4da2535792cece451e9b66663ad469ab2b7e575c6dc9cdb89f2455434a149300

Analysis

max time kernel
149s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
10/05/2024, 19:27

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

30a97778b1617bea3987a960afa20c52_JaffaCakes118.html
Size

56KB
MD5

30a97778b1617bea3987a960afa20c52
SHA1

f784d6eca2eb96f3f11ca39d5089f2b8605a236e
SHA256

4da2535792cece451e9b66663ad469ab2b7e575c6dc9cdb89f2455434a149300
SHA512

75572047ce87ebc1d6242ed9d3eeacc1c8c6ba0bc9d6042c65b9b6c0cfbf50b4ee0a6cb22c55c4c1615caa1d59c22dd6efafe99e6e2d6b48bbad604e672e6aa3
SSDEEP

384:S8pw/TOJmAzRlIpFKbrecE/bRWwI5qitV21o3Tj86rh83cbaqDXEVouZUh+zRq1h:SvyJHUKbnEjTIIM1h83nw0i4UWjK

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1480	msedge.exe
1480	msedge.exe
3364	msedge.exe
3364	msedge.exe
2264	identity_helper.exe
2264	identity_helper.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe
3364	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3364 wrote to memory of 3692	3364	msedge.exe	82
PID 3364 wrote to memory of 3692	3364	msedge.exe	82
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 4880	3364	msedge.exe	83
PID 3364 wrote to memory of 1480	3364	msedge.exe	84
PID 3364 wrote to memory of 1480	3364	msedge.exe	84
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85
PID 3364 wrote to memory of 4076	3364	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\30a97778b1617bea3987a960afa20c52_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcc53246f8,0x7ffcc5324708,0x7ffcc5324718
  2⤵
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8
  2⤵
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:4320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6008 /prefetch:8
  2⤵
  PID:1508
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6008 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:3320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,11895704791570923695,13970919342772865288,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5288 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:556

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3288

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3528

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ae54e9db2e89f2c54da8cc0bfcbd26bd

SHA1
a88af6c673609ecbc51a1a60dfbc8577830d2b5d

SHA256
5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

SHA512
e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f53207a5ca2ef5c7e976cbb3cb26d870

SHA1
49a8cc44f53da77bb3dfb36fc7676ed54675db43

SHA256
19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

SHA512
be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
f1149c653128614559a60bcdfa8b0bfa

SHA1
a7255abf6f5e61f5351767153746887081642f8a

SHA256
1c81f7f30490abeb049266b17ece6719585206cb64f9678474d606e17a81b9f7

SHA512
9871a4a29f90d7ca167b0abc16f00373014e98023a80874a1237aa11040f67559e9618a43ae229bf6e654d491bbfe96211fc5f4d976124fd207187c7ac835745

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
7f118241dbe53a9edb0a85f434e69347

SHA1
dcdcbe234a2fab6fcb1089bc6d8027c844fcb517

SHA256
2dce20d4c523a0faba07dd0a6dc8e648efad219d4c702bb468083362023647c9

SHA512
3c01371dbebac10ca98d870795600412b067c77c9868a9fdc3fb4c5cd0e6516a65ba3e16af3753ca23b02e3d249749ac1549e6f7fa84abdbe288e89f2283f99b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
95a3c8c7ec3e72e323d3f7cf640c1a80

SHA1
f8b6fbc882384ae46abfb27cfa90126ea37aafb9

SHA256
927010065b4aba0b2c7d44504d91383660b4401be289f6343459f3de1d9a1075

SHA512
cad00a874dd564dc48f7d484481c1f3b51f8abf8f56199890b597044126fad95b2cae56df959a84b64ad8b5c9623e4534a0f301d6fc087cb2a21611b13435b07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
bee18f96401e3a6bad3ccea167dfd84f

SHA1
19639d0e5d5970784a331b13d45365b373362c6e

SHA256
726070bcf5ae5a7049d8bcbe9b771f73926285384b1ba79069225df22f3d7c83

SHA512
edc689c8dd1d85014d0b881b57b3585763f82b6dce53d82b1f2dc8c1b19240a2d05cafe9ebded020ca1c8248427f92910f26bb6dec6532a3d1ec3a427393c171

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
6d6551820e68aa437f245bfa66f48d14

SHA1
bb15de4c197c0188d1fdb6d576123dfedee279eb

SHA256
fd37e5feb1a233298a47ff3ba4bf99e43389a07408bc8e68327bee5d1aa8a79c

SHA512
e5bf5a9c5306c8e8ea3c33087f3e72f7c44e34fc5ef128fc2888f0a9aefca53ceb4c8600bb2099b7540a2016052d0940f7efbaf469bc5679c1e6bf74e525d76a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9ec0c301cec99e574c9b2c10bc0b8eca

SHA1
2d60e53c247ac27b86421edcde23864aead9bffc

SHA256
8f2498a9fbada8221981cde8e12bce033ea79c4e2e439b16d84e1cd1c6e7730c

SHA512
41880f0392d527e5399f485c294347dd6d4cdff41d9a6293fd086e8fc85777eabcd91b45e90b1e0f67a6dc1a8200994e7f60a916944f6ac412f3cc44b252ba9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
d6c2c993970ecec74271ddb45b733745

SHA1
e8af7aca79f90eea1656fe5f7988b7eeb9ae8f7f

SHA256
d3b623242ddfebb621054fb50a395bbdae5aa33d432208c74a0d63f72dca9886

SHA512
539bf5cc07c8a1a13ec3880ad7a4328685199fa8db1f3c06f36f02a9d55e8087365c27780165f4c56a513b594d651306114f352c6710d1854197fdbf07db42c9

Download Submit