67e22268b697cd27de2f53f1675bda6cb03a9afca10e39a7b22a823778723e90

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
13-06-2024 09:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a4c34c373ca2c7e455a90a6ead26672a_JaffaCakes118.html
Size

30KB
MD5

a4c34c373ca2c7e455a90a6ead26672a
SHA1

864b20520e33ca2d947a4e0f7115594c3adcf9cf
SHA256

67e22268b697cd27de2f53f1675bda6cb03a9afca10e39a7b22a823778723e90
SHA512

c63c0b45336a21d21e68e6e3ae3d3939665e88a9f5c90c930793186fd55888b9c5064f861457e45eba48a52c714340ac84547bced3f970e75b261502462b200a
SSDEEP

768:6JHd4N+ZwhihL3pT1U6RukeRAKZm3JbhcCEAiEw3ikQedsH:6x++ZwmL3pT1LukeiJbhcCEAiEw3ikRK

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3508	msedge.exe
3508	msedge.exe
4128	msedge.exe
4128	msedge.exe
3464	identity_helper.exe
3464	identity_helper.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe
4128	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4128 wrote to memory of 4628	4128	msedge.exe	82
PID 4128 wrote to memory of 4628	4128	msedge.exe	82
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 4852	4128	msedge.exe	83
PID 4128 wrote to memory of 3508	4128	msedge.exe	84
PID 4128 wrote to memory of 3508	4128	msedge.exe	84
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85
PID 4128 wrote to memory of 612	4128	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a4c34c373ca2c7e455a90a6ead26672a_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff94a3546f8,0x7ff94a354708,0x7ff94a354718
  2⤵
  PID:4628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
  2⤵
  PID:4852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8
  2⤵
  PID:612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:1580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6004 /prefetch:8
  2⤵
  PID:392
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6004 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4128 /prefetch:1
  2⤵
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:3356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,5077922257508530777,8293775592036584554,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4876 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4576

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2560

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2660

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dabfafd78687947a9de64dd5b776d25f

SHA1
16084c74980dbad713f9d332091985808b436dea

SHA256
c7658f407cbe799282ef202e78319e489ed4e48e23f6d056b505bc0d73e34201

SHA512
dae1de5245cd9b72117c430250aa2029eb8df1b85dc414ac50152d8eba4d100bcf0320ac18446f865dc96949f8b06a5b9e7a0c84f9c1b0eada318e80f99f9d2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c39b3aa574c0c938c80eb263bb450311

SHA1
f4d11275b63f4f906be7a55ec6ca050c62c18c88

SHA256
66f8d413a30451055d4b6fa40e007197a4bb93a66a28ca4112967ec417ffab6c

SHA512
eeca2e21cd4d66835beb9812e26344c8695584253af397b06f378536ca797c3906a670ed239631729c96ebb93acfb16327cf58d517e83fb8923881c5fdb6d232

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
23KB

MD5
e1c71f7c04be834f5587230db2ad24b3

SHA1
f3bab9cb99d9f343bf7ed3981aaa7450515d2424

SHA256
9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899

SHA512
205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
a5e0bc68b1ca9395b1b4508ad799739e

SHA1
2624883251a05687e9b5f97571dd2f9528704a0a

SHA256
f3020dce1dae6e9e5ed9d33f2468dff8b1f816c36b17e34abf75e6b8099cd267

SHA512
a7f2f6865dade0f653885595c81f1f400aee5e915cca7c8d133617b49348d339e56faca391820a65c0717646e9cb8699275e0a85465fe0fe715bac2e16f40a2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
4ef9e54ea2f40ed243023a0b755c2a26

SHA1
b497dbe8282ed7049c098015ce5da223f7859d39

SHA256
6d2a3b00910f1f16d756c1c55e39f2c482271cc4df0251b481e232bf6ed6a5ad

SHA512
40179d3ebde7739fb0b1dbfba121d5d1c05f4c064128aa5bc92677f47bfbe8cc4fce5182a22599b11106424eb91b61d3340338b54c9322cafc93d38c7948294c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5125bcb145c27003ea6c1fbf3474fd15

SHA1
4f5c962d19fea528f60b64109fc173c7ca8b68cf

SHA256
9f0151c5d49f9236a3e194e460c6ef64ceaa09ac0447497a81f8ffe05f155b6f

SHA512
014cf5b1b9239ccbc4e57048916601d3009b02df829ca3884dda5c2271b3fe2bb4b6ad0957adc77d915649d3f5d859050bd49bfbcb448d9059eb92273978cc68

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
341e9257a3e68acbae95278290bf456e

SHA1
1de48a2d3dcc4d7a24bab4873c4fbf449e2e03e7

SHA256
ca9dda54574b10baaaaa50490613fe27f0a536553b599043ef7497068c0737d0

SHA512
57951c86aff2c8ae02f958db01e3c74c141d7f3ee99fb401e3817942008bdfdef51e2644cbcae6b65d660f6689df95698a19bdba2b2791ee2c9fbc375144fc7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8154f1ebe9e1dec55013665093d64fc8

SHA1
bf0667ebad5b68e4f6ab7e5f0e2f70817ce035a2

SHA256
5f2d23f935aa7de8821a29f67a793e0e51a00381cd15b174d70beb3dd26000ba

SHA512
0954398366374f6c405180fd3ecd1d0d6af365e0ec52c32cf6d555eb87985ccd823d4c007ad7dcf99ca7e5b9567781891b61577c96bf0f4e701eacdd1ddcf4cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bcbfb71414817f884ee7c79a365721ea

SHA1
20bf4f00f02b082d7cb35a3f5ad0a75d7c708fff

SHA256
d4ebff4c69ed2ad49df648bead5b701163492f653d36bbe1d2d88349cf577531

SHA512
2b3456d0196b5fe32de7eb09e345a42c6a8723b5a6b94647ff51e5f06d8c3798cd40dd050d7832812f32ad52157f09f0235b46693ca91b19c41e71d0a0e2fdd5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e88f567de3725aae8d1ab9b66f1b5266

SHA1
44f2480cf36c100ce6984cd544557d6be52eee55

SHA256
7eb8ea8c4a0773799ebf7fba1dfab1ea4e2f75b6e076574366dbdab76192af5e

SHA512
7fccad24b9cdf79ee0b797e60e588982c4156f147368fa038d055802f2a24e1227606a8772283429f81c8fa55fa0e674f5a733ce2b29f2001e10a26e57a1c85f

Download Submit