7cf89a12f6d38f21667c554da1f2b69e1473d229eeab61b28a31f27aa6e043a4

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
26/05/2024, 12:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

757d9bd18b6cd434215060770bf7676a_JaffaCakes118.html
Size

46KB
MD5

757d9bd18b6cd434215060770bf7676a
SHA1

de2063057acfd3ea1d35fdafa75a8c7ecc4faa46
SHA256

7cf89a12f6d38f21667c554da1f2b69e1473d229eeab61b28a31f27aa6e043a4
SHA512

ad192d25cf9a5754b2f95d57fe81ea250d0c433f0cf239a1cc334b998b02e45a48cf147f99949469cbe33d731424896c432f7955adabadb2fa758222c4a9bd7d
SSDEEP

768:S24nYhQSjxYPwL2dVljIktGmqn8Tt2M/yZratHJ:S24nYhQSj+Nd/jIkLqut0ratHJ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1960	msedge.exe
1960	msedge.exe
4188	msedge.exe
4188	msedge.exe
3692	identity_helper.exe
3692	identity_helper.exe
2260	msedge.exe
2260	msedge.exe
2260	msedge.exe
2260	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe
4188	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4188 wrote to memory of 904	4188	msedge.exe	85
PID 4188 wrote to memory of 904	4188	msedge.exe	85
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 2464	4188	msedge.exe	86
PID 4188 wrote to memory of 1960	4188	msedge.exe	87
PID 4188 wrote to memory of 1960	4188	msedge.exe	87
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88
PID 4188 wrote to memory of 1876	4188	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\757d9bd18b6cd434215060770bf7676a_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff76e346f8,0x7fff76e34708,0x7fff76e34718
  2⤵
  PID:904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2208 /prefetch:2
  2⤵
  PID:2464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8
  2⤵
  PID:1876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:3172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
  2⤵
  PID:1368
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:8
  2⤵
  PID:4316
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:3076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1
  2⤵
  PID:2816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
  2⤵
  PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,13344022221276394456,2403723823897961558,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3984 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2260

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:788

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
187B

MD5
657d80e778b39d653587f8847338262f

SHA1
99a4134362b9df2fa03c4e8fb3733518b6846a4f

SHA256
629624e44c2552d545840929a840c367d729df1d532db9e340d39a0c51d5799e

SHA512
ef63b729f03684d28865ee445b07279bcf39d542b0729c646fe5876ca45158f80e6b969ad5ff21a6c98bb449589a2aba03c1a811241afbed4d8318561ac7656a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
88c1d4124bf8cee4fc7ba037b6b24868

SHA1
a4f6ba12977cd46075ead551694cd941e2f53943

SHA256
d66cb865f9c2b0b92f44c94a80b83c9278a5f7b7c6c0432aec3566cab3db4970

SHA512
8177cc542f599ff433209358e68b7048df350ed367049447dde307bfc5c7c19c92a55ff446a863c7875ad199bc472e47c7ee295adb2b3b87b23f3a3ce81756e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2c857801edc6a5fbcbd4e7b86668e738

SHA1
7e67592b3a198b0149b9702e624f207513bb02c5

SHA256
b402ffb097a2b0f416290b9e45747b4e74a3a932b70f8c4f7ff1fb402e880fd1

SHA512
2e714b641e9a444311658844ef4c14ed9bf1099fd463000b9639fe5f7f880dfc2ab7b4a587c6c538ca4de30866aea12cfc673ba6ad1e2ec8f456f40c77a154ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7bfa66c630e62f2bd4edc01ab72365e1

SHA1
9ada3b36ad341a6173160f7316714f25c7816862

SHA256
4b93d6c4c90cb4aa4690ae9561467219244b184a7ccbfca1063828efe2fc8968

SHA512
b73e90dc289282276d7a1627a0f4046f5b29ac51fefd6afc9f59833b3a5fe7d616e289995ac1f641270a12f8b1e2545f30a74e2347b4538d3fc1fd012d5a16c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
203B

MD5
1cb6cb57640b79a141e387f8f429be51

SHA1
90d8af7cdb8f77743430301e39fbd6ae4b6d2a13

SHA256
6caaf61d80af315e5c8ffbb0fdd9aee0896a216dd39597ec073ebd0a2f16f91b

SHA512
71ce91677adb33e77da2fd79407f9b6c965862431be6e2fc7c4489981ebbb3f7562dc6cf4e34d455cf7311aa4161f1ff4db2b7ee0aabb44d22a496991d414d9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f2eb.TMP

Filesize
203B

MD5
f07a30ad32dbd714039f46fa07ad2065

SHA1
7945a24d834d16c3f063c720f3c6ffc188a7df5d

SHA256
ec69d0dffe3c120a3626ac8f0aaf22133fb736bfe5173f85bb9b7817a61eb92e

SHA512
bd1e41588c3f72781e4eb738bd0af23cf0b5aec82fde4e5421284afd1e60b9195b03b4fe404eff86656ea11150978ada80003b9efdc527810ecf5c65277d93f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
44fd0dfb7004bc32614ee3f51e9c2945

SHA1
cb53d4c605e106ed422e043c8b192cc63aac9605

SHA256
7de4ac34726fb2755818c5b1610371ef7d4d3762f7e1921b4fdb70776789c3e8

SHA512
817ae511754d832766481f6e1c95e7af5dde2aa41b14e2ff0bfe3c44bf0709a31962161422054641632e2836f8c6a254524d5ddfa45aa3f3835577c3576f766f

Download Submit