087c491af7995577371c731d65d231c01b4d0905b03a1896234c59e1072928c1

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
03-05-2024 07:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

100505b9eadcd1cfd3567b3d24c3a1f1_JaffaCakes118.html
Size

212KB
MD5

100505b9eadcd1cfd3567b3d24c3a1f1
SHA1

c3aac8d251ba8f7bd7f37997520ca4d1c43e4ecd
SHA256

087c491af7995577371c731d65d231c01b4d0905b03a1896234c59e1072928c1
SHA512

2745d011a2408ef6e2cb9bbddd745d1d6596a2d96e24bb45c97be646f3d72cff2da7169ab7d3c6df73f9f24a33d6dd6a2199a4c241eee884cb55d7a699bc8b68
SSDEEP

6144:3930DH6NEQwjcHXxQRVufJc/09d4kXsPJw:3KDHQmjcxQRVufJc/2

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
692	msedge.exe
692	msedge.exe
3744	msedge.exe
3744	msedge.exe
3208	identity_helper.exe
3208	identity_helper.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3744 wrote to memory of 1164	3744	msedge.exe	82
PID 3744 wrote to memory of 1164	3744	msedge.exe	82
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 1124	3744	msedge.exe	83
PID 3744 wrote to memory of 692	3744	msedge.exe	84
PID 3744 wrote to memory of 692	3744	msedge.exe	84
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85
PID 3744 wrote to memory of 2100	3744	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\100505b9eadcd1cfd3567b3d24c3a1f1_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffadca846f8,0x7ffadca84708,0x7ffadca84718
  2⤵
  PID:1164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:1124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
  2⤵
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5280 /prefetch:8
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5280 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
  2⤵
  PID:3628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,12244563683389446341,9497421776196828719,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5448 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4576

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5092

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4796

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
537815e7cc5c694912ac0308147852e4

SHA1
2ccdd9d9dc637db5462fe8119c0df261146c363c

SHA256
b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

SHA512
63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b167567021ccb1a9fdf073fa9112ef0

SHA1
3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

SHA256
26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

SHA512
726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
9d6013a201754df30e2c66204855bccc

SHA1
18e49138d7f305b95b0c6e3f93d085548ae9a508

SHA256
3eb8fd3dd01be2fd98b33517b36deb4d13d30aa2d24905250f3e349f4da30132

SHA512
375c970192ca1f5684151951c0ba0391eca9d5a53e8d89ccd7b6adbaa59207d16760f9d461d7c8f50fb762028677b95fad8255fd94045e1e23506874280aa2e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
91dd6c59493a2938d057caeb29029d12

SHA1
204a82cbcdbd9ea56a7630362d0ed6cd9529ea4f

SHA256
86879c327d69f57e867e32df74f06a51d7b18c6b09bcd231a651f75978d1dc63

SHA512
84769faf16206bb5b15d2a36a46e91c6504f9e3d75ea15268f5ce0b6a01999b5f9d0b6d4d590c62dcce577ef3ed414d7ab5cc80f23a5b1dbbb7098e9a99ece49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
942a91dbd9e9d3831d09a9d2b1dfdc65

SHA1
8f8f4d5105e8d033a55f099410781d5d2db3a4db

SHA256
385def56abba865b8786a717c5835fa9d14782d330348e0738c2338fd069e75a

SHA512
ebf053ee6c05dc19dd1aaa57defb50194ac6252856ac2e6cd8b6409361f2e32072984d934269e3abe809f6525c90406cd45b7e4410c7db4d20ea05c1e597f803

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
6cd0caaf45404abce821129d9cb5c938

SHA1
4a851377414dfd01be842bd6ea8c50918cbf10d9

SHA256
7496a94807c6238fab915333db10a0d09e10d090b3ec33f3009be3075d033862

SHA512
9de5df2cc7f0c9f0ed3b28c01f180116d6a0cea91363d5ed6564700df36e29938f93821b6abf95241de55a103a3c17c97bf1189f9df87fd58e426d6a120f936e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b3fe.TMP

Filesize
707B

MD5
0c63ac25b889e78f109cf2f80aae6215

SHA1
e9bd532ee1e2577e2d7ffddc82d2e1939b321237

SHA256
8123917634003cefc90f6d7cbed62e75112f70e2af30b12dc05ca3dc1a2ab474

SHA512
7ccd1c58de7723d48041619c0466a15e23d620da13d837da760ac5dbb837f252aa29b4f0d8bd61d441f52649908285cebaa2bc6ba35063ab17f291324ddb8d41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ccfe6859-0621-43ba-b1ad-f7f3a8363be0.tmp

Filesize
6KB

MD5
d691226f84e3d6b7fb134fece3c1e203

SHA1
c85305fb4f0925102a87beecf77c475318683353

SHA256
5807a448e5d16f0ee48ad480934decc94846ea6cd1737ffbb99b9460f5cba0a5

SHA512
91c091304678a39efbf55f99087164b27ff3ed956503c2699c7b410686855dee5eab3f9f31db86745f5613bb703a6abd8d50be3250b9b11d7c5270b0bfc491cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a09cf695e577e7c2bf455a57f03684fa

SHA1
b91d4385bf02eda356b98209a4025f0fc2a64097

SHA256
449d516783a718f2c93cdfe9c3f6686ff444627297cba746df44278b00afacb1

SHA512
a5f619c1b65295c4e9092aae48b2398d97809a2e5f3f3e3aee0f9493953f30c620bbf84a3c7ae915f22410a9175b5b6af71c4598c7b4146203d778f7c926dfcd

Download Submit