f7d311a8af1b54b1a13586cd27288753233201ba3e11c82f0366197f82acec43

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
26-05-2024 22:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

770e06908ffe3b3627e9cbc2661b3f2b_JaffaCakes118.html
Size

33KB
MD5

770e06908ffe3b3627e9cbc2661b3f2b
SHA1

077a496625357bf200595f5ba3fe3d34e57097cc
SHA256

f7d311a8af1b54b1a13586cd27288753233201ba3e11c82f0366197f82acec43
SHA512

a65617fae12ebd85c88767f3ab4c4c95237b558715adcd78eb4a7b7f3926447f4d516abc843e7ca946edba3165d759f1c4f09956108048ec0635cc4a3fa51e94
SSDEEP

768:9EijZeqL+REijZeqLOy7lgwkYoFBCiSQsX9HtqxJ2S/FyFU:9EijZeqLGEijZeqLjGwkYoTQqxQ+

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4116	msedge.exe
4116	msedge.exe
2796	msedge.exe
2796	msedge.exe
2356	identity_helper.exe
2356	identity_helper.exe
1456	msedge.exe
1456	msedge.exe
1456	msedge.exe
1456	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe
2796	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2796 wrote to memory of 4272	2796	msedge.exe	82
PID 2796 wrote to memory of 4272	2796	msedge.exe	82
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 1320	2796	msedge.exe	83
PID 2796 wrote to memory of 4116	2796	msedge.exe	84
PID 2796 wrote to memory of 4116	2796	msedge.exe	84
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85
PID 2796 wrote to memory of 3376	2796	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\770e06908ffe3b3627e9cbc2661b3f2b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9903a46f8,0x7ff9903a4708,0x7ff9903a4718
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
  2⤵
  PID:1320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2948 /prefetch:8
  2⤵
  PID:3376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:3232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1
  2⤵
  PID:1280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1
  2⤵
  PID:948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
  2⤵
  PID:724
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2776 /prefetch:8
  2⤵
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2776 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2772 /prefetch:1
  2⤵
  PID:4216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4344 /prefetch:1
  2⤵
  PID:800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4172 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
  2⤵
  PID:2044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,14783414188112248475,8392122728157374185,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2808 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1456

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1080

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2440

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
7cb433d1824db83356430684c75d0c6d

SHA1
494e034011f6308f8cfb6262b03d5c732ba092b9

SHA256
21fe1674ed42ccdaf4d260d653a54c1de5c1180487043305ab75c8cbd08d8e45

SHA512
505da3ff7d7921c2fdaec6b51cc172e26717a8f1feba890bc84ee9cf8e3d1c503e30bd9f03da32ed93e54950178d76dcaa36f2294c973e875cb72d63df73c31c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
925B

MD5
c934e81a4cbe6fd943c719075a952f7b

SHA1
b83b0f34760767f9ec6c4b5a25ceea85d624488f

SHA256
031de5b3fd5d01914be339dee523c57a50342ce924145eeb5fdcbdc54d3cc7c1

SHA512
ecff1862b73952f7594c1450e9ece38c5ad29f1071aa9045550fd3fdc3ceacde0847ab2bff28a33541039a9fb511a42a16cf792ea0a83ae010f329bb3f34cf95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
314bfe42a463785fac0a355b622c6858

SHA1
9d0902298478f0a8cda572990559813291768e66

SHA256
f47ad5150abfd7cb29bfe334f811e18b78dbe769fd23ced9d4491ac858e94be4

SHA512
00c63d9847877586d768c72f275b61e7b449eb165bf927eddb5fc22768f8c4444740a5762335a7ee98bd6e6dbde8e891aa949a6f336fd8cf470c64121c9cefea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0b863f66224f33cc286c2b5c7a83bde8

SHA1
7440a64de9d1a96bbfcbb9b5aab11c9ce6de9e03

SHA256
567d551eb572d59d53a936a70b88a90e80c2df21cfff2b5c8a4aa8f1805fb4f4

SHA512
fed1bb503e463648559a1e97fd782bf18066d0e6829180c87b5015744e1f8c392757d16f6ec8228cb478ab6bb84fd73f7fcd3e9e475c4cc8db3399b21f57da7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\dab9c0d3-63e0-48ad-ae40-950501ecdef1.tmp

Filesize
5KB

MD5
06b252bd5adf2a8d1d394de7e07bc582

SHA1
620e31541ce506205029ba339408de46bc64092c

SHA256
6a4b5e3753c850e4f4a7b33b84566c5454c09c4279380cd396878cdaa92c82ed

SHA512
9d05b198dab0762532d2c2d8a542615bc328948a6f8d6e797f6d2a2b31ed38761255910a0449696030cd32086ea0107902539acc79d215d5af7dde8947b67872

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
29236af265af4634d97140d9e9da8419

SHA1
5ff8e6ebd312a21ee231577751681f9061ecb791

SHA256
a21c9b69990b61e553a814fecee9b6b3a578732aa3905b153dd561507e64da85

SHA512
60f1c81aed259ed0caa6c0d3cb46b3ec624a9d8875108a66b13c2b53aedc157ab8d94420342e358c8a65b8137ddb9d785ac3543145c1abeb3ceeba20d5ae671a

Download Submit