ebd798d587b50bf1c87cc5dbb9fef0769df1cab7d87ca25f10d11e3e51f1965d

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
15/05/2024, 06:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

44decc703fd94490606d38ab9d65786e_JaffaCakes118.html
Size

30KB
MD5

44decc703fd94490606d38ab9d65786e
SHA1

c3c6f769bc88015f38f2b9f093949e0c5f393189
SHA256

ebd798d587b50bf1c87cc5dbb9fef0769df1cab7d87ca25f10d11e3e51f1965d
SHA512

80629a24da740dcf98dffb1ad6d59cce8596ee3f0b36ebbe1080d98b620903f5d9c3d1083b81d7c59ab808824c37f2275e6398acf5bc9f59a9d0db48cae78300
SSDEEP

384:k66OlVo15z3dIlk7DeQExgm/yfQDAWMZA2FvWWWU:k6j/2JeU5fSn2F+w

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2952	msedge.exe
2952	msedge.exe
4268	msedge.exe
4268	msedge.exe
1772	identity_helper.exe
1772	identity_helper.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4268 wrote to memory of 5076	4268	msedge.exe	82
PID 4268 wrote to memory of 5076	4268	msedge.exe	82
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2736	4268	msedge.exe	83
PID 4268 wrote to memory of 2952	4268	msedge.exe	84
PID 4268 wrote to memory of 2952	4268	msedge.exe	84
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85
PID 4268 wrote to memory of 1804	4268	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\44decc703fd94490606d38ab9d65786e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffef86946f8,0x7ffef8694708,0x7ffef8694718
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:2736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3060 /prefetch:8
  2⤵
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:1796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
  2⤵
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1
  2⤵
  PID:636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,5310150389749922884,973054808086526185,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4856 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1476

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1392

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3004

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f61fa5143fe872d1d8f1e9f8dc6544f9

SHA1
df44bab94d7388fb38c63085ec4db80cfc5eb009

SHA256
284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64

SHA512
971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
87f7abeb82600e1e640b843ad50fe0a1

SHA1
045bbada3f23fc59941bf7d0210fb160cb78ae87

SHA256
b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262

SHA512
ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
381cb27dcdd0631a5f780fe71ba2da84

SHA1
8bb4e0fa6715985903a26fcdeba9aa5e71db32f1

SHA256
3b53e36dab7806c7ad4e2a4705d9fafb22b729100dda148a39f5c3b7e7353983

SHA512
08bf052e5b6e874f99e47782694c5f5ace66025f4679982a81149b1c1f8e7d84edbb7e5c8e679f3441d71208a425ecdf3f49db366e072ddfc705d9792121235b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
43b9ed2d64aaf841485fd33d3147c7cc

SHA1
8d65e21b73d448f94d5cf05685be8e951de22a9e

SHA256
0ab5aed321fc9e153d458d566f1ff830acca0ae0996c42708086bb592c1a716a

SHA512
36cae9a9cd0e33d78ea467ddb998fe0bb9b24c09a796f815bca8879000865fd3ef908e3dabab6b02207d3e6a5820eddebfa6250a59a68a45e24db91a4aba1a96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
77ae50c3ae62800edce8d48f45bb028b

SHA1
034ce4a49d6629730567800a1639fe7358f1d73c

SHA256
16933d12b356494d4af491ef68515e4b642feb96a0c42624fb23c400f967c4be

SHA512
d0975914ef1e1aed6fc312c24aed4b42c153d4de7ed79eaa979e34fe3edb7ef081b435c19cb7f69cd4347f0c5e8d833ff364cdb1e4ec2ebe484061319722211d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a0c3819fe5f55ff8f4a236f5119b3bdd

SHA1
d56da5014df4b087a67a2a1f6c7f930048fc5fef

SHA256
062aaf288b9abb0f23678b23f0d99880ba282d0089989feb97cc0ddeaaee8687

SHA512
3a37bc2ef810675afc721a189779d5d94c5545b56afb354157596c01b962b93fcfd693e4a2e32073fb355fa60ba9a0f95312611c517a19269ad6e70d399a7085

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6f16c663b9a1f3fcb2d80e7c34a5b188

SHA1
c67f7a2c1b6977fd6a20efb0a07d354ce2c25643

SHA256
a6984cb0babfe1b743d1d910372412c90a3bcb2260f49d3d65ee593407702ff6

SHA512
b7f9414735b6f33547eb07df3c1698d0b6377e96dcf8875c2983af3f65dabe238071c805950ec1f7e6ba2232fef414aaad760f792e0d6203de667b541b4767f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
879a232a9a605576297aeeb7ddc2d394

SHA1
1646c20e1cb5c8592e3ed447435b00bee766e4e7

SHA256
ff3b268729f75b60ffde46acceab723ab099854929a2dec5acf0502d06ab8317

SHA512
04d8eafe9c4eef9069740856db89792c585b44e22a3dd63b1483bde19d7de9f607fea626ec03f572e14536191bc8a0480b08b5d4a8e87a3dadd16ccd516785ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
fb8934849a207ed22caac15d98598484

SHA1
d95327dc6c986734eb5b9eea55d4b346d36812cf

SHA256
5d80a4542f9d16b6212488f0bf7527fc4c155b2ac0f53527e18e8f710697a985

SHA512
6e0fa23d2db9bc01ffa0270910c6746412e3cfd565f85678f61da86b336a7f8e481a3b956c7ab5a2c40065daffd5bdb35b2bcc680cc450466c0d6b6360157029

Download Submit