60178ea1b6b73b686e1df718577c80ed59a12084ff75017fcf05c2bc05a8d5a3

Analysis

max time kernel
145s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
16/07/2024, 04:16

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4cc46663dd958874576e8024a30feb62_JaffaCakes118.html
Size

60KB
MD5

4cc46663dd958874576e8024a30feb62
SHA1

d27f15e7b822217bb0d457edb8a45ffc79dd727d
SHA256

60178ea1b6b73b686e1df718577c80ed59a12084ff75017fcf05c2bc05a8d5a3
SHA512

7bdd7a3711a9a9594b5dcb664de999a3cdcc200b7288788d7b075b393967cb68d684fff0779ae73a100f12bb836834afc58bd91f396bc815a1adce8a519c4974
SSDEEP

768:HzUlkvgOriWNzvoWgGDVX5ef6Ae/sGQVvLFDeQzpxXby6weEU5Zmg2SiL:HFvdVX5eiAeSFbzDKeR5Zq

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3444	msedge.exe
3444	msedge.exe
116	msedge.exe
116	msedge.exe
4368	identity_helper.exe
4368	identity_helper.exe
1052	msedge.exe
1052	msedge.exe
1052	msedge.exe
1052	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 116 wrote to memory of 1176	116	msedge.exe	83
PID 116 wrote to memory of 1176	116	msedge.exe	83
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 4384	116	msedge.exe	84
PID 116 wrote to memory of 3444	116	msedge.exe	85
PID 116 wrote to memory of 3444	116	msedge.exe	85
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86
PID 116 wrote to memory of 3088	116	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4cc46663dd958874576e8024a30feb62_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff82c0746f8,0x7ff82c074708,0x7ff82c074718
  2⤵
  PID:1176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2
  2⤵
  PID:4384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:3088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:1852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:3176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5176 /prefetch:8
  2⤵
  PID:4316
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5176 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:2376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,14693016846669573739,4429725407924123441,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1380 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1052

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2184

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6c86c838cf1dc704d2be375f04e1e6c6

SHA1
ad2911a13a3addc86cc46d4329b2b1621cbe7e35

SHA256
dff0886331bb45ec7711af92ab10be76291fde729dff23ca3270c86fb6e606bb

SHA512
a120248263919c687f09615fed56c7cac825c8c93c104488632cebc1abfa338c39ebdc191e5f0c45ff30f054f08d4c02d12b013de6322490197606ce0c0b4f37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27f3335bf37563e4537db3624ee378da

SHA1
57543abc3d97c2a2b251b446820894f4b0111aeb

SHA256
494425284ba12ee2fb07890e268be7890b258e1b1e5ecfa4a4dbc3411ab93b1a

SHA512
2bef861f9d2d916272f6014110fdee84afced515710c9d69b3c310f6bf41728d1b2d41fee3c86441ff96c08c7d474f9326e992b9164b9a3f13627f7d24d0c485

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
21KB

MD5
549baced2c151db8a02c3419aa5c01be

SHA1
1f36a9716da201c5e45c1cc23c349bbaae44a3c9

SHA256
11938f83bd463e29316808f3e118440f718f1c7a0761bc860171255a96cbefca

SHA512
12c40a66af58d9436d7c3361de906077402cfeded97361c81d9900d69d405b5ab002ac36aad3f8152c6083e00755442bd1bcd1766af26c097638051dfe1aa9d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
45KB

MD5
94019c00785285cd78d6da8a1bdeaf80

SHA1
33ba11bbe8c91eca17a84c3dcae4667638a61b57

SHA256
2ea5a487d117c082ab04c8b2d979adc04c18f496af90ef2caf9910d9902ef8a9

SHA512
b58d23d9333290e203ee3191cbcca4686ae1f9b4c135ee8a8e0f014e7db4efdcffe6aa82b502b2d8e63bde705895a04726d799a4c6b0e22783b6925b4d297d70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
46e837889a3c2b493eb5e9722fc0ba86

SHA1
5e6fdb562b890b46dd8087e0e7b739e7cc763a74

SHA256
ee73ffe59f9a5373e2308e2628e973fd6c7234dc0bdb8d771ca4445bee4f8c53

SHA512
308a377dca54d9fb679e39c60e532c1d9ecc3a3144d28355cbf37fb7c47f3074612ec9e47118ac29f1c4fba864a54c85602d5dee1f7d644777e07220560d8079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
cf50e5663860d8f6a095da7e804a39df

SHA1
b3172ed77e4b712f1ac55d78697da6c101b5f9be

SHA256
0fab544c8ebafd0ae0231e28395931ca9dee944e0fbba4a4bd5c2b3e2bdb676d

SHA512
3d5e839c9d35b1d68c24f8d474bfdafa8b877b06cdb549b10a809d3815dd6602b6d0001855ecba65570622edacbf51105854174de59b4c6d21f62f448d52acfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6c3d3cfbab9916bc7707c4b0ffe0271e

SHA1
5e64a3e654a42052f277abcebbd0c24b540dc0dd

SHA256
6e9e5a6443cedf53c7cba22b2a0f26969d28c54cb0dea6e2a7ec9bd9bd57d51c

SHA512
9bc753f59fe7e3420ab2d65e86118f27834f6f6fdc365655e537a97edc0c4dd2aaa9d3541559034887798d8ef3a4105409bb5b11608caa3fcf1e5b95b72be306

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
263680c08c741632fc8fc8895ade8ad5

SHA1
12a1b3fd978210d6be216c0d0895a8e5140b7234

SHA256
e375749e73c2c7cdbd95cefd249928f627c337414c78aafdbcbbfc888d8d8230

SHA512
3354a695506616f7aa692abdc64ddade4f9fec021635b134a60f9aa55cf06c864f332584ddefb139731899aedacbeebe8a24de6f51892091208f628832abffbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1dae75b9d1a62dd059047e5b720b2d56

SHA1
39c0358826091f99a1a45381a1ee8d46f232e1d0

SHA256
e491faf72d88f571dfce11c5a39cdd8c3b0a21601853c93f5b6b6091d08aeba2

SHA512
f11b0194c3dde6023a74a2e929e8464a7d3bc1c2e688d0ce97d6dcc99563f26c9d7513e8d9ca18596852b380b129aece12c0322735026df35ef4177df2940cf6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
6cb78e5a656ba4c6e40f8e0a1ddb991f

SHA1
3fa7f8188b98b46c54413f716183255b84931e0c

SHA256
3912932d7f729865d0d1ae21915c05c7cbf7e0e91189116ffb4ea30b252a58b3

SHA512
ab5f40f23cd13fe5991dc9e06e9c86ad027f99056f55cc8e97933531878caeeaf3e3489f6a19f2c1192e637a1e04ffc2921b7afa4217755e008cabaa76522d05

Download Submit