a307426baaf78544b4d009474ea610523d66b3964cef11e1f140b0b5e8f82bc5

Analysis

max time kernel
139s
max time network
136s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
11/05/2024, 04:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

32b9e7aed050ef0ac7c26271ac11fa79_JaffaCakes118.html
Size

82KB
MD5

32b9e7aed050ef0ac7c26271ac11fa79
SHA1

f9d013b7f9d8dcc33b2285879459eec9545af01d
SHA256

a307426baaf78544b4d009474ea610523d66b3964cef11e1f140b0b5e8f82bc5
SHA512

202658a8edcc30b7ebe18494bf402a81a641fe966700d6109e4344b4f78ed806a42ea7583381ba09f5e618fc04a5d7055f26642fa47d3961980727b8107329e7
SSDEEP

1536:npPMlbN6FJbTM7NbLxS1lSWE5/ezOlSYqKyM4WvsUWZkojNqZnR0pD:npPMlbN+bTM7NbdgE5/ezOlSs0UC

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4252	msedge.exe
4252	msedge.exe
1816	msedge.exe
1816	msedge.exe
4888	msedge.exe
4888	msedge.exe
4888	msedge.exe
4888	msedge.exe
4016	identity_helper.exe
4016	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe
1816	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1816 wrote to memory of 3420	1816	msedge.exe	82
PID 1816 wrote to memory of 3420	1816	msedge.exe	82
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 3608	1816	msedge.exe	83
PID 1816 wrote to memory of 4252	1816	msedge.exe	84
PID 1816 wrote to memory of 4252	1816	msedge.exe	84
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85
PID 1816 wrote to memory of 4152	1816	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\32b9e7aed050ef0ac7c26271ac11fa79_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffad02946f8,0x7ffad0294708,0x7ffad0294718
  2⤵
  PID:3420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:3608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
  2⤵
  PID:4152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:1272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:1204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3036 /prefetch:1
  2⤵
  PID:4036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5136 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4888
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5944 /prefetch:8
  2⤵
  PID:316
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5944 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6533343447658150696,11060697777496907572,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
  2⤵
  PID:2836

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4036

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4640

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
717d6877e41b4e9956b91df9a0b8ebf1

SHA1
66466dca298ccdd8e84ce58916632eb71424b30e

SHA256
9a72319f85a548377319166d9922986ad1c7987313f914a5c925e7f06ab10e2e

SHA512
f60be2c1054a4426a8e785fac2c817ad8fcf82b2de159972cd1144b8bf712ec2ce937fee8b7e6486cf4189b6bf9230250f0ae4b34c34b786f585056be6853e55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
473B

MD5
f3854d56a71d9321ff3b8917e1221413

SHA1
0ff4feace398a575c98d22853495480b63461f04

SHA256
6be717b7a320cff54da6c1826742ab120284a4b3edcc94febe5cd5c9e3c48949

SHA512
578be360c261256228ec76bcf418338fa259178f75434bffce4f2a9b62d0b61929aa01b935d4efb018ba392500a8091cf001db51e9ce0103db6ff052297d78d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
80eef36f5c0d1050e0edc40422ac1112

SHA1
6f44f3fa69a161c277283b90899a1188714262a8

SHA256
06f7a279ebe70dfb684828119a809e6ab8d2e90c71c65ac5b3fa4da2f52bbd0a

SHA512
75898980cbdf49c99cc1c5e59b1b4599edc63a0676c6f0c866c5235bc8e5504c3df6e04739c3e2d8f51161902e0f269348617fbe6b23da39ca32ad7b69ea3291

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
eedbdd1374792f10c574154f032b15b9

SHA1
c86eef29fa92bd6b9e4d0a2b2136b8874a5146b1

SHA256
921e7126d78d2b380e804b3e702b1d3d0e09536f037d58f5779b7c0efd9e24f2

SHA512
b272e04dbc1101863685de4f94c09dbcbab95800ad8243e4052ebc3bf76aa34be75af64f7d3700f8e9f75192f88bf80700ceed61a7a20a0c25040f0e5ec337d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7facacd67c2f9fbdbe7c827da0e5290e

SHA1
d52c9f101f3a703c437c0b14d52d3cb18938d415

SHA256
6cb3b2ab8c185abb87e29b2b3a7c2f42cbf5b653a2f32aa5ab55811c1211de36

SHA512
37faa3db352a0d40eee82de4dfb638929ddfcad6de2627cf0db206a518b53c0dddce3f0dacbd20bba8520e152ed8becbb02093bfc28254aa90a150b86e837835

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
780eb029141e3ceefd41967eb5d2e156

SHA1
d5a7313b6c5bfea5303abdb2ef15ac52e8adf30b

SHA256
91c1d599b1460696a103b8ab01c03003a081330255abb7110a275ee179c94acc

SHA512
0b4035995231ccc68ee3b6d7071b97c3c10c009ccff49788bdedc4a86efb8514d31d7754df241d39d0665cb9617471a9581dee26b8ca738b63a30f18bc0c451c

Download Submit