422d487f11a786ab3cd295e232f2601be298a8fced88757620af4acbe861f046

Analysis

max time kernel
149s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
05/05/2024, 11:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

176db1667d4da1087dae47e5173d12e4_JaffaCakes118.html
Size

59KB
MD5

176db1667d4da1087dae47e5173d12e4
SHA1

abc4043083095489df798f49be8565227f5d0cae
SHA256

422d487f11a786ab3cd295e232f2601be298a8fced88757620af4acbe861f046
SHA512

02c8b7b9024d7fa3d422240486c71778ef5c318be71f09cc66bf2d9d9758aa8b12fa74000ad98fe7870978a8639ce1b6727d6a2608c1ec33ed525408413b4d7c
SSDEEP

768:Slg/oeHRWl4SYEtd7oZSsnyD7aAEjq41v7vvTYhRA7bguX:Sm/oeHRWlh7d7oZS2yD7aAEHdTYhRuz

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1660	msedge.exe
1660	msedge.exe
2776	msedge.exe
2776	msedge.exe
3216	identity_helper.exe
3216	identity_helper.exe
1160	msedge.exe
1160	msedge.exe
1160	msedge.exe
1160	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2776 wrote to memory of 684	2776	msedge.exe	82
PID 2776 wrote to memory of 684	2776	msedge.exe	82
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 3788	2776	msedge.exe	83
PID 2776 wrote to memory of 1660	2776	msedge.exe	84
PID 2776 wrote to memory of 1660	2776	msedge.exe	84
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85
PID 2776 wrote to memory of 4776	2776	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\176db1667d4da1087dae47e5173d12e4_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffaf0346f8,0x7fffaf034708,0x7fffaf034718
  2⤵
  PID:684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
  2⤵
  PID:3788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2732 /prefetch:8
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:4156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
  2⤵
  PID:4292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1
  2⤵
  PID:4904
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 /prefetch:8
  2⤵
  PID:2112
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:2176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:3280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3920 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,15331367981852067038,11404474835268279198,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3068 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1160

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:876

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3612

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4124

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4f7152bc5a1a715ef481e37d1c791959

SHA1
c8a1ed674c62ae4f45519f90a8cc5a81eff3a6d7

SHA256
704dd4f98d8ca34ec421f23ba1891b178c23c14b3301e4655efc5c02d356c2bc

SHA512
2e6b02ca35d76a655a17a5f3e9dbd8d7517c7dae24f0095c7350eb9e7bdf9e1256a7009aa8878f96c89d1ea4fe5323a41f72b8c551806dda62880d7ff231ff5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ea98e583ad99df195d29aa066204ab56

SHA1
f89398664af0179641aa0138b337097b617cb2db

SHA256
a7abb51435909fa2d75c6f2ff5c69a93d4a0ab276ed579e7d8733b2a63ffbee6

SHA512
e109be3466e653e5d310b3e402e1626298b09205d223722a82344dd78504f3c33e1e24e8402a02f38cd2c9c50d96a303ce4846bea5a583423937ab018cd5782f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
ac6c44b2ec61e3641549a8e5f3e83803

SHA1
da2968d3a6bd56cf8f8d33019b098cb7ed18a9dc

SHA256
7207dd64a6d16476d22733e70bf22c0f829416b49d8af9a225d87464cf24c00e

SHA512
1b00cdd74cebb2eb6bee478f7796aadfbce0a884d06c73405d089061554fd04f1160d53d17199c4fd55dd68bce00a02e67e6eb8e67f0a9662f0c26eaa0ef1efc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
1634abd70f504b76016deb6c51868e31

SHA1
b79b993bb57aade2ff4bcf50706e84376cb529a1

SHA256
263d4feaba8de576493cb286e74b0eec4624f48f8cc07b5c7ec4314107a7cb5f

SHA512
9ddf0dce3044523f42e5478e8084af62e0bed17561a4f46fb648fbe50438770cc2ab308d5a05fcde778483c44bdce75cc308b2359c698a7cd462ab743d718e47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
8e931689540e9cc8ff309bd5545fb109

SHA1
c6d77db7d03ffaa9f3343b68c4898099ea9da0c6

SHA256
39d445d9cc3208fc7030181fc3c246808db122ffa94dee260aa68b2b6211829f

SHA512
9a703e5098d8d3747e4e33589869589e5f3ba8dc1f6f8172e23d95c79aa107a0417668380eaf1c5e758bcdc6397d2d3732c4d924146c975b72c6de1eacad41ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0b2fba583d68fbf20d7232940a1e21ef

SHA1
04678e2e8bdd3f39dad4968c5a59b8ab26a4f2f3

SHA256
e177aecff504e56495e154943e113f44a4b630b66cef8dd10ecfe1461b258b66

SHA512
035997a6032009977a40b3c517359e38146ae0250bd3af55453bbd38c9c1d3c050d28dc0c35dd1f07faf268f0604695fb63f41927eb086f925f35ac957036c9d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
45bc2498d47aa4238e8588b4c4c5adab

SHA1
c7c5cfc6afaa5b2e978d161a2c09ce1b0c626389

SHA256
42ce7e90b7bf19c36b3763ce0a89732e9453b18a670dd4b227b5c5603b4ffd7c

SHA512
b653894183da1e3a901d3cccc54c68aeb8f458ef0b758562ae1fb7ea1794677ac1f387945e2aac247fa96e3ea4cbc3586944e3cc806f7dadb113d936c20979be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0965bb0b11a036ac80e9080f81a0762c

SHA1
99b19c87a31330833c87c34d7c7ac6fcecd2edc2

SHA256
350ce19d63d25cc6acc118385cf9aa6eae8f0cc78724415f27440ffd0e42495a

SHA512
d3db79bf1c906539db50f7a6e43888050b3ce45877b63cb5e2c8d487f924fb1abb4871f3b3e8e5685c015dae4d20dfaba9b8fc288c344a9a16462924a7396f8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
fe6617ce50ac86c3024b96f35fe648e0

SHA1
490de2e10b2518479c3d5325a8f29e6fa10e5164

SHA256
26395fd6132fab038f3b922026c1d120ca3e937a3527afa001c12da2a9e27f0e

SHA512
c2d13461e1e3e44c409d8e74c8df1f20291d5f2aee318d9ae03a35179dba34efc9d6dd4d6db91d7921582aab25440c764c77cc60f71a6fe99f76233067b5017f

Download Submit