670e6c26f5a3dc08b9c7c8b58be4bfa6efe4316086576ff9bd595ce270a98ad9

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
09/05/2024, 07:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

28d5088d4b20f9f56bce9d5aac5860ad_JaffaCakes118.html
Size

175KB
MD5

28d5088d4b20f9f56bce9d5aac5860ad
SHA1

d1ed2b098f78f080caabdedf5fcbc02ca163470c
SHA256

670e6c26f5a3dc08b9c7c8b58be4bfa6efe4316086576ff9bd595ce270a98ad9
SHA512

52950c4f976592d8b66ece20ef7897035d5f7e67f51cfb1bbd69dc3cc02524884a674a649ad49a3b044babe3dbe86813eb4dbb2d298cd2f91d77ce6b372e6984
SSDEEP

1536:SqtH8gd8Wu8pI8Cd8hd8dQgbH//WoS38GNkFbYfBCJiZu+aeTH+WK/Lf1/hpnVSV:S9CT38/FiBCJiRB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4040	msedge.exe
4040	msedge.exe
916	msedge.exe
916	msedge.exe
2316	identity_helper.exe
2316	identity_helper.exe
2332	msedge.exe
2332	msedge.exe
2332	msedge.exe
2332	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe
916	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 916 wrote to memory of 2636	916	msedge.exe	82
PID 916 wrote to memory of 2636	916	msedge.exe	82
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4808	916	msedge.exe	83
PID 916 wrote to memory of 4040	916	msedge.exe	84
PID 916 wrote to memory of 4040	916	msedge.exe	84
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85
PID 916 wrote to memory of 5104	916	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\28d5088d4b20f9f56bce9d5aac5860ad_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff467446f8,0x7fff46744708,0x7fff46744718
  2⤵
  PID:2636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:4808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:2104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:5112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5856 /prefetch:8
  2⤵
  PID:1012
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5856 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
  2⤵
  PID:2104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:1
  2⤵
  PID:5268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:5276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,10410126543048544627,9431028500172646405,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6040 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2332

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3396

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2628

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2884

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1ac52e2503cc26baee4322f02f5b8d9c

SHA1
38e0cee911f5f2a24888a64780ffdf6fa72207c8

SHA256
f65058c6f1a745b37a64d4c97a8e8ee940210273130cec97a67f568088b5d4d4

SHA512
7670d606bc5197ecb7db3ddaecd6f74a80e6decae92b94e0e8145a7f463fa099058e89f9dfa1c45b9197c36e5e21994698186a2ec970bbdb0937fe28ca46a834

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b2a1398f937474c51a48b347387ee36a

SHA1
922a8567f09e68a04233e84e5919043034635949

SHA256
2dc0bf08246ddd5a32288c895d676017578d792349ca437b1b36e7b2f0ade6d6

SHA512
4a660c0549f7a850e07d8d36dab33121af02a7bd7e9b2f0137930b4c8cd89b6c5630e408f882684e6935dcb0d5cb5e01a854950eeda252a4881458cafcc7ef7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
c5c32fb4480fb57def23fe573aeb7fd8

SHA1
65e2ab88fbc5bd998a163ccbb00f52f9664b959a

SHA256
0d4a4c63f129904f2db8f4d842290295939cc85fc564cdb848392274bc48442d

SHA512
bb06441a4e2c933d29e61007d712a168c3aeb2fad47b5ecbbe42f05ab154bf800ee5b5184a0981834b65e64945a2e9457d52da40327e274fc8db74deae6cb85a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
71a03b3d341efa0c20c16468196c3246

SHA1
b769fb476a5c7f41a924bfae7927d6a929f4f491

SHA256
b1a7e9ab6b76d0c090bfc6585dd316da0fb3f81a913a7f4f1f0f975672b1b191

SHA512
07013ef9bf94429d1c8dd498efc762f6c0cd1fa81feff0b2509e4a75aa0fed9e62e712dc9202d17d107e962cc25a868b024d2ff5bc751d83db06cc03e9cd7cd5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
8d3f572e306ff3ab0caee37854d9c611

SHA1
8f52f61d2914e60dde84be4d9318df1a130bc46c

SHA256
23e1065066d333355855399d0cb60d8a1a4acc194bcb35adc3d82479dfe025a2

SHA512
0b117f9156fdf0d677ed0096ac7936f6bcdca1bdf6895ed1f79eab4c4eddc30aa521d67cf46a6445b2161ebdd4c157a767e90bf029726fa99f59b2b062caaebd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3ea6e4bf633c68330837b154b5118e03

SHA1
16f3fab6ce7131f538f10d6b7c1fad294996a2dd

SHA256
96e2d9be95ab0ecedb477f921c197fb76edb6dab391af738183c7dd9d744d9fd

SHA512
7f57ff416948b52c993af31b3cc7674dd4bc838ac7d8e95ad565c0515a7b70215b258f1166be33ed3da8736414031d7b8dddc8f4d0d96e503fb7a2a7fac63ea6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
aca08170761558748bf4a765a88b0976

SHA1
38446a345fafea3db6e44d03ba5e64d8eb9c1b02

SHA256
084ae5df079df2bd94735896bde16ee8b487b86fbdbef835dd211eba02b1c732

SHA512
40ca3b1a74bba12cf74373bf19d987c3f1c91584af8075089d5bc057381c61ae077135abd85459ed92061fae1f8872d92ce8be49a9f9238b0f915d083d479134

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a94e7ab19a2db1ab06fc1a780ea6f8b3

SHA1
92fbcdc3337b82a7c9a5795a54fc024b0608e154

SHA256
5d2bd8762a2afb95db86e33738b35a40ecad3c87498c7ffab57c0c393a75f2cd

SHA512
f88958b1702270c1a3f8f08a4aaf10ab44eb1b64d1f65722bcbc1978a024e165867fedce5ac0cf6e31fc642587df247fa149b18c9e2f9c5f280b6a80ecc10d1e

Download Submit