db70c8737ef27d1018046c80f1a09a63bd76b066b995dcb18e11a214c624b773

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
05/06/2024, 10:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

97d8cdb2760e51b42e277d3fe01deb56_JaffaCakes118.html
Size

51KB
MD5

97d8cdb2760e51b42e277d3fe01deb56
SHA1

d9ba0a9b22f7a43c388497bd7a1315a6e270e168
SHA256

db70c8737ef27d1018046c80f1a09a63bd76b066b995dcb18e11a214c624b773
SHA512

81345c65170aafff17b20c317e0345b5207aee621a4efc6a65cc2df9fa956921317151bfd44b53c3d8e5bdda66d29907c9d5995ea54fd2845bd5ea6a4bc5b05b
SSDEEP

384:JmbPWUr52oeR7ofB+lVo9w7i4HGx99+GDfO3HeygimtNkds+1/Sf3TzrCxesuWDI:4u7ofBdw7i4HGxz0DsCfpD8vWP7V8rLX

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
1708	msedge.exe
1708	msedge.exe
5060	identity_helper.exe
5060	identity_helper.exe
4352	msedge.exe
4352	msedge.exe
4352	msedge.exe
4352	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe
1708	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1708 wrote to memory of 3548	1708	msedge.exe	83
PID 1708 wrote to memory of 3548	1708	msedge.exe	83
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 1068	1708	msedge.exe	84
PID 1708 wrote to memory of 4876	1708	msedge.exe	85
PID 1708 wrote to memory of 4876	1708	msedge.exe	85
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86
PID 1708 wrote to memory of 3056	1708	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\97d8cdb2760e51b42e277d3fe01deb56_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe69fb46f8,0x7ffe69fb4708,0x7ffe69fb4718
  2⤵
  PID:3548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2056 /prefetch:2
  2⤵
  PID:1068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8
  2⤵
  PID:3056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:1348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:2032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
  2⤵
  PID:3664
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3388 /prefetch:8
  2⤵
  PID:5112
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3388 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:2000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
  2⤵
  PID:2360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
  2⤵
  PID:1184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1992,8558485682044756157,6684154916398205212,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1980 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4352

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3596

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4868

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f61fa5143fe872d1d8f1e9f8dc6544f9

SHA1
df44bab94d7388fb38c63085ec4db80cfc5eb009

SHA256
284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64

SHA512
971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
87f7abeb82600e1e640b843ad50fe0a1

SHA1
045bbada3f23fc59941bf7d0210fb160cb78ae87

SHA256
b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262

SHA512
ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
6dadfce8c833abadfe74f7778229141a

SHA1
3ee0913a44f6170e3cb2cddb3bcd1cf9f3d97569

SHA256
606c9336b4654960137d4926d2d7fb979c068df2a6ccefa53ad752ef8db49882

SHA512
16f7dc257b77129c037bf878c9f396d3a89d08004cf7d43e1bb1e7f9a676fe548d7a46a1e6b6cbf0dcf7c1dff60ba41dd3609bd26fe88c2e64dc12f7648b86c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
be04a2f78400c2a41bcc339934ce5c63

SHA1
4783239166b00c46ba487a0fb5e9787047111bfb

SHA256
7bf11fc5f8710bcb2c3f66b390caecf7c2c116d13f3910a6ca4cc990a1876352

SHA512
1aee8e384c60714344e27fba0912e9107f0d5b5128bac38d713d68cc7dbaeb3b3566fc1f859a5f4c937d3e21676a0f75ce24f017e381cbc4d3753d163a0c1aca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d84c83a9e85340902cbacde8a02cfc22

SHA1
51268b16aa684c04e0b92f666570daa5b0a5cdf6

SHA256
e3197e7e45ec280eef94dabd8bf7e619445127daf5e04cf92756f1080f5b2984

SHA512
7611739434cf0abd0ca8d590c97a46f9506c2d16503ccb22db475dc6d4697e8b4d149b354a9c0aaf709bed7e525d824b9f0ddc8670faab3ad915f55c635836a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0dc157295d325c752b1127c487ce62c9

SHA1
ec866ce60bfad8a30a42c43313618e9a3ac282ef

SHA256
ab3acd86e3b0a258e6d5d2a5966bb4736b1297cb8f394b5545aec6b189ed40d4

SHA512
a2207d8b34be8c13bf3486622dbb033b8243d6c7ba64070fc79bb040304f0e8fea06b1203788db7847b71f2a861cfecea2f2cf73cee0923f68c11ba96187acb5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c8437a03fcbd1d484957e563b3a6353b

SHA1
ea453c9356f4966f44b86c0a956db1aead2fb75c

SHA256
94616b000c13523aee2d1f9bf7efee4811bab133e09c973dbe86c8bff64845dd

SHA512
958a45c59c98fcf58ea7eb0f9f83819b8332f810f6668d49eb643b6a0f755f5587b4daab7e98b19b367969a1a8931f13ab27daee35204154b81341b5f4a5b26e

Download Submit