f1b41c0479549ef6a8bd7ec5380506d91f5350d4810e2431afce0a5ae3bfc4b1

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
10/05/2024, 08:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2e2d1fd3497c46b4b6c7f1448cabd4ba_JaffaCakes118.html
Size

203KB
MD5

2e2d1fd3497c46b4b6c7f1448cabd4ba
SHA1

8e211f8c3cd0abf45614f5d32679634af121fd87
SHA256

f1b41c0479549ef6a8bd7ec5380506d91f5350d4810e2431afce0a5ae3bfc4b1
SHA512

0b1936a0ee1946d78ccb6bc9313adc12a14189a1e0039e951292c30e09d4650b417f2f7c47bfec2718e3a4f5863b04e94f67cd69852d0725b7f2f12a653a4545
SSDEEP

1536:wGlh2uZZppG5At2S6a5tr451+XVcZelJ78m2c5Evk2iGcv2zLYYEv6LCl0om5NXJ:weCAI1+XuZwleAn+zLY6omTXJ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2408	msedge.exe
2408	msedge.exe
1524	msedge.exe
1524	msedge.exe
4572	identity_helper.exe
4572	identity_helper.exe
4968	msedge.exe
4968	msedge.exe
4968	msedge.exe
4968	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe
1524	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1524 wrote to memory of 1592	1524	msedge.exe	82
PID 1524 wrote to memory of 1592	1524	msedge.exe	82
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 1812	1524	msedge.exe	83
PID 1524 wrote to memory of 2408	1524	msedge.exe	84
PID 1524 wrote to memory of 2408	1524	msedge.exe	84
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85
PID 1524 wrote to memory of 4996	1524	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2e2d1fd3497c46b4b6c7f1448cabd4ba_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd5eb246f8,0x7ffd5eb24708,0x7ffd5eb24718
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
  2⤵
  PID:1812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
  2⤵
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:3944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:3804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
  2⤵
  PID:3104
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5992 /prefetch:8
  2⤵
  PID:2960
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5992 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:3648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:1092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3904 /prefetch:1
  2⤵
  PID:1176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,18163741414046753644,11144287968569214616,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4740 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4968

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2816

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1000

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
4aba91caf33e0b3ebd539877d128ecdb

SHA1
fd0cccf2b66abdace47b8c54cc5a933c1f4e99c6

SHA256
2d6c9b1419830a509ef75b1d5d6e34cd65c78f64d9cd2ad15c2dd94135fec37d

SHA512
f132b2695ae0280d39c438f7dc8231d13a8296ad487c265997524c35e0af0f7d6d2812df813b34d2b761c36f77c2383a72885ccd41ba8af9e1cc0b312e77eb3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
f3328cc034032c132f53551da8fc4841

SHA1
345ca09a8e137a7e3caa098d30a9e19759708948

SHA256
2f9965f3ab6fe5c212a5c480ef0051cb5b0e414558eed232a7c6a505a021a88d

SHA512
8f6c7d858a82353513398a4bfd7b8c79c86547985013c72f49238b9607064919ee8d135557cc640a51de7436fa9b1d3afa4072f72bd84a5540701b45ef468da5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
eae4e350126ce08ef85e957ba279d3be

SHA1
4fef75466bd57f3a93a4ffc5e56b9583fde1b62d

SHA256
6778af4c116012324e7b8be614d7e2922090394794a770dd5e196ec5eb481ad7

SHA512
c3b2c7b845c1467ad17862e8fa0073c631dbf9ccc2a1937dffbbf5b07c45bf567506b0ef5d8c30266ecd7191f1ad2553be8dc8efae771d1221ab168026c1e4be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2a8b029148b078b3ced6ad586b385087

SHA1
26f919abda48dc03735a4b3a705f92c7e3e86170

SHA256
15f87af1673b8ac3fb68fd7e3981082cb6dcac8af7755d8e8f65441b71d434e7

SHA512
2e4355a2c1921c905a9900cdb683ff3dd8972602742725348e6a24229ace71ab6195c53f504447b59b9ad4a1845bba55da0f7e20481d3a08060af90980867d82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9c5ade88d68333eee2675aac8bf32f53

SHA1
dcd423de92e9294d43046192eca69b945191d3f5

SHA256
1b3f762792d77b374816fb7405e1a7ad7327f27343aa929ff3c51856f55e5608

SHA512
a4aa45e02610981d83c6ae4a173d6ec29bd8d1b9c942d39a97f7dd95f62b9af8fad85ee2538219f5a5f2481a597d58fd710adec6d05c781099950345445b7213

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
19d9ab9958b36222bdc3ebae39b061a4

SHA1
600cedb500847ad2cb69312d2bd087c97d498413

SHA256
8de9d564517b1a8b489703fc04850440326f54264bb2ead934e26cf9716a1975

SHA512
154e07f7304325759d8b9fd5e780876f1cfec5fc2c3febc11f0f5b424001ce1dec11a46081884c4ce5f198abdefb9af2d3221e23934ea3ce69655994c39fced1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
df5da13fc2dc0969c698ac5a4e48e111

SHA1
7d12540b45ac11d79fa256dae36ee29df03b34cd

SHA256
c951094aa2ba9d4cd206cf1a0c0e907c216a298a366fb1be76d178db784b52ac

SHA512
f1f7d34028f73961f5e0098f58b086992c38f282a0e71d525f738cc6a1776c15486383bf66d9c5f2358563c02b5094a29da748c2e29f00ea5d3b5ff01ae3348d

Download Submit