95bd3d2f3d591d1605d0e19eb5502c24302119eb4bff4e5d84f34d79e591fd5e

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
13-07-2024 08:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

40f31f749985e64c70466bc5ac0f6e80_JaffaCakes118.html
Size

15KB
MD5

40f31f749985e64c70466bc5ac0f6e80
SHA1

bf542acb452d79e35ea7fe2ff1932ec65b9818a4
SHA256

95bd3d2f3d591d1605d0e19eb5502c24302119eb4bff4e5d84f34d79e591fd5e
SHA512

386aad717b7aee97d21b02e30cfae947a22f30e5d095b641041fc5e23b60d399b0c334e05440a9ae66b9ca0b97056d29d1f0e64b5404c34e89b773e0602a0f46
SSDEEP

192:PhWZc8UhI5jcqIHBQVeJC8NTYo6Fko4DJlWFVw6LQ4MliabmTEekSuGlmP3KTALd:PhWZUccRls82Oo4JlWjw54MlJmISL2V

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4592	msedge.exe
4592	msedge.exe
4640	msedge.exe
4640	msedge.exe
1068	identity_helper.exe
1068	identity_helper.exe
1800	msedge.exe
1800	msedge.exe
1800	msedge.exe
1800	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe
4640	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4640 wrote to memory of 3272	4640	msedge.exe	83
PID 4640 wrote to memory of 3272	4640	msedge.exe	83
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4264	4640	msedge.exe	84
PID 4640 wrote to memory of 4592	4640	msedge.exe	85
PID 4640 wrote to memory of 4592	4640	msedge.exe	85
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86
PID 4640 wrote to memory of 3752	4640	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\40f31f749985e64c70466bc5ac0f6e80_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc3e6046f8,0x7ffc3e604708,0x7ffc3e604718
  2⤵
  PID:3272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:4264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2456 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
  2⤵
  PID:3752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:2464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:3548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
  2⤵
  PID:2500
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5684 /prefetch:8
  2⤵
  PID:2540
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5684 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:2112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1500,9784999236133236298,10079952848836866931,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2684 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1800

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2192

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
584971c8ba88c824fd51a05dddb45a98

SHA1
b7c9489b4427652a9cdd754d1c1b6ac4034be421

SHA256
e2d8de6c2323bbb3863ec50843d9b58a22e911fd626d31430658b9ea942cd307

SHA512
5dbf1a4631a04d1149d8fab2b8e0e43ccd97b7212de43b961b9128a8bf03329164fdeb480154a8ffea5835f28417a7d2b115b8bf8d578d00b13c3682aa5ca726

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b28ef7d9f6d74f055cc49876767c886c

SHA1
d6b3267f36c340979f8fc3e012fdd02c468740bf

SHA256
fa6804456884789f4bdf9c3f5a4a8f29e0ededde149c4384072f3d8cc85bcc37

SHA512
491f893c8f765e5d629bce8dd5067cef4e2ebc558d43bfb05e358bca43e1a66ee1285519bc266fd0ff5b5e09769a56077b62ac55fa8797c1edf6205843356e75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
fd8a01883259f2a54aa03f1d539431de

SHA1
3ab4f98b21b21cd6497732c8741e49f5ae3a71af

SHA256
e2a4a8e56bb5273b38d38207176c7db5dbcd9514048ae1cf0bb64a3598265a36

SHA512
5edcc004aefb23395627caa572e1cca9bfbac0ad3fda050bd313eeb61197597ffa7d5aa161153345b2c87c822741d531d20a8f1f373435adb3ec4a6e48b42273

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
1248c51b5b10455d7bb7569dbe5be13c

SHA1
6396d5ebfff5950889ab8522fcefc9ec09123375

SHA256
257e6e13a900aab38e3aa00e737688e8b0a6b7f73964c96101cd3c5faf8db711

SHA512
5d3f54a428e2372139c1fd95e16a8830107f85231f0bb7dee9f90644bcf74dddd5f5798675d016f92716c3a71ffc4df1a01da96c5a6ddaaa91519e6339adf0f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bd6875a190d389f889d3eda5fdb59570

SHA1
a7bdb3512c7af566296dfee49d065fa8921e642d

SHA256
cbfc16eddb13058bde64515c0bb92163545c6677ecaad80d446b3c21d4dcd766

SHA512
6e88abfbbffcef2b255849f7ea8931c919896b8635752b4500f9173475fa5c82bd025ba9ee1613f9779a055bc51f4f4183051e1aa46c58fb7b73d70ff78e05cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0fc619ae7ca263ca8733897ca188fac6

SHA1
7b19042f360a8c533dc1ef4064871e671044b3f8

SHA256
c51d419470e040cd02c3c36dddc2021b1fe6fc1c82efe4bebd6aa6fca5664eb7

SHA512
b926b496103ead12935d8d7a77d2f597d831623efd325d56ade37485de7698b3884ba408328be2b4e85c7048a5bb1e66a21548bbb6cc6ac67c521b687558aa76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f0a8958502f1af4ff0cc1a5cb2600492

SHA1
3160cabb000e6d4cdb41e0b9d8571ccdb1b0e281

SHA256
6be0432d57241fa6ad66d4eb2a42df06e57ebf1effaf9770941461c7adc3cf4a

SHA512
3d040862198d8b0588b6ec5ce1951b623cc8fe65b9029d6da75a7f8f2298ee34197a42a1013bbcb0be8adc10d07df5df3e35ab231232bc5c2abc7ef353aa57d2

Download Submit