a7f809826bf41cb0532bced4c651edaf0daccfdeb72ffa34313ab3b16c955cd7

Analysis

max time kernel
145s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
13/06/2024, 14:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a613edb410a5c3982a46138fb001a719_JaffaCakes118.html
Size

38KB
MD5

a613edb410a5c3982a46138fb001a719
SHA1

b46fa92f6003b894bbd3652bd6ed9413cebb5e9d
SHA256

a7f809826bf41cb0532bced4c651edaf0daccfdeb72ffa34313ab3b16c955cd7
SHA512

f9f3cad2787221345f782c129a19e324be9f14c78e33c20ab1bbeef7c5b26b4b3b29745d4c439c995a2cb04d8a0e6ceaf13fd353dcf5a4ed8998524e6db7dc8d
SSDEEP

768:LDShVIH8oa3oqYlmgDsDv1M6Cy9+J4tcqeCJQTCl+yDDDZDNe6DkDzDgDS:KXIHg33YlO1/Cy/c2ACli

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2604	msedge.exe
2604	msedge.exe
1140	msedge.exe
1140	msedge.exe
3296	identity_helper.exe
3296	identity_helper.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe
3300	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe
1140	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1140 wrote to memory of 936	1140	msedge.exe	81
PID 1140 wrote to memory of 936	1140	msedge.exe	81
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 1940	1140	msedge.exe	82
PID 1140 wrote to memory of 2604	1140	msedge.exe	83
PID 1140 wrote to memory of 2604	1140	msedge.exe	83
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84
PID 1140 wrote to memory of 1868	1140	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a613edb410a5c3982a46138fb001a719_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xe0,0x108,0x7ffd08de46f8,0x7ffd08de4708,0x7ffd08de4718
  2⤵
  PID:936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2260 /prefetch:2
  2⤵
  PID:1940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2340 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
  2⤵
  PID:1868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:4048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
  2⤵
  PID:1296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 /prefetch:8
  2⤵
  PID:4632
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:1232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4160 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
  2⤵
  PID:540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,6031098553445936394,12761488067303853981,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5056 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3300

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2088

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4932

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
81e892ca5c5683efdf9135fe0f2adb15

SHA1
39159b30226d98a465ece1da28dc87088b20ecad

SHA256
830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17

SHA512
c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56067634f68231081c4bd5bdbfcc202f

SHA1
5582776da6ffc75bb0973840fc3d15598bc09eb1

SHA256
8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4

SHA512
c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
1f3c98dd6f2e7bd8e7b5a40470f3ff1f

SHA1
1dda852e68be1a4a9620da8f8bf946c312422325

SHA256
8432c483448c157b2c1fefd3e8c0c5b787d4826fe9c72a3ef3bdfcb92ef7b197

SHA512
3c751dcf665d649bbbe4aa6180c3d6eb11cbbaa0db411f2910de965cd7dd7b370b9c8e81d4b28ccc129e8c6986d228bb442a51965ff0afa7226506cfc7a76f7a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
1fe9338ac33c71ba67953fe6a4f24c0e

SHA1
4118dadf0531802d9a862f78277ddb8f84cf0a86

SHA256
c9ff70fff9c4391d2548add3f184e206541ec876295c2e6a5d76ec588a23106e

SHA512
4e18179c5af4463c6293fcf48eff03ba068943c792788e2e7fc7c79462c3684dd6498cfc40e6f0ffe67e238bf60bbe4924e4d5277a0d32fe9c02e30b7d481eaa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2e5fdebba7b9bab77016ba569e5123f8

SHA1
3e3a249e7903e00605901ad38c61b4e6e162b5ce

SHA256
ec80e5e62df6a6efb8d871408eb1b18fce06abfe85b6c39aab28dee99273dd78

SHA512
80bdd43e3bfb346c09ae387c3c832ceb3bc8370ecdd8b3665a33b5f301c05dbd89a64bfb1b90b357373d5ce8efa0f716fcc9d44187d6526e627b4d8de387b7f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2852019d70571a8a4ba2246b29561712

SHA1
be20ff3aaf25d12f8d37871f5a451edfd68e7d59

SHA256
552a7a8d53813a84d6dc37ff89dcf9b05e7578f9ea6299729485388d9fd94eae

SHA512
a493960047f37c4470d1f42a3b637d0ffe85c7372e627b3cec92caa5e1a3e8c720f75467087cba6c030c6d90f358167b88c34f9f864560f1d27976093f143b73

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d9d6840bb2b8c51201617ca879654ca1

SHA1
3d88bfc7b463e720bd886dba617f9b69ebc22eb5

SHA256
ddc653850eba6093ee4e275c5640c30738b06fd3002e068f872a7c1b70e7fc1c

SHA512
c2c5ba7fc942c078ba3275a56fccacc5f2e6ebce42e000662777ad6edb388b7986357b2412cd23f9ec1c479716d353f9bb09beb358b3e2db5c6bf18a5a6289ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
62ad28f9be59d609f24f00e6514b6e07

SHA1
e3700b0beed271fc79704dfb4436845a09ed143e

SHA256
b75c505204e7112eb24cabf3bd117305a7885806b0c04d508ab2c7f32c69621a

SHA512
55cf6b56d1802ecef78ed7dc60870e65ed471e2c25912ce2afffb1c389be726986925f8e8cf72336ccc93731be106eedca50855bf46836748bd61b234ff8c7af

Download Submit