1091e1e0bd7a1460ce7e109c22d33bfa1491f6

SHA512
7a0b3ffa2f2a0d226f81ff89927d5d77a36f44925f96a54f12899554a660463ddb27dc21ec97f7c81075869c53f8078e5eeea1139b67c596f5759fb8a8db31aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
108c80fe2f0fc269a54e9296d6e9bacf

SHA1
cc01b823f57ddce7216441a42b55ba023158b25c

SHA256
0b62d55c7696fc6d11705259e3882da0d4e178cbf112ea2532923e4ec111471d

SHA512
29b2f8f47af3254ffc40896a1529c7dd5fc9f0a2683e1709e736745a8814032139a2262aa07eaf2d9040ade4e0d544dd0f599943f82fbb8854dad5ea9f6e397a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
99a16dd1ecf926d86d8ff7db70fe77d5

SHA1
1fa920b3391c5732d549c413f76ec5314944faa9

SHA256
cf1773187579884d2b135c44edebd60c41ddf7ba5abb0c60006898d3ed081467

SHA512
39f4b980f764347816b67285a84c36d615fa97801cfc83307a4e57c18908ca3e1ee7f5382239e5fe339ca629f11727d16c6a91baa421b98fae1278344a6ada96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
704B

MD5
dc9c6162b127129ec814a9b6cbb0f83a

SHA1
98f41a734d4371bbf8d8b77235ede20b8febb442

SHA256
83397117cce4754f072e9ae3a831e24e86f2099ad7856aace90e4566175c9ca0

SHA512
2abb3be8612ce11d20ca240212b600fa1796efee4c9dce9e285302d1aeed94f251419331465435d3fde31fc19a960dd5b863688ce0224467e92dd9f237cd557d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c7f3.TMP

Filesize
537B

MD5
c28301d77a225be8ab1e0de06df5d454

SHA1
7653eb3602734e1c113a4c4c0cd7f30963192de6

SHA256
5e92d48005e8dd2c05a62d8da368882b2a1a6d3ab438b5abadd66871c25c5f67

SHA512
1e55ac3c9715fc1f3cf369dbd80c35db1ca62087e5a17c43497894c8652a082f2a0e7760a969d4771e560870bba9783b8e66e76a3030e1e86564dd50fb445449

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7744d0bdeab9fd7495326a8d3f0243e7

SHA1
52bd92933ce6d7cdc90ef823582f2fde7d477b3d

SHA256
fd5e9d6c9e8b4ade84bd8eac484108ead0534b3985c459700debb71547a87038

SHA512
fdd0c54165763d6f85261f18bfc4b54cb789162b9f4830dc587efac9e27a3a1b2dc4c50b9ffc2f5c13b6617484a0f1b2757db095cc2f942c560159d8ea806d88

Download Submit