c27e806f2a66774c78711a52bcaade05a0b46cbe4618b48a62fac736763a0bf9

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
15/05/2024, 20:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

47e7da02f00302d790e92f454ea91327_JaffaCakes118.html
Size

16KB
MD5

47e7da02f00302d790e92f454ea91327
SHA1

33df393b6704777d55a6a05c5cd23ef8263e8f45
SHA256

c27e806f2a66774c78711a52bcaade05a0b46cbe4618b48a62fac736763a0bf9
SHA512

7c46d6b977a25123949f6b2ba70143ef97849ca98c7b9035545d3d62a5a7095ef6e065cf536f8ffe38d6ad2abcc5bb05b759ef89570922e88c29b353fcc20f6c
SSDEEP

384:ra2KdpelmS2nJQTLu2hV20pk5XYFM6YFsCir1KlHnoM2bD:SJAhVVk5IFM6YFsCir1KlHnoZbD

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4436	msedge.exe
4436	msedge.exe
4876	msedge.exe
4876	msedge.exe
968	identity_helper.exe
968	identity_helper.exe
4836	msedge.exe
4836	msedge.exe
4836	msedge.exe
4836	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe
4876	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4876 wrote to memory of 4848	4876	msedge.exe	84
PID 4876 wrote to memory of 4848	4876	msedge.exe	84
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 2752	4876	msedge.exe	85
PID 4876 wrote to memory of 4436	4876	msedge.exe	86
PID 4876 wrote to memory of 4436	4876	msedge.exe	86
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87
PID 4876 wrote to memory of 4540	4876	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\47e7da02f00302d790e92f454ea91327_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff82abe46f8,0x7ff82abe4708,0x7ff82abe4718
  2⤵
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2020 /prefetch:2
  2⤵
  PID:2752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2580 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:1112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 /prefetch:8
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:4220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:1
  2⤵
  PID:4320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,8029830262184876305,11354946618165135627,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4808 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4836

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2772

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5036

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
537815e7cc5c694912ac0308147852e4

SHA1
2ccdd9d9dc637db5462fe8119c0df261146c363c

SHA256
b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

SHA512
63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b167567021ccb1a9fdf073fa9112ef0

SHA1
3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

SHA256
26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

SHA512
726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
cdd56f9de7fefeb2826386f4fd19c99d

SHA1
f045d0b2b97d64c07930966bff881d548ea2e995

SHA256
7bb97320c2ecdcdb8173cd7a6adc92c4155835b3d1d11fded24bdd5d6459cd12

SHA512
ead97af152e85a0613d3b58d1fecd7194f23fb22bf421ea376aeb2d0377a0d7a2cd098a87306be3d10c1c430299687662d3aabe29de435efddfd9100483d3c4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
582B

MD5
a48720f69904cd7bad16af29f05981ff

SHA1
c303eee3b59285609c71d71f3256299b9ee738c4

SHA256
e92a9653513e8a5d19cb274ed01d9a53a08d9c1d4d38dfdfcc8723f235bfc9d5

SHA512
f1d2ff00bfca87e916ec3ad6bafb4e3733613fff93f207f0406aaff1dfaaeccde1e3e479b0ff28f4c573c341a4e931b5f5be9f37e242f83f31cc22db1ec3904a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
644B

MD5
085e60b0514f4b818f231d97d1bf8e80

SHA1
a32ba7dce72a629acb839e3e51413127b60f90da

SHA256
0a65450eecac242b7bf89da5be90564abbb01ab631944ad0fb523789c2367ec5

SHA512
186783857d156d77561b9408c0f858727e11bb0b42535c4ea47ee81835aaacf39857201d9847ce7cad374c3121361f8f458858b9846160cb6623daf5071d32a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2c59d9c6e479001067d6e90dd2084bcd

SHA1
e8a607af8924870b57106ef89a7943ea825a7bc3

SHA256
290b116ab104fd31b0500fad49227549904908822caeac65c4c76fcd08de0bcb

SHA512
4d9309f32505b1f59e731fa6dc4f02976507384159214596e458b431a1edf0f067d46bddc6bbb4efb960142140b4236a3ebddb476be26e6b78439aaa7d6e0c5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0dce6594ef5cd1f492d3618784771dd2

SHA1
184837842e1ce758fd9e68e5c6bdebf2a3f6447d

SHA256
8dc35c35963e2ce4c0581838f8df8e60ba1d00ba033f2ad3aabc7718098f703c

SHA512
36e42a161202d683edfe88a74cadd70dd5f4e8ba5bbe22cb54da28a19c2c72582d0f5a18e01883638848ffa37f1854621528a2deedb62fa338b530de7242ce95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
70453777e8f30b9bc48845298acc2527

SHA1
1fce7aab08f0168d08338e010b847d95b36af5b9

SHA256
ed1979ab3a2b61b48925dec6ae67c0cb7f114b24f03bbb9f6e59c966a33382f6

SHA512
8b1aaf6d6e4cba8403b73d5e480e73b9c631a0a6683e5bf8ab44fa2f92572f1c7f185dcfef32654cad86a8f1ea5403c050d97437824c7d4252eadeb48dff4dc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0dec470d7687dc3d0fd330e0b55146e5

SHA1
b8f359fe7dfc290880e5fbb3d5ad898ea7632245

SHA256
3244252b2f74f40f6ca917e0df48f2e34169f48984965954f74fe7d9d1068c8e

SHA512
8102344a1f9b83f84ee35499f6482cd16630ee79a9afa8c94b1c0dc5a3a8ab4c39b4fc1a452ac876152456007b3c1072a74057ee69ea94041c1ba825bbf071f3

Download Submit