4af0cf46ab5b7cf386ce8bf2d62ff27ded2385ed8a814bc2c1d4151545c67026

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
07/05/2024, 06:22

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

1fb9b04b257ebe85a8b41d51821e2a69_JaffaCakes118.html
Size

68KB
MD5

1fb9b04b257ebe85a8b41d51821e2a69
SHA1

927a7f9d261f6b48c45d672e6a970ebc6cd01625
SHA256

4af0cf46ab5b7cf386ce8bf2d62ff27ded2385ed8a814bc2c1d4151545c67026
SHA512

614e573609b2825ec3aca97ceac991ec7ad96370f69cfa65195df6af08c269549611d2f15506910743b2eb6b9a84c07e978c014836f69589f4672a86d174cfe3
SSDEEP

1536:UuxWCliWQIaAktlhbx1H2LzxDVpjmfHNRZN/Yke2seaWeWneyqePqFjZgl6aYX0q:xWCQWsx1H2LzxDVpjmfHNRZN/oOAfaWB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5036	msedge.exe
5036	msedge.exe
1020	msedge.exe
1020	msedge.exe
3964	identity_helper.exe
3964	identity_helper.exe
4668	msedge.exe
4668	msedge.exe
4668	msedge.exe
4668	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe
1020	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1020 wrote to memory of 1144	1020	msedge.exe	83
PID 1020 wrote to memory of 1144	1020	msedge.exe	83
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 2616	1020	msedge.exe	84
PID 1020 wrote to memory of 5036	1020	msedge.exe	85
PID 1020 wrote to memory of 5036	1020	msedge.exe	85
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86
PID 1020 wrote to memory of 5012	1020	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\1fb9b04b257ebe85a8b41d51821e2a69_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaeba946f8,0x7ffaeba94708,0x7ffaeba94718
  2⤵
  PID:1144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
  2⤵
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2420 /prefetch:8
  2⤵
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2420 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
  2⤵
  PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1
  2⤵
  PID:4380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4060 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,9226898638548309317,12973035731491998377,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4844 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4668

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2104

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4248

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
537815e7cc5c694912ac0308147852e4

SHA1
2ccdd9d9dc637db5462fe8119c0df261146c363c

SHA256
b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

SHA512
63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b167567021ccb1a9fdf073fa9112ef0

SHA1
3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

SHA256
26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

SHA512
726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
f9ff7d403ac5a636f064d9d2d6c6fc30

SHA1
09f915f5087f9bd61289f14e865e9d0fa0527520

SHA256
888f17e7c2a73eaa13ef3c1a58dc0b955f53d170f303bc0726a2eee13d80a082

SHA512
3564a3337740fd124cb263299aebd182fa4b1fc606eb2fd4e5eb5e2ad415ba2944ecd4fd883ea310673bd0d5bcaca8c59beec720c73b175273525f8bae168895

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
787B

MD5
9a47e5b962061238171ce5b86633834d

SHA1
082199aeedf11e8a67b61aa82e7b208fd14bb04a

SHA256
485d452a2a54d0683583f5173029ebebbcd59d1be52c6af5bc66d07f47302055

SHA512
cb2ea1b192b16f2f2a7475deaa4fd1cd1e0cb78f0b41ea35f81ad50cd19940dce4eb4b84dc995c3f803eb5e93168c9d10a6b551ae5215b9798efd41da0e82689

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3257c3d9f99a43c24cbeb1903f5b39cd

SHA1
c7e218319951bde34f640c80cee7cd0b86626122

SHA256
a3013d177d839a20c238aa70431bd382bf2ea5179806907e1a96a2a677d5ce7e

SHA512
0be35db6602cb7eda5ebf84c05d23bcc1754a905c5534c17d4a16a2e26523fd61e2b8f0d83cb4f2e1176e7b97123c88dfcd870fac73f6d84575175b8c5e816cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1d767d1ffa401e0aef7e2b97e9445d29

SHA1
8a8be3f7d250ad6244351c6948cbe6d7f0fcdd27

SHA256
c694c233e5639a68e93127f74b3245b4c74005162c854982408613a3ba796e28

SHA512
42f7a089142304edc0ad48378a6c2f629ff25958c71ffda962642d885534b27f049f72d959a623e24091fdd4981f1990a6c1c44ab2038864027e91588d72f4cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7c6170263116a29f66a86894760909ea

SHA1
130446fafb61aa5e45dc83f62818e742fcf29203

SHA256
48feaa160ea72dd6077e49b0bc0fa7dd7450acfb9a0e9727158af069cd170c44

SHA512
daf16467e1db737806bedb999a599b19d2484c2d101212e322686670c22c61d977b0acb9ace76b80c6f5b253c28baa12342c78f134a02fa91ff7dc119cc73763

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
540B

MD5
b9a096f10b46631b8bf1d9f318e0d464

SHA1
3fbb238da7ae193ef62ae16f85592a7ed69c58fd

SHA256
44d6dc0f697a1c2527aa9f4d1d32d27a6825024befbde7e7c48f61d7abeb7688

SHA512
a3aa7845379a58e1c345cefa8f2851f565327fa419da833c4a406f8b559525943bcf581bacbd6915f9cb3d4ca22eaa2d0f97a81c6ec7922196f452d5b5a06846

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5800c6.TMP

Filesize
540B

MD5
57a19bd857d1dbd1616750b99956d8a7

SHA1
68313f6407ad15034b6212769624bcb2e389430e

SHA256
ad6730947f99e8c090996998c5b1709e5a446a485556fcec73b11e83d91463a9

SHA512
17518c46eff23fa096db13f44ffcecad2940a2d66369d953098148804ac9b62cfd3ae5b766e86254c2e30953d23b6867e8ec500e73702f5f40b4bc24e280eaa9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
243067a66018e37cbe94048c894ba3c7

SHA1
97733085ce4c33dd4f0d7e13172e01605164f33a

SHA256
8f2a96aafd8551de6d0805631321af906a3d9bb782a5dc0c7c8a0e46ba049ec1

SHA512
214213e1d954d0d5c573c223bdd148276b6813d4291e701ca998e2de1065fb8bdf7de7881949c474ee7a787463e8c075fb6d86e04d3681a3c30c40dc7038d258

Download Submit