fd6c8857238627966a2d899b8758d376f70735b8cd076ba207b7fc1e3c7593a7

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
12-05-2024 08:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3914ac3e574196454fbd6b464c24d568_JaffaCakes118.html
Size

29KB
MD5

3914ac3e574196454fbd6b464c24d568
SHA1

f50765d9a45d7df4c9efb6836b08fcfd684c2d4a
SHA256

fd6c8857238627966a2d899b8758d376f70735b8cd076ba207b7fc1e3c7593a7
SHA512

57c634fb67c3fc45c824455b8db93634e7d774ef4624fae99fbc8eb830c4c429c5433a3bfb4c778b2e4accf01bfe3363dc5126d8383daea4102e0cb51e9715f0
SSDEEP

768:uF7FQF4LFbRdZzqTqZv6G40+qJqjvBAnEWfqU:uZaqVRdBJtAzBzWfr

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3056	msedge.exe
3056	msedge.exe
808	msedge.exe
808	msedge.exe
3988	identity_helper.exe
3988	identity_helper.exe
5020	msedge.exe
5020	msedge.exe
5020	msedge.exe
5020	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe
808	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 808 wrote to memory of 3080	808	msedge.exe	81
PID 808 wrote to memory of 3080	808	msedge.exe	81
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3424	808	msedge.exe	82
PID 808 wrote to memory of 3056	808	msedge.exe	83
PID 808 wrote to memory of 3056	808	msedge.exe	83
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84
PID 808 wrote to memory of 2376	808	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3914ac3e574196454fbd6b464c24d568_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8cf6a46f8,0x7ff8cf6a4708,0x7ff8cf6a4718
  2⤵
  PID:3080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
  2⤵
  PID:3424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2704 /prefetch:8
  2⤵
  PID:2376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:3832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:1236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 /prefetch:8
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
  2⤵
  PID:1004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
  2⤵
  PID:948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,10901742778745521386,16521847387102022624,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5020

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1164

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4372

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f61fa5143fe872d1d8f1e9f8dc6544f9

SHA1
df44bab94d7388fb38c63085ec4db80cfc5eb009

SHA256
284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64

SHA512
971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
87f7abeb82600e1e640b843ad50fe0a1

SHA1
045bbada3f23fc59941bf7d0210fb160cb78ae87

SHA256
b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262

SHA512
ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
e7ce44db74d7f7b925e873fb6a3ba376

SHA1
8b9c7ceb5fc90dafd4566e12f64c5bc0968ff7f9

SHA256
e2dac98447c8ee48c17fb513776068dfb7b37aa99dd89190307e08ab4f55d364

SHA512
2f624b82ad5e49036ff6c422c24eccc8e37f2c8306571e93d9dc4ad5f4e8ff876db945480f83fc9e0a445f8a308e0c8fbd3921d1bf9863e3f09ff2b7a374d46d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
0cd0796ea903b1905249b7db0e2c0966

SHA1
00f5a80d3d9f38f87740a931485c79b99b4c1d3f

SHA256
6509ba85c99871cf77b598d65cce2ccd2a2183f531d1d0c6967ed7e2ca199263

SHA512
d1685c37cf6daf86cb479bd06a3104d759c6df7ebeb62e6bac1c5e7ac297ea3b2ed9ffc8f30aa72642802e88d2b0998472ff1c69693f97200185026c54b75bd0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
80be121776cc795082cd976dac02f7ed

SHA1
1e60b0d0be051f96dd2af9e11c685980a42c8fe6

SHA256
3584d8b6ba8e77b4e1487b0e511ec9d75672d2c4c9ffb32ca7e57af65ab95536

SHA512
f702fe96023fb8a8c79fbf98a67e34619bc3b74583d3c04f865861e556d5d9401375041c8562aefe488c4b3190dfab39602c0083e1c283fc7536a1624ce57323

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bb001d7e74846de14317899544b9ae7e

SHA1
36f8d62ea1f47d24fa9029fabe453c59befe2008

SHA256
d7db5c468e1e9db23e552c1959448938337449b08ee4e9b5afa20645d0360461

SHA512
17ac662714ffe5795d68ce5d29e6f6d1fe8cc1f9fabb05505ef78c7bf55e273e9eabc100d99632279ad7650478de450a1a764207aa4b1e22a596e03df7315c2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
5b4d55be2214df7b72196556423127ce

SHA1
d8229e233d5a8c21b4016fd5295e00dada84e528

SHA256
990720abe230bb18a359bcc6f813ec0335947f6dd646957016e9f8efd4301fc7

SHA512
41701ae5db82a1b03b594a072d80e6082c22a9a982c99e46a6dae62fe28ebb1eb9157a876916ec820d432883ee76cb9591dc76bd74e5b1ed055b28165dad6923

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a1be.TMP

Filesize
372B

MD5
bc3524e7d0c0396afc6835a8f60acfdd

SHA1
a2fbe674045968ad652b676720b49a36ae35109c

SHA256
724a3a98a18fbb336cbcb0884257c5c75d5b8df2350e0b1b38b906ebd89d9d74

SHA512
dfc667d8d517e1b444d65ebf50122c84c332d16257e4a4819efc9536569673462e657c763fa1d6e76565bfdd5c84ec731e2aa3daef70d63e99b48e3cd219f3f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
71e3ca9f7c894ea774cf73dd6598cada

SHA1
d4434b719f7a47fdcb184293e7ee55ab6ee16bf4

SHA256
2f97f28d8ab0bbda543d683792ab77c1793518ba9fa25b362bf51f4f601d9419

SHA512
0007a89e15aa0fffcbed90d8ae7a9a6fd5f7e4ff34ae4f22f4f665b84d6e35d930c236a2a9cd41ad6d3f2b79d34f29efa44253605e6f6357d4ffd95de4ecbb87

Download Submit