2f65bd980a3b0815d53c1260e51730201fd82090a5ee060f80a4468195ba735e

Analysis

max time kernel
145s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
16/05/2024, 04:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

496a56432f88d39b70e77ac44a952ac9_JaffaCakes118.html
Size

64KB
MD5

496a56432f88d39b70e77ac44a952ac9
SHA1

22c1c8f529e504dc34519649b4eb6c25556882c7
SHA256

2f65bd980a3b0815d53c1260e51730201fd82090a5ee060f80a4468195ba735e
SHA512

30ae379a3cf5c54624fc1dc4c51b679b532cf0317e52fe83af7b375daf0923a4de7885aebdfbe477e1ee3757685904806da71c7d28eba832f98aed06d3b28a0e
SSDEEP

1536:oRW/DZVu/+MIP2qwQ9qw2wOGO/OZhIx96tbtmM8CjmFElcXJsijJ6hwCf3lSB58r:oo/DZVSrIjwQ9qw2qzhwKlSB58fl3zu8

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4412	msedge.exe
4412	msedge.exe
3796	msedge.exe
3796	msedge.exe
620	identity_helper.exe
620	identity_helper.exe
3520	msedge.exe
3520	msedge.exe
3520	msedge.exe
3520	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe
3796	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3796 wrote to memory of 1572	3796	msedge.exe	84
PID 3796 wrote to memory of 1572	3796	msedge.exe	84
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4040	3796	msedge.exe	85
PID 3796 wrote to memory of 4412	3796	msedge.exe	86
PID 3796 wrote to memory of 4412	3796	msedge.exe	86
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87
PID 3796 wrote to memory of 116	3796	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\496a56432f88d39b70e77ac44a952ac9_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9924846f8,0x7ff992484708,0x7ff992484718
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:4040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:8
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1304 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5352 /prefetch:8
  2⤵
  PID:3276
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5352 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:4660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4644 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,15031751254177499955,1729655734620868398,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
  2⤵
  PID:400

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2888

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2804

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
79aeefb8e1adae6f0f50635a79db61f6

SHA1
fe5991ad7f5d2f4ec50cabd6a6511822a19c3db0

SHA256
5f893def0d28a40977ff89fb8633c44a971e471f8dd0138fe062efd8f02fffb2

SHA512
eb2ec7cfb3ef6c2f958acc7bccd7ba3886c2613bebb73dc49c70d3bb6ca297855512aa41ba9412bdd4048737c0c48192f5894560fd2ae029e3e7502d18fb0332

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
484B

MD5
cfa5097b8d9158692a865ba0108dc1e2

SHA1
b61099c0c6be76c39d6ac1f955cd31fbec25a351

SHA256
4cae67f56dd895b3c51c2db0b798a4df63a688cb2dd2b3ff98ab46c0251d401e

SHA512
9b600604baddd2b89478d29922a5f4dd880c04ff7e3fc13a3c9901aa91d36a42faa49a55855209e5efa75fe513b8d6b3319865c9c250ad1cbd248b780ef5937b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0cbb50b14dbb370d42e264218d669e86

SHA1
dddbbafb845a769015d37ea3364d48633c064573

SHA256
fa57c1505bccde40f20cb27c6b24caef9bc5d35c0ea71479cf0578f175c4c708

SHA512
dcc898a243c971f3fe7cf505a8edfc493abaf4c147c8bdb1257abb0cf67f5ad5c3716a30ca23adfcee893bfbf4dfb691dcfc93c5d2b387dfd97b448e1870106d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
10af2365fec0ba1909804c68f4d00777

SHA1
74171cbef9502c6dbf0a390546682a2c051e4883

SHA256
56a6c0c3142f4c37103ca31001575db590c452a98b2508b104890948077188ff

SHA512
75c393075f22d6c9d28e8e02a57e2573bd39afa2a547e780c7507b9ad4a445a0a2ae4dea92fd2956a79b49b5e2f3f8d2053bee794b68bd21151d8b17ca0c18ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
22da3c01c9b5f7a8bc5ba436278d250b

SHA1
1b44ab3993078a45cd4c59f56629fca643238b50

SHA256
0a28baf05ef500fa76be19f71d256a7f85871fb19160bdc28df0918ad66c0fc5

SHA512
0f8e45809cc1f65e38a654ce103f85d89c26579874fb6d728fd36d9ed8928c425e7fdad3916b76061363d1644852aedf1e13b6636e604135971a664003fab5f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
ab99213cdcccb1b1a6005f1da3e6cadd

SHA1
cfeefc66d0a5e4855074d881e543504c17b0350d

SHA256
772f8560474f7a49b6b9fed07358bf1806a42fb4166f58a683209926cec5f2d6

SHA512
876835a7c9236d5eb0a5bd16f8fd73c777e1b9cd605a3d34fa1d7508ea71234c417aa68fa76dec2d42eb989712ca8a425768c8bbb00a96afd7238eace1a95672

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58dafa.TMP

Filesize
204B

MD5
52aacfb76be8710dd3e8a8969b813a9f

SHA1
75d616aca6d988d5f0f9047991ababc6035f887d

SHA256
882c492fddfcea6332b1d1606a78209939833eb126bff1299fc580d692922a52

SHA512
dfaceaf24a4855ce99dafaeeff5794e44f0644940145b9ffa7b41059ecb471b3fa06eca74a77b1269e310bb7658a40e4a5a8a9fcaea550357b817a3d6f0003ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7532edcc193ae9b19eb9cc30d02c69cb

SHA1
58e51c5ed801da3edb9f063c4c3b3f3514aad14f

SHA256
6bc3b0dca187ee4f2f7b97982bbbfd21c82fb8220f64e4baaf4501aab0e5991e

SHA512
15e634e3a6031a44809b7cbb9517c118c89eb2c63c20d1230516f256b0c30be77a471f9174bec548eebbd1d28b6a216b826d8a2acaeee950292121ca9a48ac03

Download Submit