a1126b110347e7704a983f08ac25e107d3b165093610e68c4551a6be52113470

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
15-05-2024 21:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

482e45dde8d5b623543d5b43352fe138_JaffaCakes118.html
Size

95KB
MD5

482e45dde8d5b623543d5b43352fe138
SHA1

f45ac0e7b9979dc0184707b95367b782b8a92b11
SHA256

a1126b110347e7704a983f08ac25e107d3b165093610e68c4551a6be52113470
SHA512

2753920bbaf8bc4a7fad5f9ec920a646e329c0ca7d61f867bb71d07160f3df2b733ed77b1070a8bc16b23fb693d3d344db2995a47758bbd64d0aabd20d1c21a5
SSDEEP

1536:C8TduJPFQRez5vAVW4T/XzeArqu7noe9eQ8enu+e+eQyhqezeCeeeMeleYcefeL9:C8TdUP5vAVW4T/X1qu79ru/hQ53GlVJ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3156	msedge.exe
3156	msedge.exe
4564	msedge.exe
4564	msedge.exe
4840	identity_helper.exe
4840	identity_helper.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe
1512	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4564 wrote to memory of 5052	4564	msedge.exe	83
PID 4564 wrote to memory of 5052	4564	msedge.exe	83
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 4368	4564	msedge.exe	84
PID 4564 wrote to memory of 3156	4564	msedge.exe	85
PID 4564 wrote to memory of 3156	4564	msedge.exe	85
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86
PID 4564 wrote to memory of 4932	4564	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\482e45dde8d5b623543d5b43352fe138_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdc2ac46f8,0x7ffdc2ac4708,0x7ffdc2ac4718
  2⤵
  PID:5052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2408 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:3884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
  2⤵
  PID:4144
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1428 /prefetch:8
  2⤵
  PID:3120
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1428 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:2392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:3112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,16324792255193625207,178381320444774116,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4604 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1512

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4016

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3756

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
69cf7c762c2d6e16555053ca3043c13f

SHA1
5e844c1ce97497dc06ae7bea5a3992f749dac234

SHA256
a5e17b559e88eac4919f5ce73b422c7450fefa432fbf63a1f979b4de69596d23

SHA512
fc54ebe01e13b4fe28d5162081d7560ebfea85f2b5cab3f91a85a9216640af7752455a3ab3386142f2d8fa8d194d2b7c2715c46432e3c4e2d5c56c34297d0f2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
600B

MD5
90a22428e91ae8c9adbbbb338e292a77

SHA1
056773d5804e8862ebce3f3a4693f3fdb10b0c87

SHA256
bd2d67c2fd57fc23e0ed71ef987074643b85d9853e548e6c3efa465c96fe3f60

SHA512
b08fbc5a5f6aa189d813a89f276525dedacf91fb2e11f3fdbe03aaf732fd21c620e1620104bc66c7a14c84ac3a562dac29499b038bdb3e00594045b12f77adae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7e0523c586fc8f352ba431a784162768

SHA1
1953a7eb548c79a30e9b4367236ab0d978bfc237

SHA256
3fcca4368dcce32be73838cae8330924f727ecb0e1aa3928ee2de353cb044f76

SHA512
50d38dcdc4cadb6f067f3b0b6f02e8f28bb81033453f0141d95c94b858421b0437448464cfc17d897a83b81c018564040c2eedbb81d2d25eb0efc7d18b8fc7fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
611585f12cf0fefabef3231734285f22

SHA1
5ae6816b6094db81b9337bb7395bacebfbb8d278

SHA256
fe332557a972135f2a01585181529cb62817404d1d5d699ab4a363a6bb84c3ae

SHA512
bab01a4c22562457c94bb9117f0ee5e998aa6ba49968bfa39d9ec6c79b4f085008dd17ad17f54ef38d457bfa9baac6805be40cdeac87f03bb3a60f19a4109640

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dadeb036d9f0896c2ce0cc326cc2bf73

SHA1
4db6b76a8d14e9d27df5a9ebbdd20a399d07ae7e

SHA256
47d8e509413443366b69b4bd32b7ccf677338855101087ffbdfd3e1b9817cebb

SHA512
bc4053ab7c2b505499bbe9e39dccf6995c62620f27164b13c46260d041ea3dce993c1cee86f362e1c7e4c9724c56e228b3481a318fdbc4c6b865a923a3248f64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
03f6a3e084364323e47e078385f3f464

SHA1
c261ce192b989c3b7e80709bab29f6de4a03ab24

SHA256
9f614535942eb1bb947fedb85365940c2278c5ff14b20916b45663d2d2546c74

SHA512
6c2fda62122e77003898681827020ab15ac602042c83aadeaf0645d2dedfaec2302d1a04c637946914260ba18ac5233d00f25a3efda46e2cbf9f07adb3ed5657

Download Submit