241638c227ec92646f6c1f7559d1bfab1e66d222f0b7be34837c0fc5c1e794d4

Analysis

max time kernel
145s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
13/05/2024, 06:55

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

3e3ef702edd9cf7ea3ab3064b851c7fe_JaffaCakes118.html
Size

49KB
MD5

3e3ef702edd9cf7ea3ab3064b851c7fe
SHA1

d7cb00b28778cd46cf9a08f1fedf941bd6af4a8f
SHA256

241638c227ec92646f6c1f7559d1bfab1e66d222f0b7be34837c0fc5c1e794d4
SHA512

d89db37fb7b79480f204357422f1b3ecaeff4247d57bbb8de0aa48cbd53c01c3a66caa45a7a6249a2097805b92d465870f04ef3098b5a24af2cf266c21d0ee61
SSDEEP

1536:iiz0FpuFum44tVobZTVobv32VVobLvVobal884orPhVs:7umvkQFOal14orPhVs

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2776	msedge.exe
2776	msedge.exe
1224	msedge.exe
1224	msedge.exe
1728	identity_helper.exe
1728	identity_helper.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe
1224	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1224 wrote to memory of 4708	1224	msedge.exe	81
PID 1224 wrote to memory of 4708	1224	msedge.exe	81
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2060	1224	msedge.exe	82
PID 1224 wrote to memory of 2776	1224	msedge.exe	83
PID 1224 wrote to memory of 2776	1224	msedge.exe	83
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84
PID 1224 wrote to memory of 4616	1224	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3e3ef702edd9cf7ea3ab3064b851c7fe_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x40,0x108,0x7fff8c3c46f8,0x7fff8c3c4708,0x7fff8c3c4718
  2⤵
  PID:4708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
  2⤵
  PID:2060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2708 /prefetch:8
  2⤵
  PID:4616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3148 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:1
  2⤵
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:4232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
  2⤵
  PID:4460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2568 /prefetch:1
  2⤵
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
  2⤵
  PID:4224
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 /prefetch:8
  2⤵
  PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
  2⤵
  PID:4608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:1424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,16570818802920278156,503672341685226060,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5168 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1364

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4272

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1596

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
741B

MD5
75a42a5c54ce3f29bcb8b7df59d4aa4a

SHA1
c64b159f79807009b5081c17d6aca56fc89796f5

SHA256
7b71904690d23008c29060071c5631c4a3f77dd7fb6f51bca2d5105f5f2a1c3c

SHA512
88272173ca285cd1eea628bbf1ac3afe4d85c1d12bc79d54772da7710c2a39bfbb1b663e8f49eeaec28fbdd88cc7d4298d296fcd3c1ec180bed37260d47797bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7fdd120933e08609fb021d75fd7973ec

SHA1
813d7ed0acaf2e04d06e01660d353f62227e1988

SHA256
230ce3ca672d78cd9b0723089f18aa650033b1948db5f8c47736731cbca9e20f

SHA512
4e2fb8b7524ee571f3b41158f643f0c5ac2520409c74d0caddd6c6fb50b398acc8dbc0795e5d6230d685d27c3be271023521c6f03c993b8d978855fe6b003383

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9a96ee27a6a1de2a07b4805040f41ad6

SHA1
dec77a2bba83b0558fbbdd5bad42c0600bf6ad1a

SHA256
0fc9cd7d6994879ccd1c8d573dc29da025d7607fe87d7813fea3cb72d13bb991

SHA512
9ca56b1e8ee9fc821356ba963135ef844cde26cafcad24c0e1cad4334273f1f123c06be650e6bb1ba340b06257c7606398f978a7ee15bcde3383c27589ad863f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b2510f8915b5a7aa7bb04c55e2971da0

SHA1
811d319283ba07d4f5d4312b156347c582869fb8

SHA256
9ffd11c6d6e80cfaa2e964bdef11f04e95e3fd588a88791fa934b3a46ec592f4

SHA512
7786683931709e554a60e87a25ae472d807c1df3b0f9ba7fb80d980a37ad9081ef097a9e70f2f8698100738f9fc831ad39855d322036e45b1083be6fb816a498

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
5fb199ae014d3b7b47c3f2c31940383e

SHA1
31cb5aceca9669405001f8b947ff0a8dced285fa

SHA256
b6b08a6f94f3c24fcd824b46116073cae432c0e7e49f44df743eff1abd3d064a

SHA512
1fff0c02caecb13bbbdcc6bce496c53b548a62dc24cae8f718bc38b5376ab49fd6e425793eb6377fe5db57e6235685bff6d2c9fed678dee483e921f6de4b5f3b

Download Submit