be66d7fdb81fec5bbcffd769a4bab811eef36c150aad00b86a99ec1aa15f5d1c

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
02/05/2024, 01:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0d1ab1c2ec369d49ae2ffaf47d113a7b_JaffaCakes118.html
Size

175KB
MD5

0d1ab1c2ec369d49ae2ffaf47d113a7b
SHA1

23082d1493a54e6021c9ffb7e120a4e5b00270f5
SHA256

be66d7fdb81fec5bbcffd769a4bab811eef36c150aad00b86a99ec1aa15f5d1c
SHA512

4f7dd99391a2d93bf5058a67c456d1e3b6001e098b72b2a4dc8e0519e979299c0cab294efc95a3113465948cac9a5608689084919d71587120bd4b10a411b1af
SSDEEP

1536:Sqt58gd8Wu8pI8Cd8hd8dQgbH//WoS3AGNkF8YfBCJiZC+aeTH+WK/Lf1/hpnVSV:SHCT3A/FZBCJitB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1092	msedge.exe
1092	msedge.exe
552	msedge.exe
552	msedge.exe
2968	identity_helper.exe
2968	identity_helper.exe
3044	msedge.exe
3044	msedge.exe
3044	msedge.exe
3044	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 552 wrote to memory of 5824	552	msedge.exe	83
PID 552 wrote to memory of 5824	552	msedge.exe	83
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1060	552	msedge.exe	84
PID 552 wrote to memory of 1092	552	msedge.exe	85
PID 552 wrote to memory of 1092	552	msedge.exe	85
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86
PID 552 wrote to memory of 3428	552	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0d1ab1c2ec369d49ae2ffaf47d113a7b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffabfa46f8,0x7fffabfa4708,0x7fffabfa4718
  2⤵
  PID:5824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:1060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
  2⤵
  PID:3428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:3852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4240 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4396 /prefetch:1
  2⤵
  PID:1460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:1784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
  2⤵
  PID:1992
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5692 /prefetch:8
  2⤵
  PID:212
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5692 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
  2⤵
  PID:2064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1956,543629687769752580,388994769921168004,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4380 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3044

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4088

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4148

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3324

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b2290ca03b4ca5fe52d82550c7e7d69

SHA1
20583a7851a906444204ce8ba4fa51153e6cd494

SHA256
f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2

SHA512
704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
919c29d42fb6034fee2f5de14d573c63

SHA1
24a2e1042347b3853344157239bde3ed699047a8

SHA256
17cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141

SHA512
bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
9c7f837296155098dabf1f2ff69d6458

SHA1
84aa81df8ed5ff34f094d1ae1f8f85e6c8a61d32

SHA256
a5aa570de2bca866039f7caf70084ae7fefb1a6271e7966c4500ca0eaa76357a

SHA512
1a19a26ada9dc994c6169fa402cd4831cbd817497cef8e2c513096af7759bf933d067214a5abe877e3dc494f9bc8b3cdaa52d890ac0fb2fd99bd852f37b8808e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
3c2157cf08ba0d6720f799142cf31b05

SHA1
684fb50106514f43a2fb26dfaa8e9c7897eb050e

SHA256
4d35a7edd053fb06991a520f360ae6daa493ed5994c3372c5bf344e7736e1752

SHA512
a5d736b8c6d14142e376b498b3ff15143ef27a864f7309103c51600ad0aea93f0689829d5880d73c9e0747fcbbd2d1a26d37c5bce24db3f465a50582df9726fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
431f6bd002ffef107d6706f83ab8328b

SHA1
6adf2b2bb6d2e78279da8e43c1ea4195552e704d

SHA256
a1f3af2ed17b4a3ad1a59db74f84ac62e7fd4d56da19cabea7562fff797de0f9

SHA512
025ba3a6e697f6a869ba7eeac881b298956b1db54b6fe5b052d50e45607f48f3fc6597ed69ee5a162d27da8e1f6c67c655469311509fee755ed5a66d0c1de057

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
a8bc29c645baa1fde88f2146f7d55877

SHA1
250350d97dd8c42411b4312bb9af1781dee3b1f2

SHA256
799eeb649522f85776bd778d4c1ef01067b73c75c2500f1177bf9c4f7d1c54a5

SHA512
76be9123c7f0f399d9d38c8d7ace654d1bc2fe1e28f078042bf5b8472439793f6b6cad4a855948d24891e02b35b89414d4bc2481efa2aed887b42ce245537ded

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
fa03f0818d1afc25813477817357ba27

SHA1
d6f8b19d2dcc2c1a6ca09c3300dc9a0882b1b6ea

SHA256
ce87127c81501eea3d64c3d8a5f9609c59284d8a5f08761f0e8cd3cec685a806

SHA512
60ebc5522f09448d64808faf3d7492f50b832c1ca52ed5e3459363567d2c24e1e59a72d0aa7aa1b4523619c0b273416f2d2f9a5137bd544babe38c04b291fb40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
12c50402d7e9b099815ebe2de61a98bc

SHA1
0c225f2cd53de04822bf4a520365466bfad9bb54

SHA256
314563877a28b1d853011a0f9cabcb985578d20c73bab386da428d178428c5c5

SHA512
c7f51d064951a3e69f8902adf30c3bb4b274df907ac5599780446a4af2428c85034ea615c2921c40c64d670d369beafecaf47331031b8ab0712249a3cf37234e

Download Submit