f946caa5978f6f5f0625b3ef1a954174c607d815bc5b2d95fc74f7f74e89ab62

Analysis

max time kernel
145s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
31/05/2024, 21:43

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

88741ffa8b7ba534f2f5ad6aa127d17d_JaffaCakes118.html
Size

39KB
MD5

88741ffa8b7ba534f2f5ad6aa127d17d
SHA1

997e0998e1c58374aa2440a8cd4415ad505b26b1
SHA256

f946caa5978f6f5f0625b3ef1a954174c607d815bc5b2d95fc74f7f74e89ab62
SHA512

09619bfa703e51ed34fbdc7bc20e74014e9c0fa494738b7e15856967f36e63babb1c0d864704abb6c4cc75ba510b3679126bc04b7a9ea23dbbfde6414f8efd69
SSDEEP

768:kkclux9o7Lq5CpK2nl94cKmxofYSRo2Skz8Z9S:kkclOWWIpK2lUYSRAm

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1920	msedge.exe
1920	msedge.exe
2196	msedge.exe
2196	msedge.exe
1816	identity_helper.exe
1816	identity_helper.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2196 wrote to memory of 4564	2196	msedge.exe	85
PID 2196 wrote to memory of 4564	2196	msedge.exe	85
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 4832	2196	msedge.exe	86
PID 2196 wrote to memory of 1920	2196	msedge.exe	87
PID 2196 wrote to memory of 1920	2196	msedge.exe	87
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88
PID 2196 wrote to memory of 2992	2196	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\88741ffa8b7ba534f2f5ad6aa127d17d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffae94e46f8,0x7ffae94e4708,0x7ffae94e4718
  2⤵
  PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
  2⤵
  PID:4832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:2992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3836 /prefetch:1
  2⤵
  PID:4468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
  2⤵
  PID:3276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:2940
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5788 /prefetch:8
  2⤵
  PID:4400
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5788 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
  2⤵
  PID:3468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:2800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,4603910426909097579,16443603589440196649,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3304

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4100

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1900

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
9d0278fa21e8d93bce0cf5dd18879f53

SHA1
0c3b53e4e1bd2a01bbb0df49e34c502f853cbb15

SHA256
d1cb7c1fc9c5a64bee9f6cd32d67d2745566fa7cde66fa416b2ab805fd007295

SHA512
1a97a1adb6ec862b479268e8a033576436eb6db7ad1d9bbf3efd5596fa3fcf84fa2ab28bc55ba8360b2e372b76367b219ef63720007e72b59e8fb56121892a12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
926B

MD5
e03cb0b32151decef8a974d3d1530547

SHA1
d1a3b81f829db7b0865bf337b930067dfb43989e

SHA256
f8213f1dae051f849ffb44e064ee38571c1b2c9a44bebebe11b7c0b3895c33a4

SHA512
3859fe0600bc5b1094b374e0c1dca167b47e0a46931ba26e831e84424e74b3d091e2549c9c65bd568b50c220085c9c3d42e3d1c903cdbde4d39c278b4e2fd9e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
199f8de5182f327dc6bf6e8b1983d321

SHA1
b2a0b94979fcbbadb232f3cae2716f8a8ae2e89d

SHA256
dc26ac3f355d6cd5b69be843e30d83ef8e0503b35017f165633670b6dc05e8e0

SHA512
8ef5bf7d7f968f0b792dc061345a51a55588ec8d9ba2886ad3b4eefc454472d4d64b69a610daa833c87fab3a242cb3d6223fb335f117ce8591fc085629a7c629

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0cd350e24b9524634df6b3e51be8a1e9

SHA1
fec632a61a39c14c5915b19f37c7c6d304ae9159

SHA256
26aceffb6705f6d2c7bc994758da26232e845a83121393367cc94fedc13be490

SHA512
ea5efdea03897712d9a5f4d6078d4d6ee04fd15e9ed753934942ccc5a3914f76849719e71488f8e9973d7ece69f69626e24c6b4b68d770094f21c98511d5f68a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1192d30224a7d81761cb9fa2001e8361

SHA1
7e69413f1a05f4056f453bb86e65009759f26643

SHA256
725ffe0db727fb119c1d138394045a53ff01cd4a366c626e8fdfdd931fb73026

SHA512
af48bc2cf2650812c3e6dfc4a3202245cf2504d194ccc3f5f65f7e39533dccdda6ca229ff84e3a677c984435051f6ec6a5dcbd5348b8e01f63846cf2d1ce410b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7dfac122aa47c78cf8015d925a70dcb3

SHA1
4485100c89720426aa29bf85d612767accaf8df1

SHA256
73a73278b82a409954b7e904b6c30a41b16945aedbb84f9d2be8311d18e037ac

SHA512
e68a5b2b0c1731a12efaf3b288181689a09bc8030f0fa64f3bd79ffb6091ab6f90ff18b87b61f296865bc227b769c6e01009a4f010ccdae5eb532384a8c7854f

Download Submit