fa5fd41f4f75f1b9a21a832bd6bf87cddca7b0e07b812c5b4cd621f0bfcc7de0

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
02/05/2024, 06:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0dbc8f7819b7076ced03579db0a0a392_JaffaCakes118.html
Size

175KB
MD5

0dbc8f7819b7076ced03579db0a0a392
SHA1

bf45e702d8e93dbe3953309834b7f8c72d2e8dc7
SHA256

fa5fd41f4f75f1b9a21a832bd6bf87cddca7b0e07b812c5b4cd621f0bfcc7de0
SHA512

4f9cd8882a39a037f0d3cf34befab25752d40ca92aa6691d971c665a8d52e3b876702b87140ff6ffbfefc19befb7d29c56a4416fd41f357565a836b50d2221c9
SSDEEP

1536:Sqt+v8gd8Wu8pI8Cd8hd8dQgbH//WoS3xGNkFhYfBCJiZD+aeTH+WK/Lf1/hpnV+:SoCT3x/F0BCJiaB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1208	msedge.exe
1208	msedge.exe
808	msedge.exe
808	msedge.exe
1756	identity_helper.exe
1756	identity_helper.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 808 wrote to memory of 3124	808	msedge.exe	83
PID 808 wrote to memory of 3124	808	msedge.exe	83
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 3720	808	msedge.exe	84
PID 808 wrote to memory of 1208	808	msedge.exe	85
PID 808 wrote to memory of 1208	808	msedge.exe	85
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86
PID 808 wrote to memory of 2004	808	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0dbc8f7819b7076ced03579db0a0a392_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa0a5546f8,0x7ffa0a554708,0x7ffa0a554718
  2⤵
  PID:3124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
  2⤵
  PID:2004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
  2⤵
  PID:4908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
  2⤵
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:3268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3500 /prefetch:8
  2⤵
  PID:2044
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3500 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
  2⤵
  PID:1988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
  2⤵
  PID:1936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:3400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
  2⤵
  PID:2120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,4718498633775845716,573139907505464609,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5796 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2304

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2824

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2300

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3244

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2a70f1bd4da893a67660d6432970788d

SHA1
ddf4047e0d468f56ea0c0d8ff078a86a0bb62873

SHA256
c550af5ba51f68ac4d18747edc5dea1a655dd212d84bad1e6168ba7a97745561

SHA512
26b9a365e77df032fc5c461d85d1ba313eafead38827190608c6537ec12b2dfdbed4e1705bfd1e61899034791ad6fa88ea7490c3a48cdaec4d04cd0577b11343

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fbe1ce4d182aaffb80de94263be1dd35

SHA1
bc6c9827aa35a136a7d79be9e606ff359e2ac3ea

SHA256
0021f72dbca789f179762b0e17c28fe0b93a12539b08294800e47469905aeb51

SHA512
3fb0a3b38e7d4a30f5560594b1d14e6e58419e274255fb68dfe0ca897aa181f9ce8cb2048403f851fd36a17b0e34d272d03927769d41a500b2fe64806354902f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
1d49f69d52422da2ded2a0b0cbf070e2

SHA1
47033c8389aedb95c6328c18714db40e7364cd6a

SHA256
c620107e46b4f8951f9db5ad39af5339035c05a1fdf7c304d9d6c8001718dbcd

SHA512
1e379d2f3c553568d910de6bc77e8caf36c295de11977cf9bc1563b5a0a554ba0236d34d66c7f5417ac069b0e8b6a954f6338996ffc19f497e49c5f616eda459

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
520a7cc4d892d4daae0800a19c44cb64

SHA1
016b4129b02480b63ced6c4077b2ef243acac4bd

SHA256
c8079246228058805ca17ad0ba3c82632c87ca2c66b18eaeedaeffe7684b73b3

SHA512
4ae68c412131feba3e3fd64066d427693817b868ad7cd5fdc655ded44c4b5a3c16b4f76ae4625c6e8be2e3af6dbb23808c69c86619c4158b861b20c05da0a09d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
fc584485f366e132d4f46a44d87318ce

SHA1
c971f8a052d95951c9d32f4bea35ac9747b66098

SHA256
31f3c4d69360ab422481e7e90d815724a25307dc84b2ffd8856a84c6d8d5f01c

SHA512
0859d8a02964917ae53508bf62c24aa8280f93160b03e7259f8c072e967b6fd1cc89b9baeab94b351484d633a5b3accd8b8e5c988475fbb0e562057a6d57e46b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
219fb3c6b11c36d410acd80f33b7c81a

SHA1
2373c6afe25b36fcf9d14a5c4484e044ac65ecfe

SHA256
c1e6605002b67e0dc100a99eb0bc4e3a544e6b57ba9f144d9fc722be8d642860

SHA512
d9464114c2973598a3bb047a623ab9f7ada6cb3d6177bfdac5ba1172972aac85754cfecc99f49a4dbd7ada00ec901d0909b9d27bd9208c025fe182f44e2a4e9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
6c75e2d262a491e00463956fe609639c

SHA1
732a263d3303bde5244b79677a4a9bad5079be50

SHA256
216c77faec82c2f64e54b6e1b2028c865f6951e25bed132c9dc2939f8e02178d

SHA512
f61eedf46c92c314031dfe1dde74450238a65981f5d12431432ba6a50f778e295657e94f6de3084372cc46ed9469e36cbe1ce5567d4cbe2c5a7a51e7c9078b2a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
afa6f5ffad883d142f9a3a92940ab717

SHA1
d58ceb1b8cf70aadff89e6080158def99183bf9b

SHA256
00cce0a2b7d5bddf984f3608d94bde800ed0de548c99a334fa91d70ee995de36

SHA512
d8a12a8dced0b00cb7632fc3a03081f0004496a296be155bfdfa6170b84b2fa05e4d76c4c174fad8dae705668dbe6fd48bfeccac7ba7532ffdfe76f2ce172d4a

Download Submit