2524b9783c6f642b3941ef1df56c9ae158a332cf064521255e8ff96f43275d2c

Analysis

max time kernel
134s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
10/05/2024, 06:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2dd992f1959154207507faa72c0d8b16_JaffaCakes118.html
Size

64KB
MD5

2dd992f1959154207507faa72c0d8b16
SHA1

aca8a14468ea03cee9f57b7b1b527b6ef4a444f0
SHA256

2524b9783c6f642b3941ef1df56c9ae158a332cf064521255e8ff96f43275d2c
SHA512

1360dbc0afe415c636964b68f0fb53dc522af92d0cb7d8e9d1f4265bb9750e387dbaeb4cab66a728d4488890974a7ddce28e5dacfd1e1ac8db2196b4d36f5d6a
SSDEEP

1536:oRF/DD2u/XMIP2qwQ9p5uw2QOGO/OlhIx96tbtbFElcXJsijJ6hwCfGlSB58fl3h:or/DD2ScIjwQ9p5uw2QAhwjlSB58fl3h

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5052	msedge.exe
5052	msedge.exe
3508	msedge.exe
3508	msedge.exe
1524	identity_helper.exe
1524	identity_helper.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe
3508	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3508 wrote to memory of 3516	3508	msedge.exe	81
PID 3508 wrote to memory of 3516	3508	msedge.exe	81
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 4204	3508	msedge.exe	83
PID 3508 wrote to memory of 5052	3508	msedge.exe	84
PID 3508 wrote to memory of 5052	3508	msedge.exe	84
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85
PID 3508 wrote to memory of 1836	3508	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2dd992f1959154207507faa72c0d8b16_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe676e46f8,0x7ffe676e4708,0x7ffe676e4718
  2⤵
  PID:3516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8
  2⤵
  PID:1836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:1184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1916 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8
  2⤵
  PID:2448
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3512 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,1159393818617708588,14827570344606884928,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5352 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:968

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2608

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4480

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
d50d61b2c6ec84bd09b371701a3f5e50

SHA1
89e0978ab81613a61288559130c6ce1e0a1d740b

SHA256
863f3865fcda1659c272dc03a369b31c3d80eb4357cac739995bf5ccbca9b2d4

SHA512
01894c8e25e6d5acb99e2c6c732a8bd614e99745d9f1e23187e5a6ec1f1bf8ae24797668488fb6e1dfe653c47e79891514d24d162763dcd794e16713da405704

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
484B

MD5
9bbd6f77fe14114dae54c6fdd2e1a446

SHA1
cc7bcf7337c342671c5d6d2fe638188eed1f5aa0

SHA256
9b8d453a8505ef78c6788638ccf5020a8dbf2f6e0e66aa07e48f7200791a3eda

SHA512
3e0e0d5adcb3a81628ae034228532fd8f0f4d85ead2f5c5e3712c5f669a287647fd771742044cdac3d9bb3b02e3e5ee964546e691b8b92cdd3a2325abb6a5142

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
206c5201483f5a0b138bcc3feb589e61

SHA1
4cabaecd5c6374b0f27053f004b4bd519ab71d18

SHA256
8b3dd4f626c11fc010945600ceb1bbb4af2302993cd6a5193d83d65a9936dbb8

SHA512
3bc74e37d702b93de22ee7dccba46a521aa2b3447667560fcee3d555c58f0ce1670d42c628373b2880717de43ee68e1de9977b654300245b43030c2d870ae019

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0d7cb92d157c7b6b6e68eecce786860c

SHA1
85c0a53e0af1a6838bdae438d3cd4daa1663ab4b

SHA256
f137e423669ac77cda254f1090c0e9d09e35299c0de40dc535ee6fdb53047c3e

SHA512
0eac23fb0068db79c6cb7269b27bc96f1e6f8bcfbfa90dac5cca05b9d2f3f701471dc647c1b4fed3bd5d03e3d1c3dfcd0910d1fc74017a92f312191067f97709

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a921f6900888a92f3bc296614e4af29a

SHA1
15f0e272a661ad700162c014b1ad29c43708d4c8

SHA256
2839e99a9f7efbd698cb87e9c4cefa4164ed6a420c6c8c044600913311dc6d5f

SHA512
c7f1284f55c476ae132e7792973637ad2ca79d138db86ba39629c8f2204d859f4e3463b62ceb530df3abeb2b78f23857e570e682dec76717c8a410986ae70388

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
7a2d83759800f145f3c20be5d74a5770

SHA1
ca07f7d8bb71c54aa6d892126e0b7d868fc71206

SHA256
1c8aa911a4ad2b4606ac70dbae5c7f24d2ab5f2e75ef282dc4a9d6ccb95d9238

SHA512
19b1b3076188b000ddbf3bf597c3a76c449c1302d8b1939a3b2cb8e876d7f288254bf9550396a6efc79bd0863d2712b1549a1aa3c85e074ff86e3c2756602157

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58b3f9.TMP

Filesize
204B

MD5
7e535c84566a81d1141118705fedf2ec

SHA1
a1d5cb06ec434757cdc570ad06931e366c98db13

SHA256
a94c551e4512c74e1202d61f1464c2ef19bf8bc0a43838e0ec99167b9db3b221

SHA512
676892d959fde08e4178277461d20d1082feac68ab98f3763ac5086ece0e35b7127d957d44130c10d76378540854c12eeb510622a0306e78afeb7a6c0a50ea77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a4a76bb24db019a97f2e97e8d927982c

SHA1
603c06bede4b6c490e26a735908568a1abbe5b90

SHA256
ebb984cf23b1455005c61289ceddbf79ca9ab0485703dde56a75cb53c52c23ca

SHA512
147c0640e3e4bab4f6321f9593201cd872a4cf46459d6d830c95ca01a854ed873defe895f5a554b4c92f4fbc1820eed7af497cc04f2d04bdb0d12bbf8f191639

Download Submit