733f2e6f721d5aa45f115eb1faa368006d0ed10d00fef12130432ae6c89d0569

Analysis

max time kernel
140s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
02/06/2024, 03:38

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8cc59de0e0a6a2d7c12fb21d74842f46_JaffaCakes118.html
Size

42KB
MD5

8cc59de0e0a6a2d7c12fb21d74842f46
SHA1

9184728a070b89adf0c91af562a94b7b16aeb646
SHA256

733f2e6f721d5aa45f115eb1faa368006d0ed10d00fef12130432ae6c89d0569
SHA512

40ac26869f61fbad1e264666d9e6038c36bb808902aca8880e7b7e9088922745a86eac6a915e4d872afabd9dca8279a7fdeeb7c8b2de3536d437946ca507a838
SSDEEP

768:SOKCLCTCvCfCgCNCYSa9v3qSbMWd+oS32qlt2gD52ggQPDJkltmucMlMMvRgglMf:SOKYC2QBCfSa9vkWd+oS32qlt2gD52gV

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1420	msedge.exe
1420	msedge.exe
1364	msedge.exe
1364	msedge.exe
2344	identity_helper.exe
2344	identity_helper.exe
3468	msedge.exe
3468	msedge.exe
3468	msedge.exe
3468	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1364 wrote to memory of 2192	1364	msedge.exe	84
PID 1364 wrote to memory of 2192	1364	msedge.exe	84
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 4416	1364	msedge.exe	85
PID 1364 wrote to memory of 1420	1364	msedge.exe	86
PID 1364 wrote to memory of 1420	1364	msedge.exe	86
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87
PID 1364 wrote to memory of 3108	1364	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8cc59de0e0a6a2d7c12fb21d74842f46_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8f40f46f8,0x7ff8f40f4708,0x7ff8f40f4718
  2⤵
  PID:2192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
  2⤵
  PID:3108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:3116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:2380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:3272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1340 /prefetch:1
  2⤵
  PID:2128
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5632 /prefetch:8
  2⤵
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5632 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:4112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
  2⤵
  PID:3888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1
  2⤵
  PID:2820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:4148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,3919536733829745528,12347528622296261610,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3268 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3468

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:740

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3100

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4148

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
a49cffec6ea19b94fc1347003ee0379f

SHA1
7146a205a7dc3a96982818b22b45a7bed436411e

SHA256
6facd301955b995e25d346f87078986965a829cf880d0a1e13ad070334538b38

SHA512
615256b3e72c02880ad6bec07ae62586f5f4d5fac82dc047d1c76a5c518716178341946df861c16c7f2083c29fb1f0b6f3d4170d61226c0b471889ba3811275a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
3e873aa0a7ef55903e9f7098d5c70e4b

SHA1
9f95b18188351d1271f60b24bef4d29a16956d4d

SHA256
abb5bd9b8b46c306a7b3868d14937d68eb29b94813aa6b75f03d5d2abdb37704

SHA512
14cc93457601baab7d05bf2c99d8592a80835b64285d07a51f9fddd4f4908903cabbe3d0bb2c3a4dae7afffae07e4d11e12ef87d80184c685387bc80fca15707

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ba6da6c3c4e3198797b5c74ae0b6a2d0

SHA1
28931099f2c43a60767c4eb6fd4580e28340c3a5

SHA256
972ebf31a1f26be988d489466708b94264996f273321e0f7d479648dbc44bc4c

SHA512
78391c0a1faed3545be1ef5ff7693dd369459b48177572db5b72b90fe56ab502d4cf246da08b69d68953e50c50c5027add097a35c3fc67ef132245f5a3a0161c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a389fa9940e1905a63df1e19ff014323

SHA1
30fb42ffb18eecf0e4ae3743e0f6c3d626d2fac7

SHA256
7cd8347253b7f146979dbaff6d48f413445952c6cd60a5a990672d9f88ba9de5

SHA512
acfc8711cea54fe80b1b1fdacbecb43d9ec1036fc95c62e5a65016b1c06749e099a60d2f6452c823f3e8837a50394889fd973ffcd20a9fd34cae03193d196a61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1a6e9e2b6e2abba9472ab5826965d86a

SHA1
5f7476159c794a0dccfc449a339960c421c4d85e

SHA256
c65d367a0809a250929361e81ab454544b665c0d4fb90704a65e75976b2368ef

SHA512
8eb994ae4da819732ef7305c0b4de2e50bd8a336ffea6d97931bafcf4d10cb047f7e7e8456af3245aca0c9eba0c3b4c997eacd655c47ddf91271dee365062602

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
408a8c189cb0fad11469201ac9debe4e

SHA1
9d9b6028641c4e31460351e09c04e5cd356893d8

SHA256
4a7cd042995520db2f04006a2c3caf0c0c044d3afbd1c08531c750c9ebd5d72f

SHA512
172e8f3c44588147c7d70067e1d9f7f6e4f851dbc2fc50f534fbce29b48ec7cfa5a4db95a624c0757e7be2992475df07df6f3244c37a12215c00864fdc4280b3

Download Submit