9d8323d7bbf2b2e396df56245a8e1aa84db3d16b17daed37e9567dd77eb1f5dd

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
10-06-2024 22:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9c34a7b9e07d83915e4d2d4681ba9e0d_JaffaCakes118.html
Size

91KB
MD5

9c34a7b9e07d83915e4d2d4681ba9e0d
SHA1

0fdbbf4cc4e20701cc75677f314057c6f104c90c
SHA256

9d8323d7bbf2b2e396df56245a8e1aa84db3d16b17daed37e9567dd77eb1f5dd
SHA512

88fa32b1554bba92bfe78cb721c06f6142310d3390ad32091a7c457ac29896642ffcb7d829928174d0f43775cb4671c079a21e1e0e642feee2babb913f8106d6
SSDEEP

1536:qaHHHh2hBEOeaQYtzvOOemzQrESm6Pk7TtMfadOq:ZHBg1hhPTtMy

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1936	msedge.exe
1936	msedge.exe
4580	msedge.exe
4580	msedge.exe
2736	identity_helper.exe
2736	identity_helper.exe
4172	msedge.exe
4172	msedge.exe
4172	msedge.exe
4172	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe
4580	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4580 wrote to memory of 1728	4580	msedge.exe	81
PID 4580 wrote to memory of 1728	4580	msedge.exe	81
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1876	4580	msedge.exe	82
PID 4580 wrote to memory of 1936	4580	msedge.exe	83
PID 4580 wrote to memory of 1936	4580	msedge.exe	83
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84
PID 4580 wrote to memory of 844	4580	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9c34a7b9e07d83915e4d2d4681ba9e0d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff96de446f8,0x7ff96de44708,0x7ff96de44718
  2⤵
  PID:1728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:1876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2436 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2584 /prefetch:8
  2⤵
  PID:844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:1768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4228 /prefetch:1
  2⤵
  PID:3400
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3992 /prefetch:8
  2⤵
  PID:4904
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3992 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
  2⤵
  PID:1632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:1792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
  2⤵
  PID:1908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4132 /prefetch:1
  2⤵
  PID:2716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,843491768081812500,12213098905972350842,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5376 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4172

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2384

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3216

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4f7152bc5a1a715ef481e37d1c791959

SHA1
c8a1ed674c62ae4f45519f90a8cc5a81eff3a6d7

SHA256
704dd4f98d8ca34ec421f23ba1891b178c23c14b3301e4655efc5c02d356c2bc

SHA512
2e6b02ca35d76a655a17a5f3e9dbd8d7517c7dae24f0095c7350eb9e7bdf9e1256a7009aa8878f96c89d1ea4fe5323a41f72b8c551806dda62880d7ff231ff5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ea98e583ad99df195d29aa066204ab56

SHA1
f89398664af0179641aa0138b337097b617cb2db

SHA256
a7abb51435909fa2d75c6f2ff5c69a93d4a0ab276ed579e7d8733b2a63ffbee6

SHA512
e109be3466e653e5d310b3e402e1626298b09205d223722a82344dd78504f3c33e1e24e8402a02f38cd2c9c50d96a303ce4846bea5a583423937ab018cd5782f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
44KB

MD5
23536ccfe05b737ae639fe63ee4cc435

SHA1
6d2e9822835dc3e6117a4d2addfc8f241fbdbc82

SHA256
6ae9edfc411ede03661a3d910fafddab3d6b313d1f4668dc8c5a84c5ab23a3ce

SHA512
f416e36b2322bbebd211fd1ea69c88883f00c7b00f14474a5fcce4a408840c0d1b0304eb8941509a38157d0583485f638959eb7d5b9ae668aa88c1d3eee8dd0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
2b67c5109033d6ca1916521dac597710

SHA1
41af28d670847ae7ad00533d67eaa0102c9ed913

SHA256
e369a4386173f18e21c1a728e6483bc91dba131455192683238a2b67003b513c

SHA512
0d0e81c1b462119f53be692c23e54f1746167d99fd2727b34a853ba34dab19bf61ffb8bcf9805e4803395715be3e1fcda54f9b4ec29f1dba2e4c132e156d20b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
88e3a0b2c261f1aa9fb934d057564243

SHA1
00a07be2556b356d653c15815f6d2f117e48b564

SHA256
7c8faaffaa823ae7ac6e77d733d6c8bb25dd1ec2e5b82e7fa8a0794471f3df38

SHA512
0fe968d5f369c6a3bb94d4d9dac7c38c12717be0f05d84e69cc2042875a87309adfb43512d141bc0444c73e1f4f5e6d385e751776eef939fc2d59a538795d759

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
9632d1ce28273d8ca0d3e2cfa0aca6ce

SHA1
82456a83910968556469f3fbd74d9c7e777fa262

SHA256
52794e2071e6d52846120742c1fe67a54a01f2f022683e754ec5fd3250737258

SHA512
682ef3f3f018869d944889b2d23e03e387631450e570354b36b126a204abfcba17f174955410ee319c50bf7f38f5cc3ba34765cff5c2751ab4f6111dc851c8e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
eea741b9f23cc400b82483ac63f09296

SHA1
3f0ad2d00c1600f7e5f0b634ee86e7ac59d7b9a7

SHA256
0196445b4d9c532dfaded536e2dbed49bcf50fd2656015bf5e54473f8cd5f7b3

SHA512
5fd1b1453767ee473a05d4e6e52fd83697ad859e8ea1f94bf8482637abef7a6a2b8b3994a8249757da6569de557604d3c4778295d77864d08cdc7c973edf0c63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f8af32e66158335441c5c97c4aee5111

SHA1
0a26dd8c27a742e8ef7f8d69d6ede93fb2de8aad

SHA256
3013cb91afcf43f58efce910f397af9adc7ba17bc9826dc00aff736f5127c6e9

SHA512
818389a3bb11766c1a738ed832f9a4da7cfbd727ccad7e8d67e3143b9b35981100d76045ad852056ec413c5888f43e079e1741ae5e24f59a12d463cca7cc2a37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
feda58fddbb1f263bdecd74d8c688642

SHA1
2a13e8222ed5faca7afde7d732abd89fe12af097

SHA256
ef7f96d4081a436c8f1422491c3863f784ed3383db5b810b0ddf6f6f8c50975d

SHA512
e3994bfd8b3559faf04256165367371b015280f5cb34ca15028c520a6d773eed7d5dc5dc901bbc99e479334a93dfbca9f092b4cd28f2c3c3b8142aac7e85bd87

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
e49c78d97f27129cff47ab6007a00da7

SHA1
e84d75d4bf00c54812f9647af0325436c0438602

SHA256
7b0f65ee6a224cabdd74f3f156dbc5b1ecd20dbaffd8edeacd694bf265bcb871

SHA512
23ef4e24376a3ad5423328d39532367d32f4f33b1e6015d35de27babb3529fc19ba23506579e2136a1f4c9b9dc3061d49321456ed281bbfeaa3fac8a5208427c

Download Submit