2369d9f01fab600cd187b82a3f990fcb117957657735cea199d9743e73f0a68f

Analysis

max time kernel
145s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
17/06/2024, 02:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b654d4a2409aab1d55721c0d28fc72cd_JaffaCakes118.html
Size

23KB
MD5

b654d4a2409aab1d55721c0d28fc72cd
SHA1

e1e5b6b110a3402c9ae0cabbef1790ebdd65115a
SHA256

2369d9f01fab600cd187b82a3f990fcb117957657735cea199d9743e73f0a68f
SHA512

ab236597f30e6c561b286417302edcdc2305f8c294b3a6849c41436265ce28107dc77ff543ec70f235281fbacf59a73950de63913aad4a351c7e8bf26ad1c55c
SSDEEP

384:hFaWSIudZff6jIB5qoLsE2+1k6i8upmZJA5h+DiJrEuw:hFaWS/Z6jIqag68puJMh+DiJrEx

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1052	msedge.exe
1052	msedge.exe
2776	msedge.exe
2776	msedge.exe
2532	identity_helper.exe
2532	identity_helper.exe
4888	msedge.exe
4888	msedge.exe
4888	msedge.exe
4888	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe
2776	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2776 wrote to memory of 3224	2776	msedge.exe	82
PID 2776 wrote to memory of 3224	2776	msedge.exe	82
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 2640	2776	msedge.exe	83
PID 2776 wrote to memory of 1052	2776	msedge.exe	84
PID 2776 wrote to memory of 1052	2776	msedge.exe	84
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85
PID 2776 wrote to memory of 2624	2776	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b654d4a2409aab1d55721c0d28fc72cd_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcfd7b46f8,0x7ffcfd7b4708,0x7ffcfd7b4718
  2⤵
  PID:3224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
  2⤵
  PID:2640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
  2⤵
  PID:2624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:1992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:1036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
  2⤵
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:4300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
  2⤵
  PID:4312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:1
  2⤵
  PID:932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,17078250454492152092,13286866004484776478,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6124 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4888

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4112

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2332

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dabfafd78687947a9de64dd5b776d25f

SHA1
16084c74980dbad713f9d332091985808b436dea

SHA256
c7658f407cbe799282ef202e78319e489ed4e48e23f6d056b505bc0d73e34201

SHA512
dae1de5245cd9b72117c430250aa2029eb8df1b85dc414ac50152d8eba4d100bcf0320ac18446f865dc96949f8b06a5b9e7a0c84f9c1b0eada318e80f99f9d2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c39b3aa574c0c938c80eb263bb450311

SHA1
f4d11275b63f4f906be7a55ec6ca050c62c18c88

SHA256
66f8d413a30451055d4b6fa40e007197a4bb93a66a28ca4112967ec417ffab6c

SHA512
eeca2e21cd4d66835beb9812e26344c8695584253af397b06f378536ca797c3906a670ed239631729c96ebb93acfb16327cf58d517e83fb8923881c5fdb6d232

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3cde2193-3a4b-40b3-bde3-c9e24fc2386c.tmp

Filesize
1009B

MD5
285975f5f25ed2af3ee5a21dfc098f72

SHA1
44be4fe957dc32c6e6b777a6732b4d671bbd5729

SHA256
d221d2a6db5941d8997edb4c37547bfa3f18ae1afda1f04b53ebd92a86b9cd5a

SHA512
43dc8a058dd70a70905fc89a00a2f43159b4aea7adff510f9d0d01f24456badedb828cb795d334aae14986ea85b5d12fdbfbe8ba1c72587b784ca3c31c52ccfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
349f9a845c5006ece4fa1cef66093fb9

SHA1
f95d11645953d37b12bea076efe6d81f39ee67fa

SHA256
0649873ca752b40a71a12c326c127fb2abfaa1e2848fd37dcf5faa105cfcf929

SHA512
54c0b4bc3a3ba1da86cf6b808d4d6b0b88d39699d37a1cb11a9d3e5fd69d1e9fe78cfc193b2fa3b125767a96f0bef4f51929c1312ff320312b4e4d8bb43d3af6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
24317a819d0d1b6d03c17482e4e66411

SHA1
f148473acc3d6cbaa128d06c9876361cf77419f1

SHA256
91a857a55956b8ef45bac62b5875da4afd31f2e5d4e3cdba493418ef14813d85

SHA512
df78bd805aa5af587b1c6ac90762f1723cfcdc6b5ba2f9d2f12102b62a386d29c940d778c608bc9627074472a3a24540aa9063174dc09c66f615677f2606497e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9a44a4ef71fc76dcaf0d9562040f28c1

SHA1
675ecbdd3f84b5e86b211bc34b8464c32a93661b

SHA256
9293de4bafbe8a0b005c44cc52a3835f0274fbaadfa7def0fd3ccb37a687c197

SHA512
53e2430330caed0ca4f1bcac738d1971d9f7ec1676566457e61240328eaadd342d1bce8bbe6b28385c203538d9dd911ae95e410d7db5e87d5ff3beda97541bf3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
245b7daa5e577308de67ad723693b16c

SHA1
eb014f7bcae1ce93fc3334645826a4db31be6f23

SHA256
b63cd07cdf413a487136a773eed3ee288545fa44a1780e7c772b2871d9022418

SHA512
d79c724f810f9ba73abc34ff7f64ccdebfad95dc09bba7905d7d6911b8b3b769c7f4009781f14e9bf9e78945e63f4febd1ff4039416ead0a9785ddde10f7f742

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
707B

MD5
f4f17e7e0af85e99f72e5a6fb2dfbefa

SHA1
bffa9a4543fbb6ae570e129cc7b203dde13689c0

SHA256
6b18a46df4daf49650a84a7576ec45f1c123388271b534776622471c93e44f2a

SHA512
58944ab52ad4060b5ac882430dceef158efb1264c3313c8f50165aca9571c0880684084381b32a1a395bf3caceef44b11a2694e9fb388c522628ead784e5d7d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57da43.TMP

Filesize
204B

MD5
7a67348b9a14d8ae47534a5fa2d0a725

SHA1
326ba99deaf95d8e4044e071a968ad0805ca203a

SHA256
31039ef0750bb31e0b4df79001f6244cbac6bf61b30304aff4fb2348727d8a72

SHA512
767d9f1f13809e1848c515bc8ce83bd85d842311e7e9494e15f7b830961f4295d91346ab0ef7b19ccc634e8010967d29f1dfe9ca4e635d0491e20d19c14f238d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
9a6da779974c50ad1e8f1fb21074e3ce

SHA1
76c3d5dcdebaef140f16e4d005c5a0840e8b4306

SHA256
e7ea05e94a954108e7fd83507ae16ad957e9d35c565955c08dfec2ee6dda3c16

SHA512
4d7348bcd1fcd5287a02e0e4fd3c1845c3d2c0fdf8ce79e8938195c2eabd7b1c0731894019e5479b4a95facab0f904ef2a56a9ce03038f50a32cd0da12c0a074

Download Submit