c30bc22895fa60c094af7977f1b3320b2b71a61f431a54eb2621e8cf5eac6133

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
24/05/2024, 19:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6f95d143437d3e61319c099dba34edf9_JaffaCakes118.html
Size

599KB
MD5

6f95d143437d3e61319c099dba34edf9
SHA1

217c76e1baeccfdc514ed830fa7b94a4ef9d66e1
SHA256

c30bc22895fa60c094af7977f1b3320b2b71a61f431a54eb2621e8cf5eac6133
SHA512

4e6b8a38b998e1afb611bcdee29a01fb8685b4df95b2921c5bbd0a1de85fcc5e4e16678482daa598f32a2239a8b1837ffaa513f25e1541ab887bbcc46df8b319
SSDEEP

12288:M5d+X3z5d+X3Eo15d+X3d+5d+X3x5d+X3c:u+L+koZ+98+N+8

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1876	msedge.exe
1876	msedge.exe
3332	msedge.exe
3332	msedge.exe
1644	identity_helper.exe
1644	identity_helper.exe
640	msedge.exe
640	msedge.exe
640	msedge.exe
640	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe
3332	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3332 wrote to memory of 2852	3332	msedge.exe	84
PID 3332 wrote to memory of 2852	3332	msedge.exe	84
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 4560	3332	msedge.exe	85
PID 3332 wrote to memory of 1876	3332	msedge.exe	86
PID 3332 wrote to memory of 1876	3332	msedge.exe	86
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87
PID 3332 wrote to memory of 3704	3332	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6f95d143437d3e61319c099dba34edf9_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9afb046f8,0x7ff9afb04708,0x7ff9afb04718
  2⤵
  PID:2852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
  2⤵
  PID:4560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
  2⤵
  PID:3704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2404 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
  2⤵
  PID:3124
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 /prefetch:8
  2⤵
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
  2⤵
  PID:3480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
  2⤵
  PID:3236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4088 /prefetch:1
  2⤵
  PID:468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2272 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,14061259826791105375,14912823468910020287,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5444 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:640

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3928

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2328

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\44b29600-5dda-41c7-8e25-e944034c86ae.tmp

Filesize
11KB

MD5
83535d1ff4c17b1cae44c1a003364462

SHA1
65d4273c3ce9784d450f3db6021f6e07da1aa0d8

SHA256
5332d332a60cfc1c60e46ee90c897bf81f03690c22e637d6739243adf5c6dea3

SHA512
f27764cb4035d3afd253d43c85dc0387f5ab24e888687a1813c4264cea96afa3d8bfe7e48973b4e407dad93eb91bff1761e75b4a3c3e5ce25b8e809c191a3da2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ae54e9db2e89f2c54da8cc0bfcbd26bd

SHA1
a88af6c673609ecbc51a1a60dfbc8577830d2b5d

SHA256
5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

SHA512
e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f53207a5ca2ef5c7e976cbb3cb26d870

SHA1
49a8cc44f53da77bb3dfb36fc7676ed54675db43

SHA256
19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

SHA512
be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
94cf396b39f1b8ed1b535fc314c4c577

SHA1
e4e4826d853b3c676c554c238f89f3f329c81022

SHA256
a1d55065e0bad8758defe7ba959fc91e3a07ed262a107c0f69cf260656acc8b3

SHA512
e3f1e30a476690189abce91db75565363a87fdac5a6944c8eff8bcb91b3a050380cb09cd54a388978645f7cb4c935fb0772906a8ab65de5435cf508fb7d6a853

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
317B

MD5
f9624b12e97d857f4fa2bc6ee3b1111d

SHA1
aae5d92475f626f3b71bf43ea5f12a42d4608224

SHA256
2863c09fe7c18717831784ed8025dffcdd1b6fdc02567984e7e0fea15b38d160

SHA512
0be7e125df4ebf68f1993d1425580e8bb65056a18615e3ebb3c2a53e7faba9e558e2bd279304133ba8a4436b0acb006b80f2fe1644827252464b69d48925f01d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a9af73651dce7c76b624c2cfac0f33c0

SHA1
99f79260a8ddcce1ffe6772dfaa81d7106f5d736

SHA256
7718e7a29ea70fa979fff0b7d418894c3563b39e356bb0190298470df7f0659b

SHA512
4425acdc55e304a61c635a4ce695e6636cb4ce263f3d251ed137f3c378c866d0068c9a41012cfb7b494a718986d0d7ef428ab2a0ec879c094ba9b446babacf0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1ac5370fdb600e5997992c8e14f99ff3

SHA1
a595b57e67d89ee72f43dfe4b05d56723cfd3abf

SHA256
70c096927fb2ded2b33b58f11b531baec2233a14ca36f1ba35f4c6855ae4a533

SHA512
61c9b445cfb4d6bb7a5753c454892b077817403d6da1d89d40ae8609bda31b52cfccbbfca73c78ffcd1dc0382d7b72bdecdfffac71e55e049963c0aaaceca22d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
179b35a89cdd1bd16cb7219a97643d85

SHA1
463f62be9c9926dd2da0226f73432ec63351492f

SHA256
218c52f589dd614e562f8f309dddb3a5780892a4736204d12c0db456dece482c

SHA512
4c83ce2819cf535dadab872559ee18b6046edfb6d08400cf14937c874005961b523cee35bb1385e36f9e06ea13496ef040433fbba3ce3899cb2ee82c97b3c4ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b8a1.TMP

Filesize
203B

MD5
468d9ea04eb00c76a643e86f035b770f

SHA1
802a5c70ae20137e1275bb27c265ed505e1060e7

SHA256
9a68ed712fe89c1d8d459373e22df203af53a1512ccc558bd06135082633c1e7

SHA512
768bda0f40e5e9c51bae4994a5d27c28bd06bd85ce647324daf95a167756ef01180a5599fb929ce5cfa684a357c2908c0df2dc426ec8134ea2a92202c1845c48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d633d87d-9d04-4b34-9117-ef184c741def.tmp

Filesize
6KB

MD5
cdc45000085e25be55331864b5c84eea

SHA1
f92f31036d7821dbed74dcba521949a30f04dac2

SHA256
e399914518576663f5ec17fa1e64d2ad184f2b76b839c3c2097b68b3c513ab03

SHA512
1213c322820a2cad9db5e4c7b25411e7c67c9bb2126e5733add0d67089aa930978e52749fbf7d1fcb466aa1fc23eb9b5914dadb3c5c26158f9c3607cf5519848

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit