78569dd61b38b4e41c7a94e2f8b1c8e95cd45a0541a36658a6a59ce6c4976dbb

Analysis

max time kernel
145s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
01-06-2024 15:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8af25eb5104ea815da75e44553f13b9b_JaffaCakes118.html
Size

61KB
MD5

8af25eb5104ea815da75e44553f13b9b
SHA1

3f2f6681551d402fcfa553ed75ebc8a7a83e4c91
SHA256

78569dd61b38b4e41c7a94e2f8b1c8e95cd45a0541a36658a6a59ce6c4976dbb
SHA512

8f61b85daaac8cc54a83df3b2d00d7b1634a57f70daf5f40962ea33be3760e589e0214b289f9a65be9a97bcbd02db2ae001f13d997780eea0a3653759db7c7c1
SSDEEP

1536:UcHVDmPjvv4/m4glOgr+2NW1tHQ9q/r1FTGAl/QE:UcdSvv0ZSOFr1q9kr1FTGA5Z

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1396	msedge.exe
1396	msedge.exe
2032	msedge.exe
2032	msedge.exe
3940	identity_helper.exe
3940	identity_helper.exe
920	msedge.exe
920	msedge.exe
920	msedge.exe
920	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe
2032	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2032 wrote to memory of 2488	2032	msedge.exe	81
PID 2032 wrote to memory of 2488	2032	msedge.exe	81
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 952	2032	msedge.exe	82
PID 2032 wrote to memory of 1396	2032	msedge.exe	83
PID 2032 wrote to memory of 1396	2032	msedge.exe	83
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84
PID 2032 wrote to memory of 4344	2032	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8af25eb5104ea815da75e44553f13b9b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffceba246f8,0x7ffceba24708,0x7ffceba24718
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
  2⤵
  PID:952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
  2⤵
  PID:4344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:2920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
  2⤵
  PID:3760
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5620 /prefetch:8
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5620 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5384 /prefetch:1
  2⤵
  PID:3432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:2132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
  2⤵
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,5621122703455806452,611202085577939965,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4868 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:920

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:508

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:512

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5116

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ae54e9db2e89f2c54da8cc0bfcbd26bd

SHA1
a88af6c673609ecbc51a1a60dfbc8577830d2b5d

SHA256
5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

SHA512
e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f53207a5ca2ef5c7e976cbb3cb26d870

SHA1
49a8cc44f53da77bb3dfb36fc7676ed54675db43

SHA256
19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

SHA512
be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
7e05bb83d788635b241aac7387d8021d

SHA1
05613e9086de991cfa4ae54fcc0b2e5837c58bf9

SHA256
c7609edd1e979bbc9c2cdf5f3500f3033bb0cd946730e50b987af4e4908c6a4a

SHA512
585624e9af0f0155622fa6052cfc4ebdb8b10122f2264ff45cc43d763bc8593a0522616998bb6bbad8f8326db99ac5fc0153a75cbfaacfb40afdb5a2776a842d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
38304b8446c59bac9b4089360f3081ec

SHA1
b2e5271054d657be669949d028ecbde80b8050ab

SHA256
99ffc4f31d1c46eff989d5ff22f60ac6b879393e8cf4539aa5485c7563ecfa39

SHA512
6d7357603280539bea8dbc551557a1e467133f7ff4ef4ad3d65be8ebfaca65675e438a47636bf9f2b18ef3eb27d9329fcded61a2a1b14632e591313364ac69c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
032bf1aa75fc9f7757746558994a2ae2

SHA1
d6e35707b861b61a67a1d8bc5343e9f8f51ac291

SHA256
5f86fa1c2abc2e49595c4e3be7b848f055beb31e8f964d1523e47281b4d5bbac

SHA512
b7824da08b1988a59918138c61ccff2bd16d70e33053aaab5cd61934006e2cf55a12a720402192663bef520b25854a27dca8020e0753c7c451268fd047cdbc41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
82a2641dbd4191bc63a5a56a401c8b49

SHA1
1289798661f7539a088e5719b0b65ec147363a8b

SHA256
e7320c80cf0d35b6a200d6a1bd29d11fcd2798379dce52ed4ad2b2b51f9a809b

SHA512
6a2fa0ebf7190184ef1adb61943b8516b7f4ee306d71ca5ad68387e4febb6c8e293dc17e42505011ae6f285b822ad0d37707d15456751740e675a30c0297f5f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
368dabcc19ae1faf8831ec550e32666f

SHA1
8c151e6c64d6c90d6c85ab3ad7dd3cec130fc002

SHA256
b8fc439b46b05978309a9536a9eb85568e8f95a86e11ea3e0ae7e6e8798ddb2a

SHA512
f17934d8451fb91a7631e1e04a417b3977c3adfb018fca42a99068a5dd769207f3def4b52271e062451b3c49306ad834e2f8332ff1da1e6411ef880911c933b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
620ac9f3af1809c6d874efc42bcd1078

SHA1
0fb8591044adfcb112bf5681c59e7b57d9061a81

SHA256
95a46086dca9e925ca337f7150ffce65b57c3db877f1bbfdba0282a872696c0e

SHA512
758b7978eb4ca5548a6ed55d445e67cc5b8659e67d0cdff59c5318fc7e7af3aab9564a1141935239e3d616c25477eef97cabaab0d9bebe130b41e61007d452dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b287.TMP

Filesize
204B

MD5
cc68d79a6a929913eb894959ad5207eb

SHA1
60009dbbd578121861cf139b360744da6a1beb54

SHA256
dece3a2d23c58f9da2c6bd0397050c3896144b9a63837236e84bf97ccddcd3dc

SHA512
312319b98f7d44a413b37b7cf92c17d961bda0203a446836e9bec2b773320502544be7f3964bf3ce22f38e7eec6d70f3bd912ad1ad3a65509a2b9a046a09d6e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
16bce3b193efd4418fe69ff6d7afc7a4

SHA1
428025f0b17fc51bfc2d9c4d550d0996df3244f9

SHA256
469303aa299ef88c5dace57c91ca25690da411d0eb633867a6b70b49a967fc75

SHA512
777147ec5e344283ffa0a7bcad423a3d952730ae28a41b4033f25a4aac0e484c79621863f73dd2f42d531a86ec3f8b712575354e5f3b5b44ae5ba9f3d7af9ae0

Download Submit