d7aa0adf0d5bbc67de56fec84dcb1effde3b1ab261abfc5e6ac5dad07e321f21

Analysis

max time kernel
145s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
19/07/2024, 16:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5cb6e963fb6184a0f61b343e8297a264_JaffaCakes118.html
Size

57KB
MD5

5cb6e963fb6184a0f61b343e8297a264
SHA1

d560439a0f761ba58fc05203ebadb4a7a2acdfed
SHA256

d7aa0adf0d5bbc67de56fec84dcb1effde3b1ab261abfc5e6ac5dad07e321f21
SHA512

814c8941648ec8aa2775cd16904d76cc5e6b32b613755fe9dd2ce2993baab6c37d73258ef332917afadf00f45bbe7fa461696447a06db3b8e204481995cc5440
SSDEEP

1536:gQZBCCOd+0IxC6n8jfAfKf/fkfcfLf5fof7fGfRfZfSfGfefLfdf8fbfjfUf3fFT:gk2E0IxO4C3cUzBgTephqu2TlkDrs/NT

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1420	msedge.exe
1420	msedge.exe
5100	msedge.exe
5100	msedge.exe
416	identity_helper.exe
416	identity_helper.exe
1828	msedge.exe
1828	msedge.exe
1828	msedge.exe
1828	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5100 wrote to memory of 408	5100	msedge.exe	84
PID 5100 wrote to memory of 408	5100	msedge.exe	84
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1664	5100	msedge.exe	85
PID 5100 wrote to memory of 1420	5100	msedge.exe	86
PID 5100 wrote to memory of 1420	5100	msedge.exe	86
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87
PID 5100 wrote to memory of 3976	5100	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\5cb6e963fb6184a0f61b343e8297a264_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9848746f8,0x7ff984874708,0x7ff984874718
  2⤵
  PID:408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:1664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:3404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:3968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4636 /prefetch:1
  2⤵
  PID:804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6212 /prefetch:8
  2⤵
  PID:4584
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6212 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6208 /prefetch:1
  2⤵
  PID:60
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
  2⤵
  PID:2276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:1352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
  2⤵
  PID:5068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,7670540654044771453,8656413665961709855,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4672 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1828

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4596

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3552

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
75c9f57baeefeecd6c184627de951c1e

SHA1
52e0468e13cbfc9f15fc62cc27ce14367a996cff

SHA256
648ba270261690bb792f95d017e134d81a612ef4fc76dc41921c9e5b8f46d98f

SHA512
c4570cc4bb4894de3ecc8eee6cd8bfa5809ea401ceef683557fb170175ff4294cc21cdc6834db4e79e5e82d3bf16105894fff83290d26343423324bc486d4a15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
10fa19df148444a77ceec60cabd2ce21

SHA1
685b599c497668166ede4945d8885d204fd8d70f

SHA256
c3b5deb970d0f06a05c8111da90330ffe25da195aafa4e182211669484d1964b

SHA512
3518ce16fef66c59e0bdb772db51aeaa9042c44ca399be61ca3d9979351f93655393236711cf2b1988d5f90a5b9318a7569a8cef3374fc745a8f9aa8323691ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
2cb2d15d97df53841ab2a615f1dc8d02

SHA1
4a3f510b9207a351ae5e35c212ba70bcf5b14e9d

SHA256
83ffcc98e520e87fe9ac43b0a93487c93cf34fa59c9bd49054d9e7152a54d246

SHA512
787c5394af626ea1f93106a8c028109a037c3f3d9ab75082aace078fe8a43452096e78e37a8ed87902a081e227230751a46968c79219d3a947b178ff2377e57b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
323427e46c25e8910dec00ac8b992139

SHA1
82c21c803e00a6777727c762183129cca5c2703a

SHA256
721a9c563d671b1168b8057957b8923b05e9484dd96aa39f151a95afc0535110

SHA512
412b9a9e138a6179980fa7fd07825939a63bf36e616a8a2221229e0d52cdade8b140f1f4fc95d0d473d3a6246c3985c49a82cb0c7f439d527c28e931dbabfc1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a30f48299959957087cfe0e4f41f0b70

SHA1
4a6232d4ba6960ee86d65b1c4e2d5f6c003fb088

SHA256
281e01bdb484de439cd11069c58bb834f29c340e21956c1287a99b238770d032

SHA512
4a7ec61c17e1f651cfa1b34b48c18d21fa90e27aff3702bf854de4fe3a8c7a5713be78ffc2ad4eed188ed2f383e197983c2609f06d44e67b3dea774fb39c5d89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5f5317f7525aa3c2d8a429be74d4e68b

SHA1
23c722faf2402a0db446e358fe1d358254bfcb2f

SHA256
bc809420cbd02ad1b0e8cb8f4b2cfb0f22a3bf3b4fac725112648ab808ad2bd4

SHA512
6f6112724a7371a53afd7212da03fbf560685400c465f8ff4b772a76e8bae39bad278ccba3dcf6718a2f2f59572f83bf62ec069318bcb8c785b9b57fd907fa67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
2a2a815dd2a0a67ab62472a8616992fd

SHA1
38317526dfef853f22af76d8a25a7bc4b24bd86a

SHA256
25595de2e0cfc7f792de6dd2e56165863431cc948147242ad9f33f6c6115564d

SHA512
c6079714d6ba5dcc8371442ec03620c89ae69fe248fe99a2062fab3cb29f191fea0473d504452eb8701e6ed4629061f1f8bfc9c4beb37d37dd64625bd8dc17e9

Download Submit