36c3fca7663d80d7fa15c7f01376a4057f9e6ff10b5dee55a7df85186bad0669

Analysis

max time kernel
148s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
21/05/2024, 06:51

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

626604ab495bdf8a19e5a7b153956dc8_JaffaCakes118.html
Size

126KB
MD5

626604ab495bdf8a19e5a7b153956dc8
SHA1

894915624e5bb1f3d2c5fa1eb96b95c39c1e183f
SHA256

36c3fca7663d80d7fa15c7f01376a4057f9e6ff10b5dee55a7df85186bad0669
SHA512

470ed56cdb8a1610cc6ac4c649aa98858cfba2f78d6d02823d551f80c1c51647b52f4d736426fe07d443993232eb659d1202bc512032b89cb05783df6fd43599
SSDEEP

3072:bZaq3atD9eDZgDUxGZcDliLZhD1ejZsDU9GZcD1OzZzD38hZGDUZqZZDkhmZkDh9:bZaqgD9eDZgDUxGZcDliLZhD1ejZsDU5

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1536	msedge.exe
1536	msedge.exe
336	msedge.exe
336	msedge.exe
3704	identity_helper.exe
3704	identity_helper.exe
5140	msedge.exe
5140	msedge.exe
5140	msedge.exe
5140	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe
336	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 336 wrote to memory of 4516	336	msedge.exe	83
PID 336 wrote to memory of 4516	336	msedge.exe	83
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 3172	336	msedge.exe	84
PID 336 wrote to memory of 1536	336	msedge.exe	85
PID 336 wrote to memory of 1536	336	msedge.exe	85
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86
PID 336 wrote to memory of 2524	336	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\626604ab495bdf8a19e5a7b153956dc8_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffff2ca46f8,0x7ffff2ca4708,0x7ffff2ca4718
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
  2⤵
  PID:3172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
  2⤵
  PID:2524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:1740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
  2⤵
  PID:852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:3660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5556 /prefetch:8
  2⤵
  PID:724
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5556 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
  2⤵
  PID:984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
  2⤵
  PID:5192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:5200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1732,3923293676104662116,11867216757968242037,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1304 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5140

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5060

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:752

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c9c4c494f8fba32d95ba2125f00586a3

SHA1
8a600205528aef7953144f1cf6f7a5115e3611de

SHA256
a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

SHA512
9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dc6fc5e708279a3310fe55d9c44743d

SHA1
a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

SHA256
a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

SHA512
5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
7debb841c9d14495d7390bf586c0b860

SHA1
825ae51a31839931b50507ad228570ba378b72c4

SHA256
f3e059cc49c14139dd6da0ab23be4f7f3a4a1a2091430c7664d594a5aad018b1

SHA512
77b94e4380b20ad3b98587959481015cb4a604b10a0443fc3264d46b53acd29b03d5d535c70d0160ae5044c98d04005fe89e518cf8e320d34ea62df1be4bd609

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
978B

MD5
5e265f575f725c927c2577ec1acc252c

SHA1
b6a759bf605d1a1ba662dafe1b171d6b7e2d785d

SHA256
ec4094aa835fc3ffe87a8fe14b9b019391251df8c08d794bb2c957e19c389860

SHA512
6c9d442c615cbcb00a539c4e06bb84142ca8813b54f74d95a9f2db3191a7943938e40366d19aba4a4c5c70d970404de25f1d5fce87287805a99cea796b736184

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
1f2a7f5b90fe9d2a5d82afa48b8de63e

SHA1
5451aadd532b5295e4aab856a1933a6295915d54

SHA256
0988fa032edeba832e5b9f44a7be9f8e63a200f33e23eb59f3da02e60814465e

SHA512
3892d8abac88995e1ef8c1fd1cdf04991c39f1359af430b11baba8f6121ed913c5596054351c74300586605b9337869733d9980cd6b56b55dc3eaab50ea20bd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d6bd6dd371d275916515cdc145a3d1ba

SHA1
f1316295e0e400acfcd4a32d7c3445d663dcbfde

SHA256
32c9c4b0b8ea46575baca2e83e88448e1faaec72a3ce8632e789951225db97d9

SHA512
55699d3c70b5874e481e34daccbf25d3a3c7f2a62f137590059adb2101ea005f1ce8b0bfa23d71c9db1dc1fc905f06eefadaf46a9bc949aa1e8849d04acb0f56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
5a926bb2aefaccced1c129a5966ac9b6

SHA1
aefd3e1f0be054674a56affb28132dae2402a447

SHA256
bcfd3063ba78334fec5bab6771e001e8033c54f219dd282066ab4228e5f1975e

SHA512
03aa086640cc476d6ca0b65400d0b7251d298d90b3b64911574685b692b4f444dc65adea7d7164ad750f93453916b7826ed5a141031c3421cfffeaef13318488

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57bc99.TMP

Filesize
372B

MD5
884c8e4b3a0c4e3c223e0ee0caea32b0

SHA1
367f3e2375a2e33b196cacf3c234bf6a47c85714

SHA256
e3bb1c36566befd3ef70fc8b6c082f7e533fd372b533fcac42dc691ab439f2d2

SHA512
a2863d8e1c4b1671f77d77c7a1c6be95f168415d087aa252201f18e04cd0f0acb3901f91eb8eda08b879b1d8c58bdc71fc305d1553ece47dd8a546601199c0fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
16f0296cb425d431ddf54a83dfa7a84c

SHA1
16460fe62c75d84b919af31f773c3091c2b5624f

SHA256
a1b631d44ffbf9d9b2f92e79e71bc173e2775f2e451d6f2f41f6eeb944508d1b

SHA512
f6388d46ad53211c0c71c752ca7fce4854b957c9b185d243c8ccfa79f7638f5f8e35b2b935a7c8f9655ce79ad4d3b6e7bef9d0ca10bb12fbfbeeb99314f4a2ee

Download Submit