f2650e8cc03d5f1d38974f38ad97cd7d49fbcc36f4b1158077a5253e25e99e6d

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
17-06-2024 12:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b88acfa3a464c17deb1afbba82b2430e_JaffaCakes118.html
Size

67KB
MD5

b88acfa3a464c17deb1afbba82b2430e
SHA1

35dd2ec707608d62a398cab51f4a9417b1eb16c2
SHA256

f2650e8cc03d5f1d38974f38ad97cd7d49fbcc36f4b1158077a5253e25e99e6d
SHA512

48c0d281c201a3246b899b6ea983e45a77e48f6d9d7b6bca8e6465dd90f49cb8de95339a2a0d33c14f8ce6e5f8bffd23da4df86aaf46233208bfb1b0cc8dcfdd
SSDEEP

1536:pbA6Besou5LuWsF9E2RAHfUZm3Ty/fdSMhj8ZxbijpjU9hezrveSeh2h2t:lA6Beso8LdsTNT2ezrveS+2h2t

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4480	msedge.exe
4480	msedge.exe
1328	msedge.exe
1328	msedge.exe
4252	identity_helper.exe
4252	identity_helper.exe
2356	msedge.exe
2356	msedge.exe
2356	msedge.exe
2356	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe
1328	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1328 wrote to memory of 4240	1328	msedge.exe	81
PID 1328 wrote to memory of 4240	1328	msedge.exe	81
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 1960	1328	msedge.exe	82
PID 1328 wrote to memory of 4480	1328	msedge.exe	83
PID 1328 wrote to memory of 4480	1328	msedge.exe	83
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84
PID 1328 wrote to memory of 1500	1328	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b88acfa3a464c17deb1afbba82b2430e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9e5e046f8,0x7ff9e5e04708,0x7ff9e5e04718
  2⤵
  PID:4240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
  2⤵
  PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
  2⤵
  PID:1500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:2284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5684 /prefetch:8
  2⤵
  PID:3580
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5684 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:3192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1
  2⤵
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
  2⤵
  PID:3940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
  2⤵
  PID:3980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,6886757899531308699,646003787417445838,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2304 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2356

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:628

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3180

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4b4f91fa1b362ba5341ecb2836438dea

SHA1
9561f5aabed742404d455da735259a2c6781fa07

SHA256
d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c

SHA512
fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eaa3db555ab5bc0cb364826204aad3f0

SHA1
a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca

SHA256
ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b

SHA512
e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
23KB

MD5
e1c71f7c04be834f5587230db2ad24b3

SHA1
f3bab9cb99d9f343bf7ed3981aaa7450515d2424

SHA256
9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899

SHA512
205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
59bd07b1c9b6a019be2f89f5ee562d89

SHA1
85a42b133bd89adc91e562787bf07e2cd47a07d1

SHA256
c15e42af393e4f9396663d43d2ff97255ae706dad504d39d1ff0459996050ae7

SHA512
1ab6b56bb6694116412844cddda57c59a9ddf38573aca3296a658d47ef052e10e5cf6169ff5c67cdca53c5ce2b69268efcea6cb8e6637f8efdff449fc2067fd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
818d0eebbefc15d17eca119c905aec9a

SHA1
be5bde3d4d2fd13fc98d8122cd69dbe6b8b6bed7

SHA256
8a7f68e46eb20885c0c190f58c4fce0834be4dc2185d27c094373134b975cb02

SHA512
6e0e501219f6b1537d2622fef9cf0f1e15e7664bdeab86ca5095e1bb2afe20c937c6b599ac70d56ffe2d1d7a9bef68a3b3ac838f2b1e39a8baac231be5c7d86d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
1c8cdb3be778ef6e2bfa3b59123625b9

SHA1
9ebe802e31f19b7e4ebe27d91ac3d28228a7357a

SHA256
3adca41c308e4a5f9930516726bffb74758eeb50d33d34871297f3a6156428e4

SHA512
43f7daa83ac6009e882fe8675e8630a443cdd8e186cc4fb4d1191221d23d654e5f99c7ea9889c60b09e99e263cd0f16ddc2af529ebc85ff8fb12c19d56154063

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
aa8662a8bca2bf3e6503c23b3e03b09f

SHA1
dcf307741a68ab4c59e1f5ca9ca234b18e9ac1fb

SHA256
d2246f0efa9be64b90d2c60cd5c36d626fb52f522ef5b3f876d22bf17bf914b2

SHA512
d5b22566e067f98aad5e36823f35b0f5d776a54859985b9bc82c0d8a0768da47db73ce3d1dd5b8aab5554ce24fd664431686b9424e002fcd9566ebeb65c354fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
18303cece9885f9087801ec6789545e5

SHA1
4222c18319dc37303604ae118f5d409ec5cf17d9

SHA256
6afd93e5e3114c8eef27c732f128c53bef061bdec79dafdb3b67f361c7baab5f

SHA512
ed254fd092b19b5bc84dbaacf92371c09024b887768eab035f00fa964c954a1a3a63cb7abb540491cd73fe31784970b93643faee60ab05555680bf8881ff7596

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9a324611f306637ecee158fb0e4a7947

SHA1
e45df978fed55da6d89b454788e57732eb187e3c

SHA256
512cfe9702518e871053d4bf0a267272c092529c35ed788d33101afc6242ca17

SHA512
67d19c17224d1acb721390c296c613be7b496661e576def31aef9de27cc25130ad765e080468bb8a933e6eb234f774797f280635ca2836f93f6149d9cbb9e188

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f2ec1f5f9c931feb1e80157911ffb973

SHA1
d3c5d45d3c48d40d45809a5d2aced5a1f84c89dd

SHA256
0da6bdd3a5b39bfb80169b32181562c61e7c5de8e334a53d705e70ba7f0657c0

SHA512
1f56102a58c919962f87cc6e6a3f616e8a6cacc1eb0d611a98c94e19364ac6da3f03d0be8b114e9111599dd503793aaf6ec225b6a2e8d858c6ae75cfb64d07e0

Download Submit