44adaa99ee5fe6bf6735ceaeb200c6e30d1168b65732f6a30692153b295141d5

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
11/05/2024, 03:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

328ad8ee20ee2a672435d871917c23f4_JaffaCakes118.html
Size

68KB
MD5

328ad8ee20ee2a672435d871917c23f4
SHA1

d654e51d56504fe29896568d7479a9ba46a2f526
SHA256

44adaa99ee5fe6bf6735ceaeb200c6e30d1168b65732f6a30692153b295141d5
SHA512

fa4ccdd75b1220d91ae1abbeb3c29ccd7f2958cc4acde6b76e3ac8946c94b3d1369a549aa113b5b64110cb46e9c216d98892db94c872431260e4ef0a8902ad77
SSDEEP

1536:nuSW1ClSWQIaAktlh91x1H2LzxDVpjmfHNRZN/Yke2seaWeWneyqePqFjZgo5aLg:JW1CAWox1H2LzxDVpjmfHNRZN/gPAfa5

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3680	msedge.exe
3680	msedge.exe
540	msedge.exe
540	msedge.exe
1068	identity_helper.exe
1068	identity_helper.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe
4952	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 540 wrote to memory of 2444	540	msedge.exe	82
PID 540 wrote to memory of 2444	540	msedge.exe	82
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 4664	540	msedge.exe	84
PID 540 wrote to memory of 3680	540	msedge.exe	85
PID 540 wrote to memory of 3680	540	msedge.exe	85
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86
PID 540 wrote to memory of 1160	540	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\328ad8ee20ee2a672435d871917c23f4_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffef99446f8,0x7ffef9944708,0x7ffef9944718
  2⤵
  PID:2444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
  2⤵
  PID:4664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2708 /prefetch:8
  2⤵
  PID:1160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:4196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5600 /prefetch:8
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5600 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
  2⤵
  PID:3240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
  2⤵
  PID:2756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
  2⤵
  PID:512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,6207265483291860273,6999942957706144824,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4952

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2204

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3580

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
bff26eef0fc64dcadc712eef2287f608

SHA1
61ff95957e7a548fd1e2529a26425d0477095de0

SHA256
17e00b01c81990f03417607bfac2b227a7fdb361222bb94579aa6d8fdbad5c04

SHA512
06e227b0186b4ff481c3f2e6177e31d3bf67075e967726eac0e5bd1f9aa8fed6523c5387dfad886e72d1162beca0f07e1d0d1a9b7ec8fad7a4bea8bf4ef9d433

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
787B

MD5
a62c3f25e5b62576c0feee923ad06878

SHA1
a7b3031a5d046fc4075648b89b60e48eee28cb63

SHA256
9edd2c81b5dcf7b05ed5064cbe68cd517f2da676f4c5934fc1ca0dd4b92badbd

SHA512
3969bc6a3d147ffc445a0fff6ede0aae09424f083cad87b6e2a0c4763164019a743380aadbde86b7ce00e1ee2d73bdeedb83899071241af1a9e257cacedf4285

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
225c2a007f44aa47c78d778c953a3c7a

SHA1
bb6b14492a939172376b9e24157ec4ebfb3e435d

SHA256
3329bfa3cab8f4a2c7cf301f99f4778ddb5b2d40afacd9473c226a566900de94

SHA512
50a1d497ed036c57e332dbb0fb200e2b957baae92e1bcb8ed66c38f824c13f45aa2d7f693ef8d9532f5b13dd64d347f48541c258e700c75f41d461324ba60c1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
febab19c1aeb39152d126b1e1907bd22

SHA1
d297b0b8cb30de1b3be607022b6bf10f4e3776e3

SHA256
462719520fe476cfd845f0c7817725c54c97f4b90a851e68b1fa95b3b32bae1e

SHA512
d31a4a003707a5f6a0003ee89f22f2c3c1b0352cd1af0a42cfa668e5d89b22866e1eadbaf4f6f13561d329d8fcee5634dd3202d58611f42bc54cfae4ecbaa157

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
eb36677d7faef78ad14f5be3e4c9309a

SHA1
b9ef35c628cbc7395aa0c7aa3ebe94559178497b

SHA256
d76e7706ab6c15f13062bbb5328ed209244eb4509435956e666ad0e1d5689433

SHA512
f274cec96a680af9c21e20df44b9de8c2c05f983e8b974015be395c0ec78fcc57e338958938e1d3de29bc897f8932106c4e77656b158cc1e97e69a887776724e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
540B

MD5
e94aeeb13d38211f03dd4486f2c7bbfa

SHA1
47dec4e041f452f45ed6c0ef95d2d4b71ba007c2

SHA256
805e44b10373de5d5486eefb487b423b35e91f58ca707f14d962579125ed3259

SHA512
229a36e1846b12946031b57e404d2a02cdb5a664d19793801d22be815b2d01fc26930ecc51d30bc74bce1f5d98e4031d0fbefddd5119b86e7ae95ac74ff29142

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5802ba.TMP

Filesize
540B

MD5
4ba30071c3735159ae8cf539e95e3bf7

SHA1
44d8ab6c4466c3637c2f11b6d82b693e8bd2f32b

SHA256
697c7b2dff18a40ff6f19f5ed277b4e675285bfbf5d83d0d3fc3ea6a84038ae2

SHA512
69ae8e532e5905926c23dc8c8f87d2891be1911aad88c1ffd5df3b3e5bfb100602e431c9611bf638c7476b2620dfd959264a0d0349b8ed2a8fcdf481276ebfc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
38e49cfb89ae5f0345956dc5d567ffc5

SHA1
f007e47dba485aa135f17c72f00309ab96fc4581

SHA256
ee1afe13d062fb07e4bde495dc5ea240bf8bd12ce16952c3d81ff7ce46446392

SHA512
c63b8f88bd9ee6fcac51d1ac8d331041719b60c1f6ce7e9e7c30fcaf9262eefb8787a7abbb4a59729eed890443e86e16062aacae04f7bab8c0326dde136c5675

Download Submit