c38f190e29d086edf82ec8eeb74b30d21cd5b815696ab7970d54ba59091debf2

Analysis

max time kernel
146s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
10/07/2024, 16:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3570c911097f4f69254441f490907a00_JaffaCakes118.html
Size

57KB
MD5

3570c911097f4f69254441f490907a00
SHA1

8223410fc160de3a96db03814dac1adccb9a2228
SHA256

c38f190e29d086edf82ec8eeb74b30d21cd5b815696ab7970d54ba59091debf2
SHA512

09672d05f8663551673a54e1e861a537c819c3a6f8dfacf93444a62602485d37fa149d0c4a4d27df8f22447b81085fb619d8d3a9321effda8643e6660f3a6229
SSDEEP

1536:ijEQvK8OPHdsA1o2vgyHJv0owbd6zKD6CDK2RVroV6wpDK2RVy:ijnOPHdsR2vgyHJutDK2RVroV6wpDK2m

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 11 IoCs

pid	Process
4912	msedge.exe
4912	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
1500	identity_helper.exe
1500	identity_helper.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2180 wrote to memory of 3576	2180	msedge.exe	83
PID 2180 wrote to memory of 3576	2180	msedge.exe	83
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 380	2180	msedge.exe	84
PID 2180 wrote to memory of 4912	2180	msedge.exe	85
PID 2180 wrote to memory of 4912	2180	msedge.exe	85
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86
PID 2180 wrote to memory of 4756	2180	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3570c911097f4f69254441f490907a00_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdccaf46f8,0x7ffdccaf4708,0x7ffdccaf4718
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
  2⤵
  PID:380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
  2⤵
  PID:4756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:3052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
  2⤵
  PID:772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4160 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:1252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
  2⤵
  PID:884
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5800 /prefetch:8
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5800 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
  2⤵
  PID:2568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,9022992331826431231,17922236125394764922,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3172 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1156

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4280

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:552

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d406f3135e11b0a0829109c1090a41dc

SHA1
810f00e803c17274f9af074fc6c47849ad6e873e

SHA256
91f57909a10174b06c862089a9c1f3b3aeafea74a70ee1942ce11bb80d9eace4

SHA512
2b9f0f94b1e8a1b62ab38af8df2add0ec9e4c6dfa94d9c84cc24fe86d2d57d4fc0d9ec8a9775cf42a859ddfd130260128185a0e2588992bca8fd4ebf5ee6d409

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7f37f119665df6beaa925337bbff0e84

SHA1
c2601d11f8aa77e12ab3508479cbf20c27cbd865

SHA256
1073dbff3ec315ac85361c35c8ba791cc4198149b097c7b287dda1d791925027

SHA512
8e180e41dd27c51e81788564b19b8ff411028890da506fbf767d394b1e73ec53e046c8d07235b2ec7c1c593c976bbf74ed9b7d442d68b526a0a77a9b5b0ab817

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
315d55b44ad7ba9d5fceed10f606ba46

SHA1
1662cefd5a226ea723dd4a60dc4cbc5cb861a265

SHA256
44684ed77bafb6f680d71c3d57c29d6a666e655ebd7863e66664fa767216ac31

SHA512
b324d7a877a3e7d58689efbf5d1f3893b67ea1ade7528d0bdb00e8890abf27a8440799389a071da3ca32206d44cde2c4802694ac3e67f3c7d2d7e15e2026c7a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
f00adf9331f9c29beac5136ed362504a

SHA1
9bdc18380e09e9ba14678f0609f766dff7aad040

SHA256
47ed4e34e5c6a74b566b6912b4899d2762b1964f1e4c1060e51130b472348d5d

SHA512
6126d1ed336259a283945eb1fd5abeffabb50e8a9aaf8da45bf55e60e81544784eefb9c8c2b3c1757dc710148e6bfcb47282959458adcd9154f4dcf6e6040ca4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
82745ab3134ebda2ca3e95ed02ea5bff

SHA1
197ef76c1e29dd4f13fb36516cae3785db99f8a8

SHA256
c823c0038f212aab9f1faac3b727c90bf318c8722517b213ecc224bcc7659632

SHA512
2f08193a695d1995da8dd3c732a1e7b0e590957832d3a0171e4c37d702b749061dee9619ac2087365c5b3b9abbe0d8c70954d0b9248af8f106142d1397508075

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
065241fa7a101385cdba0c2558705d1b

SHA1
a0aa54eb94d1eab0c70bdae085eb237d8a73a9b7

SHA256
fd39b627b2003ff23e52f69ee6ea6755773864da7569733f3d0001ab6b02ebae

SHA512
20d6d714d91c0c99689b7f16771e6b2de9ac8351cd55c2f02e363c5412b692c8480672519e51152a84fa742d58fc7c2e9de24768ebd953bb4e5a53f55534c883

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
130425970307c3f58b295f91cc76171d

SHA1
b9894733cb1955dbf88cf05bbc3cd7aa296e1eca

SHA256
389a68ef80629d58ef9d4c64b16f89482fddd89b0df2696c9ecc116e2c9e6188

SHA512
bae3f4430961d0ddc3956e0cee3af66a79d7610778091c247c76d93189777123a1c53f87842639d150616a2989cdae37206ebd87d696eb3dc2803b79fb17f2b1

Download Submit