c5bf9e18943e676ddd7ad576e684fdaf497faf0e29588a32af3a2d5b6fafea8c

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
01/07/2024, 13:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1b6707d76545da588fd430f52340ab3d_JaffaCakes118.html
Size

109KB
MD5

1b6707d76545da588fd430f52340ab3d
SHA1

991d88d404b7b295877cf8bd4083e00b652365ed
SHA256

c5bf9e18943e676ddd7ad576e684fdaf497faf0e29588a32af3a2d5b6fafea8c
SHA512

afe58439e2b5eddc34939b7d6b66cc3170fb0f3cb81365a6be87f18ec71d68e6a0edd3836f5bdaa0b6aff00f9060b3f33edea433fc149bdc0b71cdca4955952d
SSDEEP

1536:f+Orm46B50PFQxKCzYdLPciaffq+U9+hfu5qNV+/orsUVctV3ElkHXl3Tc/f485b:xXW52hBvclsVDc348a4wmu50J

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2912	msedge.exe
2912	msedge.exe
1916	msedge.exe
1916	msedge.exe
4424	identity_helper.exe
4424	identity_helper.exe
5644	msedge.exe
5644	msedge.exe
5644	msedge.exe
5644	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe
1916	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1916 wrote to memory of 2888	1916	msedge.exe	82
PID 1916 wrote to memory of 2888	1916	msedge.exe	82
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 1068	1916	msedge.exe	83
PID 1916 wrote to memory of 2912	1916	msedge.exe	84
PID 1916 wrote to memory of 2912	1916	msedge.exe	84
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85
PID 1916 wrote to memory of 5080	1916	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\1b6707d76545da588fd430f52340ab3d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa40d346f8,0x7ffa40d34708,0x7ffa40d34718
  2⤵
  PID:2888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:1068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2728 /prefetch:8
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1
  2⤵
  PID:4236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
  2⤵
  PID:3968
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5764 /prefetch:8
  2⤵
  PID:2216
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5764 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
  2⤵
  PID:3228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
  2⤵
  PID:4212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
  2⤵
  PID:3868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,9454346003468310242,15475330434820231683,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5312 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5644

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:856

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2636

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2812

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
db9081c34e133c32d02f593df88f047a

SHA1
a0da007c14fd0591091924edc44bee90456700c6

SHA256
c9cd202ebb55fe8dd3e5563948bab458e947d7ba33bc0f38c6b37ce5d0bd7c3e

SHA512
12f9809958b024571891fae646208a76f3823ae333716a5cec303e15c38281db042b7acf95bc6523b6328ac9c8644794d39a0e03d9db196f156a6ee1fb4f2744

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3a09f853479af373691d131247040276

SHA1
1b6f098e04da87e9cf2d3284943ec2144f36ac04

SHA256
a358de2c0eba30c70a56022c44a3775aa99ffa819cd7f42f7c45ac358b5e739f

SHA512
341cf0f363621ee02525cd398ae0d462319c6a80e05fd25d9aca44234c42a3071b51991d4cf102ac9d89561a1567cbe76dfeaad786a304bec33821ca77080016

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
2f2edf4a79aa340d3b85add13bacec35

SHA1
281cf0592e3cd630e7ee55b527d0201aaf4550c3

SHA256
c79664fbea224ffcab9a373b993ee17c3645dcebdd075e632ee3e1d7988cdc6b

SHA512
b1ae9db3ee77f0d872802b5bbb81063d20b7560d12865fb3a6988fcb9aae45c29860943a024bc54298234e7f2c176c9cf55b6b10b56263c2ea69dce295781b17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
278c464c30ca35c5f18b14fdec9f1c16

SHA1
3030e175428d314f2a54aa2810a30e5981eb29c4

SHA256
546733faf4c3a36bd4df32f17e7ddb5b436693b80a73f1f1827de48610555a14

SHA512
8e3d6f763b42914b770b9d217fe0ca58a2b12d744cc636217d9e70bbf09136893343995f2e8ef316df3846afdb7d7aa94a5c07bdcd26709c0117278509c9ba33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
216c5e3970e9486c1f51cafac4d42dbe

SHA1
4e73742a5ce11ce54f506e198c0ca93cc2472667

SHA256
aa7118fe2311861e96e471596ab6941d63bb7c3a26df0c0753e3e584f73da54f

SHA512
a994ba2421ba66c05c2303889c58473833046a98cc78a98a1d9af032eb835c7ee96e229595fd329685e4f3f9fdfd5ed0f1352c86afe68da6ace781c768466421

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f492b97ff0dc3820b578ddc247d3e390

SHA1
f19d05fcbb7c6d072e705d66838a44066a5dfce6

SHA256
3e538982d5ac498151fc3ee494589e01431e69e1e5e41f385fcd4e6d70b7722b

SHA512
23ec9b56d2ec3333a72962149a2cc1e4c21805c8d14c1e3f030ae6beb3314ef9800e627d9e265982b7317ae99bb8332af97fcdd7cfbd0d54fdd10f0ab179be2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
32c3a4177b766f8ff21575133ca9a7dc

SHA1
7d4e62fae27503e0b78d2bf6e5776b4c7925a539

SHA256
1004f988391211ad83349e61442322ad779b5984987737c5efff0477abfec950

SHA512
52e4f11038e47ecc866a38f1caf8215f6b8b40416737f22f764ba2176b6e07fae09941ad9ea05e8023a6a74a49fcf340a7c7326b6113ee234d25eca0666cf3a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
426b3998b201381fc5409d9cb3f4fcbe

SHA1
322b5a312cd0ac17ac47a635ade78895cefa32aa

SHA256
f8f2b0dbf1d3ec4f9a348567693e6908fc6eb35f7056c15373d12ccbe307ba29

SHA512
6170ea7b194602fe2097aed36ab244045b09658f4f8323135692c8c9ae0e61611ee5714180c2d198f2deb570da8306927ded3c27ccc0d5225641205d48328d11

Download Submit