e7ec6e8b8d0cfd157f770596473d476cc21e8ac8a775a68be000dadcc300b6a1

Analysis

max time kernel
146s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
11-05-2024 09:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

33de97cf1beb93e40d3583b8b10750ce_JaffaCakes118.html
Size

42KB
MD5

33de97cf1beb93e40d3583b8b10750ce
SHA1

3c693df0b1224eba7186cbf5caaf5a94da89f29a
SHA256

e7ec6e8b8d0cfd157f770596473d476cc21e8ac8a775a68be000dadcc300b6a1
SHA512

da847a0bd8a3620643e3b638da27461c23e9a6eb05c02e092eacb2689d71d4e95badb5e25d50c8a93a7bd1c08f5ac7340260619d16e86fb9eb8c05f2768dd111
SSDEEP

768:tCTl9aZJufDr6qUM93TFE93B/YCFMkU/GaHAKok4MTnhhpI/+BJ715FN:tCTl9aZJoDrdH3TW91YCKkU/GaHdok9z

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3824	msedge.exe
3824	msedge.exe
2456	msedge.exe
2456	msedge.exe
2004	identity_helper.exe
2004	identity_helper.exe
4552	msedge.exe
4552	msedge.exe
4552	msedge.exe
4552	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe
2456	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2456 wrote to memory of 4044	2456	msedge.exe	82
PID 2456 wrote to memory of 4044	2456	msedge.exe	82
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 1988	2456	msedge.exe	83
PID 2456 wrote to memory of 3824	2456	msedge.exe	84
PID 2456 wrote to memory of 3824	2456	msedge.exe	84
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85
PID 2456 wrote to memory of 1600	2456	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\33de97cf1beb93e40d3583b8b10750ce_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcca3d46f8,0x7ffcca3d4708,0x7ffcca3d4718
  2⤵
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:1988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
  2⤵
  PID:1600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:4132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1756 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  PID:920
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2336 /prefetch:1
  2⤵
  PID:1400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
  2⤵
  PID:1392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1544,1263904228058403959,16298497812500139851,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1048 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4552

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3616

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3624

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4b4f91fa1b362ba5341ecb2836438dea

SHA1
9561f5aabed742404d455da735259a2c6781fa07

SHA256
d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c

SHA512
fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eaa3db555ab5bc0cb364826204aad3f0

SHA1
a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca

SHA256
ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b

SHA512
e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
419B

MD5
c4033c47d353dba57426ccedccb584b5

SHA1
0a8f7af3b567f1b05fa541dabeafe87ebeea2300

SHA256
737be344d5f4ae1c3179f7cab4e1ebf289c4691f3a5ef18a5dfdee7b653b9de4

SHA512
51b3125d5eb159ae5bad57d619fd97f7f56ec1e029426a8bb6eb893378be0e35218c685b3921028b19b41c877ba9ba0fb68c91dfb02fbd05ee55145103cbd626

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e432df9e91157f6d8c827d8417a1f067

SHA1
c5b59191223e2f4dead663a0046bc06a03541629

SHA256
820ef8e552cabad16ba43644945a049be17c562c4eb1c305e22158494a671a0d

SHA512
8c25e6f834bd1790af93c3b006115af6ab72864b8d357a8c17f3d1af1d8d7ef18139abdcda9334c25ad4c7579c1afe66066f2b14121831c7329f71cd483959f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
26e5ebd97883a71fd8128f7f7cb99c30

SHA1
477fa2d3fe87c3debc87cd7f606739e59c44dcfe

SHA256
99ad25f344d85116b6abbaf431136734feddbd954b4423a266ce222f0ad4cf39

SHA512
45df3c2bcf0659e2fe4ac9ec481ec83cce4cf9296bfdff832215bc939f4801080b525f9e959a2f16461235575facfd8f355011d3898a456bc17020ec89b3711e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e1796e4e9c5319c290953db36a68ae4c

SHA1
2d7b5161aa9c3570822f6fcc779ac7d24be1495f

SHA256
2b7b1027b5685015cec6cd37ed8d003e8988f3857681d05d57c6605de12bc873

SHA512
56c6c905bb9980a97eb0d03a742ff9fdec0600c110bf83d9c3811c714bbe940ce2a2f081e4e0c901b11f26925761ef0e9529891dc8787cf16110b3e7c2ad0443

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
cd5995feae3afbf399a820f0db058756

SHA1
9e7d7d55519f9a9423d9737861210833233f9c76

SHA256
8b56ce5f7c9fbd3362b1e02e616847783e155e597a54b882883dfc57f14aa3e4

SHA512
7e5c91704d20d16566e90d7b6aa7d66c5487f25d7dad24ebdc9b11c45a44b7d71a02c59b6261b3c77f2bf84b5b24cf7217432b0a0232dbe9e252d1442c871ba0

Download Submit