a43d2d2977a73cd92acd9b2ec7940cd9ec855960c5815b9ae5140ca4c57a4089

Analysis

max time kernel
145s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
05-06-2024 10:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

97ea71e97d436fb7b3433ccd5fa265f7_JaffaCakes118.html
Size

100KB
MD5

97ea71e97d436fb7b3433ccd5fa265f7
SHA1

89b1167e5863f2164a636b98e5d3907f812cf443
SHA256

a43d2d2977a73cd92acd9b2ec7940cd9ec855960c5815b9ae5140ca4c57a4089
SHA512

1fdec16ed9690775b6e69469f212f091f2630dbbf161b06f1c80ee0f198ad48daff0d2cf28732114b3f7a98e95f693e91bc20b28e1f8e5258392753e1b1f287e
SSDEEP

3072:5qBczLTrdVKGXYjaMdTMNHbgprHSW7IhCbVV:5qBcCGmBh

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4500	msedge.exe
4500	msedge.exe
4700	msedge.exe
4700	msedge.exe
4288	identity_helper.exe
4288	identity_helper.exe
2288	msedge.exe
2288	msedge.exe
2288	msedge.exe
2288	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4700 wrote to memory of 1360	4700	msedge.exe	83
PID 4700 wrote to memory of 1360	4700	msedge.exe	83
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 2976	4700	msedge.exe	84
PID 4700 wrote to memory of 4500	4700	msedge.exe	85
PID 4700 wrote to memory of 4500	4700	msedge.exe	85
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86
PID 4700 wrote to memory of 1084	4700	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\97ea71e97d436fb7b3433ccd5fa265f7_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff97d9546f8,0x7ff97d954708,0x7ff97d954718
  2⤵
  PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:2976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
  2⤵
  PID:1084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1820 /prefetch:1
  2⤵
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:1184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
  2⤵
  PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 /prefetch:8
  2⤵
  PID:880
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
  2⤵
  PID:4928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:1368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,2955356722295400450,5102901514194876547,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4844 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2288

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3392

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3700

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
864B

MD5
b880e5da88d2b965159f8b994ce575fc

SHA1
ab6cba1b2a82daad6195b38bd06e6d0e1dc4d373

SHA256
c29cbc8751682014cc388cb83585a17d4ec69dc95318056467d627cdd729269e

SHA512
1839507a82f4487845d4f41102a1fdfaa3076fcbbdf3e769e5a7e24811da83f97f494c95bd92c01d9adad11050ecb74f58385f17a2e99b807a782c8f1cd31f4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
895B

MD5
a75177518410f751839ee9a4a95d5d91

SHA1
2cf0127c2ad742f1be32c12489d3db2077f019e9

SHA256
58da46eb732fe58a9a47f7be8c77418c4c948aa0bc12db3864fa56d50bc02d87

SHA512
752e9d8bd5f5161acf4e62ab6a0f6c276a7c6c0a259c9a9899ec4fee18f10f82d2f6bf26b5c175a10988b0878e967764bd0a4ef86b45de8a82b63e9a9c155f92

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
8651d0f511dee8a41e5b8656c838319c

SHA1
319a6f53984644f34dc91924dc2178e3435e0d03

SHA256
3f05ba92921671a1c4edc76a6b867b81bdfa616cc3ee181f187b848ca685acf2

SHA512
e237e8ac6db3e58712bd491db06ef518def50d7a9682e3fd7daec920a024486d6f11a4d20a440bfe19316b9c31f5c405d2a6497b7777937b9f751e91663b9ced

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5ad2feb5113b223ffb1ca814cb9c4e59

SHA1
73e9b75f6d7e6e28c161c9067800224ef5d1c8fb

SHA256
2c01315214d987424474eca71bac3d70355f53107be1e169f368fa83ad818122

SHA512
d62dc4220ab371e2bf7abef406d82365a5ed5046fd376b4a76a22389dd36fa58e66a49499a764234221bf4194693e01c1e4e4e2f5aa7dbbc626974ba5c514cd2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1b51ecaf2d1012029f28cb2435734569

SHA1
8c0db1a654319d6f8ad30dbe6a472d92bae973aa

SHA256
dd2e9b1bc78fd253d950cc5363549db2c345efdc761369658f4199353d7120d6

SHA512
898a26cbfcceed1d95727cecb958979c537e1b88ecb78320f568feee61060537452d21c51daaaf2817ad86680d929128e42b4fd564ed7651223bdf5751798e35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0bb503fc4b4bb473c763b301ff92b180

SHA1
bdec337c5b9c64fda985518796286cb7f0985a71

SHA256
65fa25c5a1102dc948249ebaa64ac43c3a83be440e1cb6d2c510a8c10d90a712

SHA512
60a1bd848ae3f3ab41249969e0b4fbc002e8dc20ad144fbb739bd2e9eaccb48f934dd09d3da1a608abe34b68966319c1fd89a46d3639e36c10f6694e6020d88e

Download Submit