13c055db7c1b07a8d84f97f2114f241028592de4faad25ced7ad5dca48575b12

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
04/05/2024, 13:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

12e665e5528cbd1016e7af45ffcdcedc_JaffaCakes118.html
Size

48KB
MD5

12e665e5528cbd1016e7af45ffcdcedc
SHA1

d2b3c03906815ac812d9f146061c024f2696aa96
SHA256

13c055db7c1b07a8d84f97f2114f241028592de4faad25ced7ad5dca48575b12
SHA512

cc5881cc00f9887dc3f6f46fd57162a68d12e92bfa82e6804b21f79f77f9a0bc2d113a8f804d6d8a6e2d210dab3c236429e7e7896332ba5387e8ba92338304da
SSDEEP

1536:TuwW1RlSWQIaAkNnh9e4eIaedgePqv5ljeuAfasDdhy:jW1RAWFAfasfy

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3980	msedge.exe
3980	msedge.exe
3512	msedge.exe
3512	msedge.exe
2728	identity_helper.exe
2728	identity_helper.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe
3512	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3512 wrote to memory of 1880	3512	msedge.exe	85
PID 3512 wrote to memory of 1880	3512	msedge.exe	85
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 1904	3512	msedge.exe	86
PID 3512 wrote to memory of 3980	3512	msedge.exe	87
PID 3512 wrote to memory of 3980	3512	msedge.exe	87
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88
PID 3512 wrote to memory of 5052	3512	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\12e665e5528cbd1016e7af45ffcdcedc_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9fe2046f8,0x7ff9fe204708,0x7ff9fe204718
  2⤵
  PID:1880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:1904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2816 /prefetch:8
  2⤵
  PID:5052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
  2⤵
  PID:4156
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:8
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1
  2⤵
  PID:3528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13347005887913085207,3399072546181545954,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4896 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4700

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2136

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4196

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dbac49e66219979194c79f1cf1cb3dd1

SHA1
4ef87804a04d51ae1fac358f92382548b27f62f2

SHA256
f24ed6c5bf4b734a9af4d64e14a80a160bea569f50849f70bf7b7277c4f48562

SHA512
bb314d61f53cf7774f6dfb6b772c72f5daf386bc3d27d2bb7a14c65848ee86e6c48e9c5696693ded31846b69b9372a530175df48494e3d61a228e49d43401ad1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a9e55f5864d6e2afd2fd84e25a3bc228

SHA1
a5efcff9e3df6252c7fe8535d505235f82aab276

SHA256
0f4df3120e4620555916be8e51c29be8d600d68ae5244efad6a0268aabc8c452

SHA512
12f45fa73a6de6dfe17acc8b52b60f2d79008da130730b74cc138c1dcd73ccc99487165e3c8c90dc247359fde272f1ec6b3cf2c5fcb04e5093936144d0558b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
3a4769b81f930488141d339a462b7372

SHA1
de270d4fa720b7702725bf550340d77a9b1ad360

SHA256
fc18282d30fd606bb225fec1b8868a5ccb53794c365c2dcdf37e0800b96da6c4

SHA512
72985dba61b5ed768fdbfd349b37da2623c8fd7006395d2ef86d01f5cb452dcc5a685372d1ac4d298381e86b620db7a473b1d422e469a79a8b0df1a3a9661740

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
709B

MD5
0a9622570b78dfebba930d5af2aa137a

SHA1
59a46d3ffdcccf22f44cec84c8c2370f6f684ce4

SHA256
0c4ca6de38870f62bc0eaba1ec0a0435d06fd2aeabec0e96b4e9f78afa6657bc

SHA512
d0955b604163b7c31da7a2cfe3b1287b6bddfa491d04eec38e19718bd4b249879fe3d6b8c6633264d2a0a8a4fa1883632422b57813e88409c2c79cc368514adf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
5c5af268d265053da2ed6cf9f4f29f41

SHA1
9ba9e5254bb86ac0fc9a35d6c3af480c44bdfda9

SHA256
4cd4d80f790f060c7dbb080f30417794022351bf982f87411dceeb7a123c3196

SHA512
ed2aac34f1246e5b7bd2c3ef82d6a42eb32e01b5228b6751593e85b3d41a08b379de545e19f753822219a6349bdb4f5174470faf9b771d21acb2c691ed136da6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
436631344068225c886ff4bacc9711e4

SHA1
de7ab7b40d7f2bbc1c770befbf6632bfff739878

SHA256
da324f1636e292951c21583a73d959e290c5beb5402d18f2c74fc3080dff6f6a

SHA512
7565eff997e59fb3e7b733c5338fe7e6838d32b63b861229fd9ffac69d2a3af73f445eeb74bb0c7f811c35e46475bb201127aa3e82c0481789741c0d7768575a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2ffbc7918da90ae5102da2b545d4b81a

SHA1
59d22c5287a6131e8b30af399770762bc5e9412d

SHA256
8b3a3494f97c59dea7a01ec70f69f209866ca9c0ddc2d2660be5194741b776df

SHA512
9159a917ac3c8bbcdcbce7d09c0e420a095fadbf8d09ed2e734ce81068470d1b29b6ddbc5ca1a3dd41aec018f17f0674cb6d3bb4d1d2a308c5eca7fd247bf3d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
540B

MD5
5381ee3b65f382ee83c08dab80e646df

SHA1
748abab684b1e4e103792a1ba2b2613eeb3f5f72

SHA256
ae8cceae0a59d556b3961e5fc2d0f84bc0435bacf75f7787385ef95163570f26

SHA512
b9b01447213fdd26ba6f4e8f0b89716d93a36ca4d144d3efd96930ffe9c50cb90789122bd2197828dcbfc2003f3a8e1ceed07e03e5eb1a5c2b70068c288f8994

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f6b4.TMP

Filesize
540B

MD5
b25f08a4fd5ffa51f21acc0bbb786dc3

SHA1
db875cfc79d82aae3957ad18424a6b8652ace3c2

SHA256
ec33e4292fe8f0f66e2bf9554575eabf07fd63f0e33a47f556aa40cae27012ed

SHA512
e21ce738454d7d5ee1e866143635ebf94dcc9bb8a2f68d58ea10d363814d66a8a07a87b8952bd98077bdf1e253b16ebf6c41deb2a4c951348fe22bf2176d300d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1aa7694f8060e815433b3fb8ef9deb8e

SHA1
54d95965d937e273a1b564a2870260f15c8e9eab

SHA256
84766cc2c66af241ea0a0c32a6231e8172d59d48c1ded9ea5f9020175d42042f

SHA512
f8a727900addcaee17d268fe30b3e689f67beef666f194576364ee64d426e762fc9395eb90b51aa2ab80b669709548492474a8b633a67fd86f8010313bb1d276

Download Submit