8828695fbbbcf32b8bf3acb9b6a6fb4670bb9910f4cdafb2cd5f4d0f641b66a6

Analysis

max time kernel
145s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
01-06-2024 02:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

892e15642d49d2d11d93920c317606b4_JaffaCakes118.html
Size

128KB
MD5

892e15642d49d2d11d93920c317606b4
SHA1

10eb16b2e80aafdb2e58e0bb475ad1cc875fed2b
SHA256

8828695fbbbcf32b8bf3acb9b6a6fb4670bb9910f4cdafb2cd5f4d0f641b66a6
SHA512

69b21ec15b08245df1edbbbdbc19c25f040d3bdd26ba318bdaa1d2755fc69fca9a80e4adfb0e593c173ebde29746c89866c579d67884f58be9804bcaf31d4602
SSDEEP

1536:LK+IqFrz4Ne3cpLF9uhyyQ1ezDSEr9gHQ3+ZjNvJX05K:L+krm9uhX7e2+ZhvJX0s

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3280	msedge.exe
3280	msedge.exe
2560	msedge.exe
2560	msedge.exe
3204	msedge.exe
3204	msedge.exe
3204	msedge.exe
3204	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe
2560	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2560 wrote to memory of 828	2560	msedge.exe	82
PID 2560 wrote to memory of 828	2560	msedge.exe	82
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3524	2560	msedge.exe	83
PID 2560 wrote to memory of 3280	2560	msedge.exe	84
PID 2560 wrote to memory of 3280	2560	msedge.exe	84
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85
PID 2560 wrote to memory of 4904	2560	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\892e15642d49d2d11d93920c317606b4_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc801b46f8,0x7ffc801b4708,0x7ffc801b4718
  2⤵
  PID:828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
  2⤵
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
  2⤵
  PID:4904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:2964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
  2⤵
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
  2⤵
  PID:3352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
  2⤵
  PID:3100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
  2⤵
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:1116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
  2⤵
  PID:540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,8998623464156157254,18248994683613760533,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3204

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4992

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2880

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2daa93382bba07cbc40af372d30ec576

SHA1
c5e709dc3e2e4df2ff841fbde3e30170e7428a94

SHA256
1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

SHA512
65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecdc2754d7d2ae862272153aa9b9ca6e

SHA1
c19bed1c6e1c998b9fa93298639ad7961339147d

SHA256
a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

SHA512
cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
eb18f1c4310a1a5da674ce24868dfd69

SHA1
92bd9270cf01ba6b8ce418f12f4c8ccc2287d540

SHA256
1174faa4f281189602d2fe4774c3343767cd40d2056f458754d3aabe0f759e49

SHA512
de4fc1ffd2e32daa3f20fdb4f98f1b1889340553dbfe64e5e7318f7d90a7802c2f575468557437bcd1ce1f20b85dc48227b671c0b27f09e199287cc85f7d1674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
4850cf7fd147e319007901a77c71edbd

SHA1
313219d0d4e426aea42ae369bd5a095a9eab4f0c

SHA256
dbe82f7348efccc81fd0d4822b5b079dc117a89d991666a15e9f242b294563ce

SHA512
bee9380330c0a5fcf3c6171ea22843c5d2739ac10c0a61a3f5bfab02c04496793210f6882b364c869a1ba2994c518f058ca6a6d4152bb84e1967a594718c2a62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c28508a060149ac6b19911c98c1f48a8

SHA1
6c4a08928c10c891608baf9e28b76bef28149363

SHA256
9dc5990849d92ff553ac532b676a1c58309c87f1b395e372030de37bb7493004

SHA512
5a3f62f703cbb4f6058cb8c55c24174a6c0a73fae77ab41113f0b8f530827c82a547788bafece7db63b4739ce546e3a44326cec297cf6abcb0782beee4cbf7ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
97730576706eef7d4a3b22023243dc81

SHA1
14cdb43a166564b11d734a1a304288953362bbf7

SHA256
143747fe769e029f597f3bdb7fcb739c50cbe7e305e98fc2f737710da751eec3

SHA512
d10e2ab652d6616bb79779f6679c88cff6417857fe0860e66daa823bf9fefc46fc13968f3bc420914c8383b3b59e71e0fa1d754a1bc0cd3e3cbaf253a716bec9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0134b5c737925d91ef6e8e6b437a720e

SHA1
c37f7495083dd4bf1ed3a67ffacea98a980681bb

SHA256
4ccff447a1e3cddbaae83a8f3d2f102e4ea686ded6184bb5c0e6d75b01dc30ed

SHA512
d9481988ba86fa66176b6e7b053bd11e2e04d59657ac897f64658cc969a00f4a1ca1cde2146df6033b52cc7b38823e9fb374a7610183796003399b3df49d85df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
67edaa8016b7b1706c6329ab93cb7c73

SHA1
467c3b22096fd2fb29701380ed2a571d55c798ea

SHA256
96e33acb04fa51af4a98ca0563648cb790be6d464f5352bf6d11551560282437

SHA512
9461b46508c53393c523ee005bb42009b50378fb318d0869778dbf5eb56986196719a8b10c3a3a1fd047757943fef01a6617db6c080412091378fd18f40df1b3

Download Submit