aa57c9b68f19b9f6d184d1ffda4d0542ec7be23d965eefa371749de0dc861bb5

Analysis

max time kernel
145s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
20-05-2024 13:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5f44a930127f7fbdccfb95ce5bed0e6f_JaffaCakes118.html
Size

60KB
MD5

5f44a930127f7fbdccfb95ce5bed0e6f
SHA1

140defd4509f24c95eb8169bcccb8ca8ed95e228
SHA256

aa57c9b68f19b9f6d184d1ffda4d0542ec7be23d965eefa371749de0dc861bb5
SHA512

edf273e79a4085b30557dc0c31fa78a8347a9a9f58355b67abb487ac4a3d2c779e4fc8cb1143e5291392f26d10056afb712e4a4dd609a3b556d2f0009950a1d1
SSDEEP

1536:yWNz3UPMtCkF6aPpv8yKEcGmfRuXint675D8l+Z:yWNz3TF6aBh8RuXint67l8l+Z

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2100	msedge.exe
2100	msedge.exe
1008	msedge.exe
1008	msedge.exe
232	identity_helper.exe
232	identity_helper.exe
432	msedge.exe
432	msedge.exe
432	msedge.exe
432	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe
1008	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1008 wrote to memory of 324	1008	msedge.exe	83
PID 1008 wrote to memory of 324	1008	msedge.exe	83
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2064	1008	msedge.exe	84
PID 1008 wrote to memory of 2100	1008	msedge.exe	85
PID 1008 wrote to memory of 2100	1008	msedge.exe	85
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86
PID 1008 wrote to memory of 3528	1008	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\5f44a930127f7fbdccfb95ce5bed0e6f_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa3ad546f8,0x7ffa3ad54708,0x7ffa3ad54718
  2⤵
  PID:324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:2064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2936 /prefetch:8
  2⤵
  PID:3528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:1328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4136 /prefetch:1
  2⤵
  PID:1196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4172 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  PID:948
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
  2⤵
  PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:1680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:3592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:1220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,16038449014424255643,13010427111849142282,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1316 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:432

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4364

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3520

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
388B

MD5
7e582e07231bb81e7802bae1e4d32581

SHA1
b8ef7ed0a04fac1686d69d5db1a62fc35f5ac63f

SHA256
844771eb660a42d09b6db5d39f60a63d3960e5b752eb7a1e1a6261b8c91847c5

SHA512
1808c0837c26a5db52172dd399fa8b11a5df864f0fba6125458bc51d92ceabede59ec8e17c5d1ab68b8596a46c760768dd5afa0d22febb389017ee935da5486a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
dbc3b06d62f91a2ded626b615d456747

SHA1
76da923f3fa29aa87e82d57c9dd2a81e110ba4e1

SHA256
2f0913d373cb3989a8295c515377eda4133e253c36b0319f1b4b56ae5e228be6

SHA512
880fbebe08b9209ee9ff9ae86c89e226d7f3439d4a67c7fc37f8bc4fbe41ba6eada809fa26520882d149833ac01530779a3e5315a093ecc1868199871bc23d2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c95bd2446883d8f9f5c75bc20a40d7ed

SHA1
b5332c0c3748292e5de9dcf5e593863941a71a4b

SHA256
eb00548d437975da87e24607d4f89fb41132c64977ba20bc5020eb6a7ef28fc0

SHA512
933ecfdd8036d22e14d2ba74217cf3b61485461933d76a328d9f11a4960072694ec544bd9693e9a48c2f244a783f3951fceda9e8602b582ea7629e0fdb182b6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
553f24b9c95c3aba54a1b4a9b6317d40

SHA1
392fcbe669defd1dcde2e520e23cd4aed1f23f1c

SHA256
6f31657579ff394fbe1cb89d44c9af1d3ec5580e98f029e0bbd6e568227ed6be

SHA512
82067fb1037dbde555b5559c5260ca9878daf9237f05ba8503bd1eaf4775fe39c5a929cfcfbd70894bd3d7c42b5ffa3158e2de2a503895c5753257e028ca25e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
98779c1a5dccd5b1517c9a5739fd8d78

SHA1
91ddebd744372bb2604a96da9bd48d732bb29922

SHA256
aa1997e76ad7eae9d15fdeb2b702976b5bffa4c6fa6a12cbcc000da919c12085

SHA512
108bcc3fb13883a921dc2f5b9d980d98d8c1cbe7a23941d8af8dd2702b3ab053652a7ab17a6f60ba5651df2d4c92fcc19d743ba1f7ae27094e0b3916e07aaa42

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c870.TMP

Filesize
203B

MD5
acf870eeef4d8d77100d0b431eb0f574

SHA1
a5fd671ee45cc8f4eeaa06084646e30482659355

SHA256
f79efc52aa5a1379acd723d9149a0279d858b8a8ace0b1bfe524d4ae7f814e1f

SHA512
c68db49342f6b2a84fd722d5349549da480a8eecea32b162508999ca5724889410928c418222e61f2ec3b31ef7265f48daae6f98c928f9c7656e3a2f788903e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f24ef4b8eb54b990295ef44d01b8ea0e

SHA1
a9fb9ef14c5f66bc7feb4a24510f90d0dfbeafb6

SHA256
141053efceadb4a582b2614d285ca2d5148feddeafd3635e6079e37e151e9c59

SHA512
a13db6c76b70e278d0b687baef1047dba1dd90dfd4a8e3119932d8b38ed5678398d19198060673033350e99d36041e6034dc4a2bea6c447ba0c16849498f6b5f

Download Submit