4e2abe6ab89462129a1170a1544a6963dcb87789a5d50b93dc56c2f38b191cc0

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
04/06/2024, 11:15

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

94a0f0f84f121333f11de140bbd7a2e3_JaffaCakes118.html
Size

91KB
MD5

94a0f0f84f121333f11de140bbd7a2e3
SHA1

4ad5795d144310c029668a99c17e35eadb48dc13
SHA256

4e2abe6ab89462129a1170a1544a6963dcb87789a5d50b93dc56c2f38b191cc0
SHA512

f9586c56e05af668de8424f7967807e29fa4edaaca7a8b7e7cd5d8be6d9c1aa86f7a42b5505a40dcd18bfb5447e7dce220bb1af7ad1b8be763aff8f843d75bd7
SSDEEP

1536:waHHHh2hBEOeaQYtzvOOemzQrESm6Pk7TtkfNdOq:DHBg1hhPTtkx

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3472	msedge.exe
3472	msedge.exe
228	msedge.exe
228	msedge.exe
2172	identity_helper.exe
2172	identity_helper.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 228 wrote to memory of 3964	228	msedge.exe	83
PID 228 wrote to memory of 3964	228	msedge.exe	83
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 4912	228	msedge.exe	84
PID 228 wrote to memory of 3472	228	msedge.exe	85
PID 228 wrote to memory of 3472	228	msedge.exe	85
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86
PID 228 wrote to memory of 1324	228	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\94a0f0f84f121333f11de140bbd7a2e3_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8107b46f8,0x7ff8107b4708,0x7ff8107b4718
  2⤵
  PID:3964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:4912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2600 /prefetch:8
  2⤵
  PID:1324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:1340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:4616
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 /prefetch:8
  2⤵
  PID:4896
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
  2⤵
  PID:2668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:2348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4444 /prefetch:1
  2⤵
  PID:3724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,12350949380729836827,16392864571181796416,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5408 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2504

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3596

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1924

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8916dfb3-f35a-4582-bae8-81341a4d65aa.tmp

Filesize
2KB

MD5
eb6fe81bcb5aa62b6a5ee937d5ebe677

SHA1
88c19405cc92263e468f8e353edb4999b19aa7c0

SHA256
0db420343e249a1bd885bce478c40884272a128118d62380d6d0e2f2efea45d3

SHA512
53ed56a2801f6a305daed34d2f320572fc2d59e68247119ca8f73e7496d453d42af41d4f4a9a05244788ef60d8162c29913bfbee408975227bb9af0a99193e6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
44KB

MD5
23536ccfe05b737ae639fe63ee4cc435

SHA1
6d2e9822835dc3e6117a4d2addfc8f241fbdbc82

SHA256
6ae9edfc411ede03661a3d910fafddab3d6b313d1f4668dc8c5a84c5ab23a3ce

SHA512
f416e36b2322bbebd211fd1ea69c88883f00c7b00f14474a5fcce4a408840c0d1b0304eb8941509a38157d0583485f638959eb7d5b9ae668aa88c1d3eee8dd0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
fe2d28c17d8057b3739bd8daac2fba5b

SHA1
292124b6446ae9a573a3fee43d2b5fca418edb25

SHA256
8b27f447531a631d24048d9c0ea33c778b7ae1c66e0a7ff226fe5b96b5f0061c

SHA512
4d7ffb68707f844f1f8902191fb165bc4b1d9ef22147db0034c925e07bb117a10c9d5a443541fd01f45350fcfee0fb0d08750f8e47a5e9f4806ae75af4836e7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
ee93e0ae16cf148d22ef86268bee2058

SHA1
f57d7f18d721c1c89085d772be6fcccda67d0c90

SHA256
fa0db2346482acfdfa2822f191b684a51fc07fdb47150d6334d08c495a1fba0f

SHA512
3361b471d2fd79e5d259687e2674bae122d621416e7ec685640bdf5600b8d0dc95f5312082eab4c4ba1c32b99e04e40185c821cc82e5ee61c6a8d981a489b403

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
350ec941a67a8b843e6402f3e513b37e

SHA1
0a36b1ef12e04b55e3c7ead4f421e5c43e477eec

SHA256
ab15ca00496da5a22df4a00efaf42f456e5ebb23658b5baa8a1b76a2f845c417

SHA512
590be68dce8746265f07d82ae83e1df601f41ea539419525078c0e00b6bbb74cb9083bdcc0833284bf45410cf290c2b7c5c82657164ae5878a976090f623ef3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
52f98cb46f7e277c7e7e89f51e894ad6

SHA1
76d3255636b4da2a6e9145d05aa2350bf5225fec

SHA256
4a9f9f74ca710f51afa834b9639743fedb9d535ac411e42d7e3fd480e9008fbd

SHA512
d14c7d79af5297750e5b31bfae8383e6914b176de66bb0fbdb662d75433c089ce4eafebc11e865ce3d093926e9326fcc3924b59e9f8231d53cca9825dd2385b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7ce7bb6083cb2abc0ea5ae50286c2a99

SHA1
b1899c08da6e672a3c1e162e01efd00f2bf175e8

SHA256
39fa3e8952f9b3047c2fc6b47d92eb2bac4c086112e359071e16214a21b709ca

SHA512
3a17f6ed7f060d326427c5f7c1f3ba0a90f96201f1a08bc28c39ea4e833ee0eea0ffb683842cce03f4f34b208b7693e48a6de1145cced0f88fb25587d4c6db28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a858b5af9f071c073b88bc1e3e2a668f

SHA1
94e58b0e64c27740937120d9ac6c0a275e1a486a

SHA256
a9a4abe9921d55b62f1cb4946cfa00ef1c19343bf21e5e71b83366aecf726c30

SHA512
8645a3cd679b63c3250511fc5067d0f12b9424c4891bb334e93d4501433e4511de27466bf897ad9d41404c958407d1dfbe311f55471f1634b8ff873a555ce4e5

Download Submit