4d193e1736cb4b32c68fe9d232b779cdfd88c615c7024aba46d06c0d23a3a554

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
13/06/2024, 06:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a436c10b49536a67ffcac88d67f5ddb1_JaffaCakes118.html
Size

135KB
MD5

a436c10b49536a67ffcac88d67f5ddb1
SHA1

a4f081893fd73925eef3d17f4d000a6a9a8b3fb4
SHA256

4d193e1736cb4b32c68fe9d232b779cdfd88c615c7024aba46d06c0d23a3a554
SHA512

2a53f8f6ef4093cb596b932b1d4a24bdd14b183180665019cdd80d900a21a51b1b71aa6f99f882858b153438606ddbec0d5ef8040cb165e025ada2dd51f4b753
SSDEEP

3072:hpVCPBHi976NgZuIyLUXQDrjrIcrfNefwBR/qSzi:hpF9uNw2LUgD/rIcrfNefwfqJ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4280	msedge.exe
4280	msedge.exe
2196	msedge.exe
2196	msedge.exe
1592	identity_helper.exe
1592	identity_helper.exe
2568	msedge.exe
2568	msedge.exe
2568	msedge.exe
2568	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe
2196	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2196 wrote to memory of 1264	2196	msedge.exe	81
PID 2196 wrote to memory of 1264	2196	msedge.exe	81
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4428	2196	msedge.exe	82
PID 2196 wrote to memory of 4280	2196	msedge.exe	83
PID 2196 wrote to memory of 4280	2196	msedge.exe	83
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84
PID 2196 wrote to memory of 4908	2196	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a436c10b49536a67ffcac88d67f5ddb1_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff93d6e46f8,0x7ff93d6e4708,0x7ff93d6e4718
  2⤵
  PID:1264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
  2⤵
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2972 /prefetch:8
  2⤵
  PID:4908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:4928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:4632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
  2⤵
  PID:448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:3080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:1328
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 /prefetch:8
  2⤵
  PID:3504
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1
  2⤵
  PID:2428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:4148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
  2⤵
  PID:3924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,16206665254057519679,13178868239569728262,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2256 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2568

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3504

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2728

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dabfafd78687947a9de64dd5b776d25f

SHA1
16084c74980dbad713f9d332091985808b436dea

SHA256
c7658f407cbe799282ef202e78319e489ed4e48e23f6d056b505bc0d73e34201

SHA512
dae1de5245cd9b72117c430250aa2029eb8df1b85dc414ac50152d8eba4d100bcf0320ac18446f865dc96949f8b06a5b9e7a0c84f9c1b0eada318e80f99f9d2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c39b3aa574c0c938c80eb263bb450311

SHA1
f4d11275b63f4f906be7a55ec6ca050c62c18c88

SHA256
66f8d413a30451055d4b6fa40e007197a4bb93a66a28ca4112967ec417ffab6c

SHA512
eeca2e21cd4d66835beb9812e26344c8695584253af397b06f378536ca797c3906a670ed239631729c96ebb93acfb16327cf58d517e83fb8923881c5fdb6d232

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
df3c1bc550d97e4ce87bfa09324a9857

SHA1
36d7ed9062f5c81f979da33869e13feff172c925

SHA256
e6447d4ec0c077ee61a6901498333fccef8c4bc750c8e1fbd290baf43e3134fc

SHA512
e559a1b9a784ff530ec18e41ff6b52d73be598c9088cf806c9c179e31997a09c04d133d80b94e9045bc410b2a7d21b3ddf34bd237d7432ae19c4643f589bf6d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
926B

MD5
a6bec60ab32e1f1056e9d50ab47fd5a9

SHA1
5897aba736438b3b1d91b637b82a93f21edd3b7e

SHA256
59a89c48d2c410674b88d1693c4da0fce8395aff88434199201c9afd51bee5b6

SHA512
e0af08dbbb20a2e02be2cd80ed258ea2642fecd5a263dc62a6589d98154f4b3fcbe4cdcdbbdf2a525d79bf22c290036d791bca8270e89c87f39b7c1073eefc52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c45f32543bee2a120b888757caee5c93

SHA1
e6b2741ec7dd5c978d3d0a7a0c26d65cc2f2cc9f

SHA256
74dcde93f25d4a6e89fe49c53be09e2430fde30890d657e8155a8317e00cda84

SHA512
9f6ac25fa0ab8ec9f4c95c7a07bec312bb10f8c570d3d14acc35822cac99de57c8320833b3366545c32959a37baaa941c0703ec4b96496567a8f7976523c838d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3bc2bc1a94743ba6971409c6140568eb

SHA1
3a9b3f36044e0bee53f85d954e22921cfb846182

SHA256
7e6b32a3c7e8257370ee9e0da61865d2187550b3a58d05d8844841f03bb67cf0

SHA512
c8bc2086ca21e86eed80483d5ab279ca1ab91f1cfcf0878cdca13e9eaa58ac38029f2ca461bf4211c97c7fe6f31fc5447fb06484d9ccba54ac45cdf8d883dd10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e79c8b66-6af2-42aa-9463-552fe1ee8e7e.tmp

Filesize
6KB

MD5
3cb893d14c3562c3f08a7d433896632a

SHA1
4819c7cd8905e1f454212a910bac32dd0e32f12d

SHA256
a18c78552f268c1dced9a5a9223b86f6264db16df55c16a91cbbfe3d4446bffa

SHA512
fbfe03406a885337407254fa4cbc963373a75a15e7fe91aac3bc27bbca0f47fbe39642f59aa685857086623cc8ef396564dc92b07b72ac492a165e735ffa738b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
35b8918c22a7a98e157e8f2652151527

SHA1
1bd8586ff62130f2bc1c2f82b49de7745b43e056

SHA256
ffd20be0940c78ac453ec5fc6e093c3508710ee4c9f93f83f2d546257d63dd2d

SHA512
7144101f91214c87810e390c8a9813eff062d05e4bc02013be22ab36edec431d77bce5e9e56846d96ec7045effdbccdcd51880017a31b700d6e7bce3454f3baf

Download Submit