02997994269003401351fa4ce33d07fa06093fabfab2c81cebbf4bf1349b8158

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
31/05/2024, 23:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

88bde537ef2e3a8c394aa391ac392471_JaffaCakes118.html
Size

68KB
MD5

88bde537ef2e3a8c394aa391ac392471
SHA1

73d0b0a4a73e8c27bc965025b8edd1d4af230028
SHA256

02997994269003401351fa4ce33d07fa06093fabfab2c81cebbf4bf1349b8158
SHA512

a8e72e7370a480f2763224c7448d71499720aa36db79e05cda7b7591ed5bdd4b400118e5694e624618974cc41190ad77c831b30a3acee602e5c11c6816b63d69
SSDEEP

1536:CMJkrM645QOdZHI83Ah6T05gbckqBO3mYHUCefupeS+ICXrNvxZPlEBV55:nVv283Ah6T+gbckqBO3mVdS+ICXrNvxe

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4832	msedge.exe
4832	msedge.exe
1400	msedge.exe
1400	msedge.exe
2032	identity_helper.exe
2032	identity_helper.exe
4236	msedge.exe
4236	msedge.exe
4236	msedge.exe
4236	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1400 wrote to memory of 5044	1400	msedge.exe	81
PID 1400 wrote to memory of 5044	1400	msedge.exe	81
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 3400	1400	msedge.exe	82
PID 1400 wrote to memory of 4832	1400	msedge.exe	83
PID 1400 wrote to memory of 4832	1400	msedge.exe	83
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84
PID 1400 wrote to memory of 4612	1400	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\88bde537ef2e3a8c394aa391ac392471_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc8b8946f8,0x7ffc8b894708,0x7ffc8b894718
  2⤵
  PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:3400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8
  2⤵
  PID:4612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:3216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5896 /prefetch:8
  2⤵
  PID:4036
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5896 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
  2⤵
  PID:4460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
  2⤵
  PID:1676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
  2⤵
  PID:1904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,15187696230157733120,14569983681736112598,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4236

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2476

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1424

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b2a1398f937474c51a48b347387ee36a

SHA1
922a8567f09e68a04233e84e5919043034635949

SHA256
2dc0bf08246ddd5a32288c895d676017578d792349ca437b1b36e7b2f0ade6d6

SHA512
4a660c0549f7a850e07d8d36dab33121af02a7bd7e9b2f0137930b4c8cd89b6c5630e408f882684e6935dcb0d5cb5e01a854950eeda252a4881458cafcc7ef7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1ac52e2503cc26baee4322f02f5b8d9c

SHA1
38e0cee911f5f2a24888a64780ffdf6fa72207c8

SHA256
f65058c6f1a745b37a64d4c97a8e8ee940210273130cec97a67f568088b5d4d4

SHA512
7670d606bc5197ecb7db3ddaecd6f74a80e6decae92b94e0e8145a7f463fa099058e89f9dfa1c45b9197c36e5e21994698186a2ec970bbdb0937fe28ca46a834

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
d0a2f9ca008161fc02bef04d4d49b284

SHA1
f862ce560ed39c7f939c9ad5dbf46bfb8db23cf8

SHA256
d038bc06b68183228671cecb7d4b29fec10f998d247ea344dc2c6f7487e9d5b8

SHA512
d36d6136457e068884cde4b81c146f33257c61473d21d81284f140ad19dbaea01647d4af4ac66dc6073cf1bb77d2062915f975b63197e1f12a69cd13463a1547

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
f13b4448d57b546aef2d827a688ef6c4

SHA1
e1dd7e5a53418085848a242e467ff0d5b67eb0d4

SHA256
59df058b131838caa25060b9fbe6c183f0256d18c6c19238762a53ea2addae08

SHA512
b9e3ecad230f952db90c1179f08971c5eddfa8120f31ff0588025df2890ca7ea78f1459c9f2c2397f756152f3e173f9cc39da65b748b8eb3c206f0fe9f7bc1e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
488cb6f1ee7cb13919cb95a92e49efea

SHA1
e2e3699d4ff7f8a29b7a80eec9df8a5a14af764b

SHA256
85cdfc4cb73924cd709d2fe035fe44d68d2df936ec8b3300a3a38c47e43594d9

SHA512
67b9bbae0289d6a5d5ecf6e9a1c95fcba6a18b453ff1dea7dfbff255d76e722e89ed68b1547b5a073af06c381319d2c7675087ca1ab08c1ce766a9aee20bbbd8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0c133af7c8369188955047d44f7d2018

SHA1
ddac11a7a3c51401fa3fbf9400f5326b1f87c6d3

SHA256
a6a167ac27772dfaad2aa31a285affcde00e96be156e8f21f50137aa27c56d31

SHA512
20ca3c6b5ab4933e9a3682f393c1a255e2a6f86ae19a9bf7f8837a22218a5c5caefd84bb89ca53b18c0b9a999856b9eee41a875a4031ac2a8bd9136d1b1c0863

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
370b4b4759f21751e00f0ead98c7e952

SHA1
21752ba917392bd7f16a6a94daba3b5270fa6de5

SHA256
93b898e8e2a41eb695027e5ac7ea4390abdd22ed9b46f359b9538f906e628211

SHA512
1bb3239324644722eb48f5c26c87ab9990a1ec11d2e60c524c5fe2f175912403808c799a9ae9559cfd71d4b4155ed6dac9fb2fcd69379d8cbaed77cca49f5a57

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5b9250edd0897f7d74c46294f251972a

SHA1
81b3d060358551776b165c2603494c53bf9a81f0

SHA256
ef81775cb42e4a67dc3537294afbf9d6b4349a8f5ff3bb06a24c518e4cd6a3be

SHA512
899fc2f24f95b41ff2581156ba0d7063a29d74b26f3e6d4405d74392aab6ee0c094cc47a02392fdb271df469a457266d60855f89eb4846dca1b54cc8c11a7172

Download Submit