792f074de25c1171eb1e9232fc10eef65101b6b33da0150dc901ae39f2032343

Analysis

max time kernel
145s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
20/07/2024, 00:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5e48b1b12cbd7c6f6fd9da4981453d0a_JaffaCakes118.html
Size

19KB
MD5

5e48b1b12cbd7c6f6fd9da4981453d0a
SHA1

df83e3700508a33a8f336dfb14de860675d0041e
SHA256

792f074de25c1171eb1e9232fc10eef65101b6b33da0150dc901ae39f2032343
SHA512

623dbadbfcb3b7a8afe4b8140ec021c685b4294e5d1a73fca7272db82f09acbad1be1d411a5cfb0408fb6ab9df769ef83dfba3436ca913e3efa8acb4ed452806
SSDEEP

384:pGc4l6CGk4/4CdZB3+WV8Tkm2d9yKPkhInM:Uc4SnguZF+WVXmiRk6nM

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1920	msedge.exe
1920	msedge.exe
4808	msedge.exe
4808	msedge.exe
1212	identity_helper.exe
1212	identity_helper.exe
732	msedge.exe
732	msedge.exe
732	msedge.exe
732	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe
4808	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4808 wrote to memory of 3892	4808	msedge.exe	84
PID 4808 wrote to memory of 3892	4808	msedge.exe	84
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 2644	4808	msedge.exe	85
PID 4808 wrote to memory of 1920	4808	msedge.exe	86
PID 4808 wrote to memory of 1920	4808	msedge.exe	86
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87
PID 4808 wrote to memory of 1200	4808	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\5e48b1b12cbd7c6f6fd9da4981453d0a_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc82e546f8,0x7ffc82e54708,0x7ffc82e54718
  2⤵
  PID:3892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:2644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2548 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
  2⤵
  PID:1200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:1232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6212 /prefetch:8
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6212 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6208 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
  2⤵
  PID:836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
  2⤵
  PID:2464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:4468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,1138158062793792467,14142146386211428066,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4676 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:732

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4672

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:552

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
328B

MD5
d8b8616556e19e02764ef2c759ea06ae

SHA1
650db26a1ffb4f523ba3d48f060e53bdbfca86d8

SHA256
0c7db7a771d249da8138720eb958b2158f0a0d660901f14ceceacbab2a605394

SHA512
9d5e4bc71fad731c828ee943dc2cfb1f480160e37ca6f93e9414a10ccdd03ebae0727c17630a20d95eebc5e6329cc20418646442a4c2e64fc69e785015d0ff67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
10fa19df148444a77ceec60cabd2ce21

SHA1
685b599c497668166ede4945d8885d204fd8d70f

SHA256
c3b5deb970d0f06a05c8111da90330ffe25da195aafa4e182211669484d1964b

SHA512
3518ce16fef66c59e0bdb772db51aeaa9042c44ca399be61ca3d9979351f93655393236711cf2b1988d5f90a5b9318a7569a8cef3374fc745a8f9aa8323691ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8174c673-3513-4e6d-9af8-d26aa8f0beee.tmp

Filesize
5KB

MD5
927075ca2f0fb70a74304852cbc1a0af

SHA1
b3ed2807092620ba6d3d9f20b167d74d8aa7862c

SHA256
57811304bda9cbf7da706d486c4e83e833798ca6979186013a40775d972fd9fc

SHA512
37ec91be9cfe5a03fc744ef7d536fb409a4c91cb717a053fe6abe22f3334737890a1f83463bc2ebc901e4fdd9f1c407df036e7cae24969d9ffae4755f2cf445f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
928B

MD5
d08e05f59feb5390336c790a5263dc74

SHA1
89e3a82f80c4bdd16f5f4225da88d0492a8d01bc

SHA256
fab1976db02f022dc228790a67fb2f71f6e5e9db63bfb006e6329f35e4fcef4b

SHA512
404df26ca5b1f45f50b04e95b2cb722cc04065f755a8ec9546c8a8951b9ec866994b82d9511d813828f67a7c31904070753ffe4af908aa99784ea085b1f7623b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c541814ef30aba76c1f7d819231c0843

SHA1
a8c1f45e92a9dcf0c9c845c6080ed7a599a9eaf1

SHA256
765a4004d060566b9dcae7bfaca7feade640c7915830d195235994eae0e86a84

SHA512
80c3871bf40fe910b93c554964c4d2349a292beee9da1ffd9b26db53c857f0456343b4c476ed1e0d9e37bac87ad080733e4783c6eae10f7b4b9cac929f9e63fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
012e2ec7b6ec9114c71000eb6aa3a744

SHA1
2c324c9643d794b2037ccb853452afe667e71b07

SHA256
a032ae5d66f4bed8e8b3f5a434edf2362a294e8b134236dd27163dea909eb614

SHA512
6d8ddc5e89daef18b565ee7a75cc2ccc3b5578ff53c76be1d07f1acf3f14a61ef51598a664e2af9cabb8c66386469cffce26bdb6910897e8719bd8e5dce120ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
322704abc23f7b4c017893c0e6a41a06

SHA1
e515dec826d65e6f5c24bd9194820fd583d55ae6

SHA256
80288d526732f56a3f1107dfdbbeb3288a5cd1d8a1232525b3c564047e5d014c

SHA512
21decccbf8b89e6b6eb1c5d21a8b0e190ea1b3f0fed427dc07ecf5515c566b11539ddd284ac52681fbafdb713172a6bfe9aaee41e6b4bb9b44caa29084967cc5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580a6b.TMP

Filesize
1KB

MD5
55a14636d912c93532addef878f3d3e1

SHA1
38223037295e576dca7faed2168047319ed0ccc2

SHA256
8c4adff32a55bc096b0120df23a50cbd1ba4c7a241883cb640875a9699b9c402

SHA512
23c60e015b3aa871372ed5e552348f30a1cb2a3c2e4666cc291dc578a10207131c2456f5f466ecbb79caa8b160c5a4d36b8e384ac8e5515af47b164fbd93f001

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7b979793dfac33e110d38877533f6661

SHA1
79807931e778093e0bcfdb4d9227cb308e1c36c0

SHA256
cdf07eb2c19270e08b23222436bc57508aa2537ca35ba61c4b5ca9de82711b99

SHA512
db73e4ba687452464c5805baa8a3c03cff23e58c74c2be5cce669fce0865b4ebba3507ac5cfa44bd3b935dd6b6d5d4079104639cb8f2351c0a647d81c8546554

Download Submit