7c173099f354fb6564d66c3a1a20b105b59229aae456934041aaa4e8d16884f9

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
06/06/2024, 05:21

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

9a082505dc8c6d28ada7814a0962d2e6_JaffaCakes118.html
Size

64KB
MD5

9a082505dc8c6d28ada7814a0962d2e6
SHA1

336d4bab9d2c743fc669905c370f6f9c1baeaade
SHA256

7c173099f354fb6564d66c3a1a20b105b59229aae456934041aaa4e8d16884f9
SHA512

332c3c2fa63fe0e30a27cdb7bbde605460fae61972372aef7f3b8b0bfdcb9f69328065a4fa70594fe1c4e0481956f89c8db8ed4c471bb7f3adbc98bc4fe8ec88
SSDEEP

1536:oRC/Dyiu/RMIP2qwQ9hiH2w227ftiHPOGO/OghIx96tbtZM8WjBFElcXJsijJ6ha:og/DyiSCIjwQ9hiH2w22hiHCphwTlSB8

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4076	msedge.exe
4076	msedge.exe
4216	msedge.exe
4216	msedge.exe
4052	identity_helper.exe
4052	identity_helper.exe
3264	msedge.exe
3264	msedge.exe
3264	msedge.exe
3264	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4216 wrote to memory of 736	4216	msedge.exe	81
PID 4216 wrote to memory of 736	4216	msedge.exe	81
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 3720	4216	msedge.exe	82
PID 4216 wrote to memory of 4076	4216	msedge.exe	83
PID 4216 wrote to memory of 4076	4216	msedge.exe	83
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84
PID 4216 wrote to memory of 4752	4216	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9a082505dc8c6d28ada7814a0962d2e6_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff95fc646f8,0x7ff95fc64708,0x7ff95fc64718
  2⤵
  PID:736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:4752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2256 /prefetch:1
  2⤵
  PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5796 /prefetch:8
  2⤵
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5796 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:4716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:2140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4532 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
  2⤵
  PID:1948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,9273913141994239108,337262280942113410,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:2164

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1940

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4040

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
537815e7cc5c694912ac0308147852e4

SHA1
2ccdd9d9dc637db5462fe8119c0df261146c363c

SHA256
b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

SHA512
63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b167567021ccb1a9fdf073fa9112ef0

SHA1
3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

SHA256
26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

SHA512
726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
18998ac62009f4862f94d7b7fdb16c41

SHA1
82854452eb8cc9cd8d4a0803e7de7dfac18bc2ca

SHA256
fa040b6293dec931af545d62e0725c9e8c4f67df8206f5003a57db51b71b5af9

SHA512
36a989c18ddaab4f77259e4a8ed76a0726f088202fbad6bbf97271b678e200f044b6d1ba4f0dcedc2948a259c9406027494dba9aaa917d5ff22c44c5cbaec447

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
484B

MD5
0e5e3bdb8bac505a9b635586da80d188

SHA1
89c0ceacbf854649fcf159de934a1bc56cae0854

SHA256
a589a8f7a3d7dd3887e364767bb798ca1e98874b43da0774fdb2a1bb0bf9ad98

SHA512
3959256505148eb9b2eef5b0e05d28048d44122f5728bd66fc2dc058f88349c12fb1214bdaa2d7e8659196539bc426a054b025e896ef2ed4594a3777fcdd39c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cc004b3172d32986ddc3b0f1ecdf660b

SHA1
4b52d19c36bf726eae463411c1e565bea102ae5a

SHA256
9c572434d660b8741e78cb14c6cd8ee3fff792ca9bfb5fcc6458d203b5661c80

SHA512
810cfc34198067660d3172d1447d8034bd93ee92d6ecfad18ecbee7eb678e97b959911c6252c8c2d8fbfc7a8d417865ee408a0b929e7784b6150def279b238d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
168ef6885cc372a57d35a7b15533be7e

SHA1
245f10329dafa6bf3d74dd7ebbc353187105b679

SHA256
5a106c2ebfaf07e42a8ab99ec82156ec30ab36df2e6f4ab6fdd290d65f997a73

SHA512
f66e01c573d50b4713ab34c28d8cc87284d1016c219aaff39caa70efc59b4431c9f1d8b90cebedbbf7176fdb1c183d3039f446c6c5bdf5dbb29ef893011a7794

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5dbc167e44edfa6d952ec579fd1c6baa

SHA1
374b4741f70172f427cb45903b804cec58ed1952

SHA256
39e7aab635aca7bcc346fc8bd34c792f5934d5a971501574813dccd696f5ad62

SHA512
5ee7404f4426fd3474eed6a5ceb3e983197d3c1613c05b17324214b41889f0df4f03f8628c39e1bf35347bcb5f9d1b9dd8a9a4de7f5c48b677a20721b88355a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
368B

MD5
4ab843c559643abcc462cb7e83fab673

SHA1
a42df639096b292d011a7e6e6a92aa39f303fd64

SHA256
53fe506cbb397c0e315b1bf8749032461a521d60e5c349ce09151a6cdf51d87d

SHA512
96ed48663c7e1369a7052b55dfe782689cad87059ea7bca4691c9943eb795c6ea14b2f2972a3ee20d1250eb176d96ac055314b3dbc7352bdfc65d51996e30541

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58c668.TMP

Filesize
202B

MD5
e4e47d5ae32f4f92ab679e3a3b6bae2d

SHA1
f640ac7b1dfba0030d579a042e68c8ba459d19a4

SHA256
d22755d40794973eebaacef31e6312d73a9a2eabff8d1a0ff9984500768aed68

SHA512
430e16fe292b4acb5e23001332e607b2676958cd253ea9e07b2f7768aea1cd7c6768d01d72bac70a816adf42e3e11ccce7a24b36a67fd5e1f2179b555110d579

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
40158449a963bc7c726db77dacc5e7d7

SHA1
189e9f0c52259b811abaf51d1616696a430968d8

SHA256
b7e31236fa759561a9fa880fa90364043feb5e4b5dfefe3aa40c3ca6d7a72ff0

SHA512
ff5b2fda5171b64ab31e15c0bf4ef5e72921abb99fe449e6bfa3326a3435cb6a57942612c4d61f635beaaefeb610ab03d5c6083b4bfc0631fc1e4085c715b79b

Download Submit