c50eb2188e71df6f4adc5134987e46bd989d56a09b847e7a0d6a1ae94947ea55

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03/07/2024, 18:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

235c10e64b13e4ab88828cbd244bb708_JaffaCakes118.html
Size

58KB
MD5

235c10e64b13e4ab88828cbd244bb708
SHA1

4d9e2e1a91d13ca05c62af9c6c6608fd52519c3e
SHA256

c50eb2188e71df6f4adc5134987e46bd989d56a09b847e7a0d6a1ae94947ea55
SHA512

7d9fb7b3ae038e24843d95799cc347ff53de3bc3bd3e6b4439f5b7cfd9ca70c4975e6b3c5b94c7ceee06c179c619a71ffe64d8392e9beeb4070d7ca3ba776a36
SSDEEP

1536:gQZBCCOdS0IxCAc4hfRfCfMQf3fdfdfysfSfuf4fHf9frfwfefJf5fCfsfqfEfa4:gk2o0IxtZ6P/lVqsKGwv1DoWhxaUSsi4

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3712	msedge.exe
3712	msedge.exe
3060	msedge.exe
3060	msedge.exe
1532	identity_helper.exe
1532	identity_helper.exe
3368	msedge.exe
3368	msedge.exe
3368	msedge.exe
3368	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe
3060	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3060 wrote to memory of 936	3060	msedge.exe	80
PID 3060 wrote to memory of 936	3060	msedge.exe	80
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 4136	3060	msedge.exe	81
PID 3060 wrote to memory of 3712	3060	msedge.exe	82
PID 3060 wrote to memory of 3712	3060	msedge.exe	82
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83
PID 3060 wrote to memory of 3192	3060	msedge.exe	83

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\235c10e64b13e4ab88828cbd244bb708_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff8c3c46f8,0x7fff8c3c4708,0x7fff8c3c4718
  2⤵
  PID:936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
  2⤵
  PID:4136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
  2⤵
  PID:3192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:3448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:5108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
  2⤵
  PID:4444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5880 /prefetch:8
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5880 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
  2⤵
  PID:1596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
  2⤵
  PID:1432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
  2⤵
  PID:2876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,4346860015439474039,16541769524576346546,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1912 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3368

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:396

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
7fac9d671ff1e1e2ba8645250df05d60

SHA1
f5305409d64920e214ecb3806f99e131ae51e942

SHA256
3815c6fd6739c62a693093caad269423aefc11809d2db9f74e37b3a3f7e1fb47

SHA512
bbc0016a912d711fdc20845684d0c8296b4ad56372151e5e0bb83760bca080a43facdeab4dbd434e5c40dfbca997f2eab3d54092796d6c37bb55df566ec29612

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
958aab20bc9168f97cd1efe1ced851db

SHA1
4a04c6feb94478e549812184deac7ccf80d586e8

SHA256
c84c31788d4eb34d715b01f609e52e241f08fd38bebf206eda16512c95d3270f

SHA512
81e3836f5d6cf2354bd49dd9b7d9ea3224748da0e822b080cd29a8c2ce47c2d9a06c10a239d5d388db75df1e7a1f82bcb9a0b1fcdb13634aec7837468fdda91e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b62adace9e3b02ba4001c19c4cff32e9

SHA1
1bd498029be3dc6d430bcdb73e9c45b8dc72dde8

SHA256
f58e7790356ce312417f13ff266cc81c4f61b75994437596a4cb76db8c180bf9

SHA512
57f69e18592b3d6f7f7f6a31bf0181edff8aff473e50b5536d56f1be8a00dd90c1a52565a8f589e5babf312f6a2579a066efd038a0c97253710b3075ddebf1d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
16211dcff559f6635b6f800a49314f14

SHA1
c6afe9e1e4ce650ae5c2b2c472c323c8507cad0c

SHA256
d0959fe3d90633ae5e01b2a6f8732acc54ed54748d901ea9ce58937cfda726b0

SHA512
3456301783fe44780a50fbdd03c90a317698b78cab16fec33f8dda0903e0182485049dbff6f2c68324048191bd3ac23c1eaa0aba0d49fe2d136ab87a7796c34c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b3ff74eb597fa951028e94ba3efe45dd

SHA1
4fdc57b7ac9efd33eabdb1abdff9c49150622e16

SHA256
491242a9abddba007a0980fc3fe28b328d6744cbfa12c06e854cc0ee1a24f171

SHA512
4bc62a321da844e1222728a06755f88a7fc35617b08e1966fbec9eb5a92a5eb37e161ebc2b9381020f8d4347f78018dc659b8b6913496017bee0c1e6fcd80a43

Download Submit