9e29a9c92f8ae531c7ede151b9355d87c02b7da0fb5dd8170319d17db3acb100

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
14-05-2024 20:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

42f14230e868c38749a9a54a137625fa_JaffaCakes118.html
Size

17KB
MD5

42f14230e868c38749a9a54a137625fa
SHA1

40b8d865c7dc7fcb7fa75eeb870c4f33f1382fb1
SHA256

9e29a9c92f8ae531c7ede151b9355d87c02b7da0fb5dd8170319d17db3acb100
SHA512

1465e6d9d9fa2da18d556d74a5baa934307a839960f7257ecd6dafce8e6508884e197acaac4ea613e600394cff25fef157ed649b8f39868f2f494240f87eb875
SSDEEP

384:Eo/Nh6bsdYKXaHiHRH9HIFSovJS8wFIGri0PxEvBzz:nVAIdYK1o8az

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4804	msedge.exe
4804	msedge.exe
1284	msedge.exe
1284	msedge.exe
3644	identity_helper.exe
3644	identity_helper.exe
4012	msedge.exe
4012	msedge.exe
4012	msedge.exe
4012	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1284 wrote to memory of 3592	1284	msedge.exe	83
PID 1284 wrote to memory of 3592	1284	msedge.exe	83
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 1652	1284	msedge.exe	84
PID 1284 wrote to memory of 4804	1284	msedge.exe	85
PID 1284 wrote to memory of 4804	1284	msedge.exe	85
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86
PID 1284 wrote to memory of 3096	1284	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\42f14230e868c38749a9a54a137625fa_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee1a946f8,0x7ffee1a94708,0x7ffee1a94718
  2⤵
  PID:3592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
  2⤵
  PID:1652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
  2⤵
  PID:3096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
  2⤵
  PID:1952
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5624 /prefetch:8
  2⤵
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5624 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:3368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4016 /prefetch:1
  2⤵
  PID:4116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:2836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,14906255033433901261,13657253520012045391,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3088 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4012

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3504

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3064

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c9c4c494f8fba32d95ba2125f00586a3

SHA1
8a600205528aef7953144f1cf6f7a5115e3611de

SHA256
a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

SHA512
9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dc6fc5e708279a3310fe55d9c44743d

SHA1
a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

SHA256
a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

SHA512
5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
b913fa15c989bd1359b5cbabe10fdb37

SHA1
bcbfc2f3a55127a5bc9a28a2447ba21b857ce3d4

SHA256
20f86be570e5098df956e780c3b1bcc0ef2c243ee09b00005281848c2e4d8e32

SHA512
f49d50ea7b9f0457d428afb893f8ce485f49a6d4654128cfcf2bf7415a52ad7fb28c4d7bc55ac238c3977a7b8fc45c93f796c472af61b49ef02d16d0d2a4605b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
399B

MD5
a2cdc69a3c96a22ba0786453be9d860b

SHA1
35f74cd3cee4b26b1f89e0431ea16ec89a1f714f

SHA256
381ade82e6bb959b16c1d93845ace7aca3e0f628ec49ae33262a3ba346edd4d0

SHA512
a1889f92223c0fd35011be8682b0551354267cdd9b9275cd75539477f50d8187b2d7e96c8181055e467610d917016e8dce45d63cf37caf491a7fbed853ad9531

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
2b39ea77848d97a781dd801f65603385

SHA1
ef71f1ab54057593eaac12a418e359289a0b8b89

SHA256
4c3b67d3f67fd11a272de66902e716301bb30cb229aaba7250f62f7f3827d472

SHA512
45194e42b7f9a7cf6431f7f681d68be931bcd3a0479dd6f0878665c5e176171fb87ab87a0b7fa511165b2c266aed6bf24fec66247ec22f2dd29b6ce8a36ffef6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
371884703ff76b678668631ca8c7f21d

SHA1
90e6e54cb5cf04059e0a2cd90f31d7e6169d6c4f

SHA256
bd77b3a2256b29459696a1ce4f405d1b7456577530bf82aed8f3663453f9641d

SHA512
8a5d8e4daea369f0307783b87dfea9111a7c7231cdf48d5bda4458f334e228e594c0836bc5b085ff7033e3636e63f45ea423aa66a02541a58b0d1cb808c5dce6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
dc8d6ca874351cce845bb839bbc6601a

SHA1
54ace2e742dd6ec66fab834a4e2eb0f9f9621209

SHA256
cf7c0813ce2b1fae1aea37b9e5887d48c8d173b81048745f3d8ad4451327da33

SHA512
ff184e9d205e18356bc138eeed460d644980cf5290dba57803e614324b92774bd81a29e515ef861e37cea9cb3fa75e79703a25c2020762a52bc0d2711789fff4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d2b1.TMP

Filesize
203B

MD5
efa2ba60ef710ac83c0a3fe25415b1a6

SHA1
4e26ba28b7f5fd2854c8bd2523ef3f877344d877

SHA256
e0ed383b65a9130fa65ecb77e32fdaa403e073240f2b6fa1c593d3f17ebd0872

SHA512
419982b815301ba1f882a22fced2d2bb5f133f4d4f40341fd95f83df85ddf45dfac350531f61f058553c92c0062de98ca34c633106d9934789cfc88aaabd89be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b821afbcfccca1c70f145248853831e1

SHA1
efff80deebbaeb3d842c28160c93d5007fa257c9

SHA256
f7501729e648d22ea92e60d9a68e724057596a21c8eb95c91c3f8ceb382ab27a

SHA512
b723381b8445b26f361462daaa7f34867b691e89100466d035929358391cd02bb2c55128189e9aef4949ed7e7b0691c733f605e6a6886902ce94333b2e57c66c

Download Submit