6ff5b9464b044fdc42c3f737dc717613b3e038e765014674800ca57d359e85bc

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
15/06/2024, 09:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

adc0c951e8fac39f7d03300bfcce9e65_JaffaCakes118.html
Size

55KB
MD5

adc0c951e8fac39f7d03300bfcce9e65
SHA1

9b8a45062b4aabbbd31e45f06252ee74340932a6
SHA256

6ff5b9464b044fdc42c3f737dc717613b3e038e765014674800ca57d359e85bc
SHA512

84eeeba1c91d11354c9293eb9ac619d0bbfb048dcf5f21edf550ad7e28d4bd2fb08ff18ad7cfd0920ffcd12d30395ee8d2750b1b348f51e60adeb04f2cd61a17
SSDEEP

768:vIT0EipB9U+BXbD6cleMde7h0iQTqzSeI3Y9w/ZUD2Suiz:ATupB9U+d6clec6QTPI9w/ZUj

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2608	msedge.exe
2608	msedge.exe
1888	msedge.exe
1888	msedge.exe
5008	identity_helper.exe
5008	identity_helper.exe
1564	msedge.exe
1564	msedge.exe
1564	msedge.exe
1564	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1888 wrote to memory of 436	1888	msedge.exe	82
PID 1888 wrote to memory of 436	1888	msedge.exe	82
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 1412	1888	msedge.exe	83
PID 1888 wrote to memory of 2608	1888	msedge.exe	84
PID 1888 wrote to memory of 2608	1888	msedge.exe	84
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85
PID 1888 wrote to memory of 4612	1888	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\adc0c951e8fac39f7d03300bfcce9e65_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe925646f8,0x7ffe92564708,0x7ffe92564718
  2⤵
  PID:436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:1412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2708 /prefetch:8
  2⤵
  PID:4612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:3860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:1392
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5964 /prefetch:8
  2⤵
  PID:1460
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5964 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
  2⤵
  PID:4888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4060 /prefetch:1
  2⤵
  PID:1856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,17346507270354811670,16606574547716452553,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5604 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1564

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3588

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4068

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
db9081c34e133c32d02f593df88f047a

SHA1
a0da007c14fd0591091924edc44bee90456700c6

SHA256
c9cd202ebb55fe8dd3e5563948bab458e947d7ba33bc0f38c6b37ce5d0bd7c3e

SHA512
12f9809958b024571891fae646208a76f3823ae333716a5cec303e15c38281db042b7acf95bc6523b6328ac9c8644794d39a0e03d9db196f156a6ee1fb4f2744

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3a09f853479af373691d131247040276

SHA1
1b6f098e04da87e9cf2d3284943ec2144f36ac04

SHA256
a358de2c0eba30c70a56022c44a3775aa99ffa819cd7f42f7c45ac358b5e739f

SHA512
341cf0f363621ee02525cd398ae0d462319c6a80e05fd25d9aca44234c42a3071b51991d4cf102ac9d89561a1567cbe76dfeaad786a304bec33821ca77080016

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
44KB

MD5
23536ccfe05b737ae639fe63ee4cc435

SHA1
6d2e9822835dc3e6117a4d2addfc8f241fbdbc82

SHA256
6ae9edfc411ede03661a3d910fafddab3d6b313d1f4668dc8c5a84c5ab23a3ce

SHA512
f416e36b2322bbebd211fd1ea69c88883f00c7b00f14474a5fcce4a408840c0d1b0304eb8941509a38157d0583485f638959eb7d5b9ae668aa88c1d3eee8dd0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
c1abf83505941327cbbfc6c527b5d8a0

SHA1
da6bbac5dacb798740a37d8a30a0f86aace3b08a

SHA256
e0c9f9b46708d3293e15a787d328d2cc0cd741d09da068e0d6f61a59661b1be5

SHA512
89ba030dfb2f1bbc00b64b00421931e659a9c4fc96d5010264af1bcbf44797284a1a1f1397e76292bfd42abde8aeafa519360d1222ffc6215475a4a109b5f199

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
709094c55315197c19c6d2be78e9fcc8

SHA1
f1c4d06db92a7d9ea06dff14078fc16273bd44d2

SHA256
17a542763ff899715b3a10449614c2a1a06eea8799cce0b4a038fe72ea677374

SHA512
209e3ecdeb93e792e5497fa252118977181b632c307eec994c6a824a9b10d5c971c474a10319f016799aa9403c6a5f60acc6e603fa3ead5a6b2037a7379cb0ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
3003d0960981b4fa37f9e2f4c0003d39

SHA1
e67468c86628956543a4be498f7b3f8c36001bea

SHA256
a9b61bc2eac65c5dbe4f4dc130bde36e26f484a4c46205166aa8f6ed00865722

SHA512
6d638a74f0a58563f5f81396ef810b5dceea7b7dd8f052f48ace3bba57349dcbcbe4db54748d307a3ee19a660ca809fe5dfb33773a25e7abb5de046bcba2b742

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
92047fec7f7d99e19c5bd623e5507023

SHA1
c5e14d44ae3e58eb40c7da02f67f640184500a84

SHA256
51dff52c67846afe7c6d537201c74915b08777c174fa9fef4836ed361b9c661d

SHA512
4ea842489360ea9a9833f0dceb70f1686ae6e3674bfb4a595330375211e6f185685282b7ec098cd65c16af2e6880dd2a7a1ecc512f699a58025d4c596d3385b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3b8c029ed8eec1dcaf3aa8d1452220ec

SHA1
a7edaf3ce8e6dbab05ffcda9d7c6d87f1e1db015

SHA256
ab7aca37a7da4135d271ebaffacc2ba1277e577d311889a794d4ba6099dc8d9a

SHA512
795c7f1ec9b5f7647537dfecfe81fe2fc02c0bf27e338ab707cc193eac25b5f595228176680ef7353273c4168d51eb849c952dbf409a3ce2f0c18f1c0b2b249b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
8b9aafd70aa7d5fa7b21514e63724251

SHA1
3d935d0532bacdaf58cc8ed106ba482880481cd3

SHA256
154c9098e2d5d063bd4de39fcb045ca6edab3768db3f04413ffe1ec9634b1eac

SHA512
de554b548415986a0dad9e088d6a3727ffe44b224031c51fcc93efcb5e44642756c9969eab8725cd0feeee370d184806c9828877252db4f74350718f788127a8

Download Submit