c8b7c5053aaaf02fb02abad53ad69cd5c7191c3b5cb508c23569a499cd1f68fe

Analysis

max time kernel
145s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
11/07/2024, 00:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

36f0561cba29231fee2c0eb51449bf07_JaffaCakes118.html
Size

57KB
MD5

36f0561cba29231fee2c0eb51449bf07
SHA1

6dff08734b2fefd92f1d7e1205d08e785b200ab7
SHA256

c8b7c5053aaaf02fb02abad53ad69cd5c7191c3b5cb508c23569a499cd1f68fe
SHA512

75395259d0e534765b9c64285ff1cd33d03c1e5d64563a7072df5da32629f587aba32d26ce01bf13060dcadff6b57bb2966dd8eeb48866abe1267c0368dd84e6
SSDEEP

1536:ijEQvK8OPHdVAto2vgyHJv0owbd6zKD6CDK2RVroBHwpDK2RVy:ijnOPHdVl2vgyHJutDK2RVroBHwpDK2m

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
864	msedge.exe
864	msedge.exe
3764	msedge.exe
3764	msedge.exe
2672	identity_helper.exe
2672	identity_helper.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe
3764	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3764 wrote to memory of 432	3764	msedge.exe	82
PID 3764 wrote to memory of 432	3764	msedge.exe	82
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 4744	3764	msedge.exe	83
PID 3764 wrote to memory of 864	3764	msedge.exe	84
PID 3764 wrote to memory of 864	3764	msedge.exe	84
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85
PID 3764 wrote to memory of 396	3764	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\36f0561cba29231fee2c0eb51449bf07_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc280046f8,0x7ffc28004708,0x7ffc28004718
  2⤵
  PID:432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
  2⤵
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:1156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3820 /prefetch:1
  2⤵
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4124 /prefetch:1
  2⤵
  PID:1476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
  2⤵
  PID:4448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
  2⤵
  PID:304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6188 /prefetch:8
  2⤵
  PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6188 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
  2⤵
  PID:4888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3984 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,14223925977379365739,5243203143103229715,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5940 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4064

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4876

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:220

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
210676dde5c0bd984dc057e2333e1075

SHA1
2d2f8c14ee48a2580f852db7ac605f81b5b1399a

SHA256
2a89d71b4ddd34734b16d91ebd8ea68b760f321baccdd4963f91b8d3507a3fb5

SHA512
aeb81804cac5b17a5d1e55327f62df7645e9bbbfa8cad1401e7382628341a939b7aedc749b2412c06174a9e3fcdd5248d6df9b5d3f56c53232d17e59277ab017

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f4e6521c03f1bc16d91d99c059cc5424

SHA1
043665051c486192a6eefe6d0632cf34ae8e89ad

SHA256
7759c346539367b2f80e78abca170f09731caa169e3462f11eda84c3f1ca63d1

SHA512
0bb4f628da6d715910161439685052409be54435e192cb4105191472bb14a33724592df24686d1655e9ba9572bd3dff8f46e211c0310e16bfe2ac949c49fbc5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
6957e0009fc11f9bf90ec4e0518e4eb1

SHA1
29e6688a4f1d3e552e437770dd4e7fec0dab902f

SHA256
af17662e9f9255185696e91df14d1ce9d10bec8af33738b29bdeb1a97b1e4918

SHA512
b77d8ac10e9d51958dda83f769c34f3ed35800cbc0806cb87c84463fe64004d875f567d353bb4f54d903078bc5aef83e22e12703a89a29dc3fe5337c3a783fd5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
7dc97afc44196befd1ffd361b2409fcb

SHA1
af7828033386588042726ce6ceae34437462a4b2

SHA256
cf8149edaf63d7ef16e6e55364e878003a9f25cc7961fe03757a3a179acb8a27

SHA512
a0d799f7c16aae58b1b9470bddabfe49b8b631752cc9dd9b44fe3f5360b698f35e0537914e66b606f863ea9a751d040e3f95f6bab1aaf5f131aa5df0720c639c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fc16dabfef6ac06e036bfb6bd10e2aeb

SHA1
fd9d64bf809a7571829b2317e8b878a53f7262af

SHA256
384d669b372bcd68096ad2944ee52c78083709463b1d1af05372ceba17a0ec04

SHA512
dc294dd5b27b89220eedb50504ac16dfd9c58c0b8e943fab295ddae0d7721c6322a95535fd78a03d1aa4d82123f65823802ad120c64d8ddef6603e2eb8efc92b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cbb2150507ec8f423dbe2a8702027b70

SHA1
d682bcc691be824c92b83a68a7f214e0aa39c069

SHA256
7677eb20c33677bb1c88b6e4a55d424af74322e360d10a93e73aa6e49241e26d

SHA512
4f2cc9244410ffc48128ed916b1c4fd95cd64c3516c55aa7b15a5a3e908288ffb05369702d54c043d65e7a8a9fe774c330a140544ed5103fc65dcf0dc26c123c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1cae392e548d51862d0405259795b074

SHA1
8c3e976ea93932732243b34b62d6a47f5a23e506

SHA256
8dfc48884857c1acf481f41930fd320f55f85dafbfccdcec455bf07a76022ed3

SHA512
59df1e1690bc0e5fc2849492c78e0d4c12acd33b17c380aa452f8e175bd5d3b4e0d38c9641881350be1822a2f384c1e18e86836a654b028c0c15c6201fbb3eb9

Download Submit