d4e58015add1f7162d4dd140b3c960a5fbced2e05dc758d8a8a69247ae5478e7

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
20-07-2024 05:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5f1dc85a15daae6677dfa2f66f30c449_JaffaCakes118.html
Size

57KB
MD5

5f1dc85a15daae6677dfa2f66f30c449
SHA1

1ae0f0217e19e6a47cad2b8f15ae7d907f3ec1b4
SHA256

d4e58015add1f7162d4dd140b3c960a5fbced2e05dc758d8a8a69247ae5478e7
SHA512

5dc7c6923fffe1c8ceb7974098f632087ed703e8d0901c6808daa17242c5d616c31d7710c4e389a7e7b08a81bee76aa97cf4961f506237916940e95cc2d2fb1e
SSDEEP

1536:gQZBCCOdl0IxCkVmDfsfYfNfxfOfZfsfCfAfefXfdMfIfDfkfIfXfQfvfsfkf+fZ:gk2T0IxakwFpmBEq4W/VMQrsgvoX0cWR

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4756	msedge.exe
4756	msedge.exe
1388	msedge.exe
1388	msedge.exe
1136	identity_helper.exe
1136	identity_helper.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1388 wrote to memory of 1192	1388	msedge.exe	84
PID 1388 wrote to memory of 1192	1388	msedge.exe	84
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 756	1388	msedge.exe	85
PID 1388 wrote to memory of 4756	1388	msedge.exe	86
PID 1388 wrote to memory of 4756	1388	msedge.exe	86
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87
PID 1388 wrote to memory of 1728	1388	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\5f1dc85a15daae6677dfa2f66f30c449_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9eb0b46f8,0x7ff9eb0b4708,0x7ff9eb0b4718
  2⤵
  PID:1192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
  2⤵
  PID:1728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:2884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4588 /prefetch:1
  2⤵
  PID:960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
  2⤵
  PID:1328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:3156
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5692 /prefetch:8
  2⤵
  PID:2648
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5692 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
  2⤵
  PID:2032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,4043165993228501953,11155342979743000303,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3068 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3052

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2452

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bafce9e4c53a0cb85310891b6b21791b

SHA1
5d70027cc137a7cbb38f5801b15fd97b05e89ee2

SHA256
71fb546b5d2210a56e90b448ee10120cd92c518c8f79fb960f01b918f89f2b00

SHA512
c0e4d3eccc0135ac92051539a18f64b8b8628cfe74e5b019d4f8e1dcbb51a9b49c486a1523885fe6be53da7118c013852e753c26a5490538c1e721fd0188836c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a499254d6b5d91f97eb7a86e5f8ca573

SHA1
03dbfebfec8c94a9c06f9b0cd81ebe0a2b8be3d1

SHA256
fb87b758c2b98989df851380293ff6786cb9a5cf2b3a384cec70d9f3eb064499

SHA512
d7adcc76d0470bcd68d7644de3c8d2b6d61df8485979a4752ceea3df4d85bd1c290f72b3d8d5c8d639d5a10afa48d80e457f76b44dd8107ac97eb80fd98c7b0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
099098730c3f17207db6ec2e1e3a20a0

SHA1
881cb077080a08189249113294a35730d39ded02

SHA256
87bf26fd67f247608901ffd0de35624a2f226b5a1ff6784c4b68f3addcf6260d

SHA512
c94c0c21b8f1d54f0df4403a9067e3060036563932e3a5e4301550d05553f64912706d57274d352b2c9ed6b3c17995cbceec33fba3ca045cb4e24904570c23d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
37428edd1225dd1157576f639566e8df

SHA1
db4793afd4c54ac32af5bca2ca3bb1ea84ccb276

SHA256
0c029eda7ecc9e45e3619e912a1ea63347b175338f56b965f33a4627bb0bfc2b

SHA512
1c33ce4daa27823e2c2de6f3f8b47ef5aeed19d7fd65f5343bad3dbfd9428c8ec296a114511c07d5b02d44b724c1f183f4bf079ecd0efe9d687ea92908b088b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
8f20a3a2441553eedcdbbb53c4dc00f9

SHA1
a1a40a9e1db1e8c8e5e5feb2861db76f64d5fd67

SHA256
467120e48a4380f214132c5606005f7e5df0775005d16593767bb7592f1584da

SHA512
3a06be7968e65b4d91e42b6a668653b85acbc9ce0d4dc647a85f5a03af102c9d7c75a9123a0e324d4ee8259b7aac2b874ea755c215f35410332b518b11919479

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
094878e26b3f6c12900d47908fe71048

SHA1
90552c277dee3e2b1c502ecb2ec94577a46ce963

SHA256
7a51f4613959c9cfd5c726106e34713f008e4551793d15e1721b084a86899274

SHA512
1d6bf3d11cfe2563b0b64308019daa8e2a6c3da5a4e4b2eaadab71b1c22065252dd465832e4a6af971d3c68370be1ccedb2d8d0f5777166e2473b6aa19b466ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
12c936d88dddb6ec7393e6cc72212659

SHA1
58d0078b3f884748e267a8a037e9c052a4bb9f71

SHA256
dd8cf6f07465671ebb411379e6f1695434857361d18228d9f51d1231393720c0

SHA512
757ce469a2d5ec8442d6fc6e35dd11736dfaa798648899b1a726c935718870abb4e25612e717321c96f0ad81f0fda3cf08daf8ccf0d6390db85dae202585f3ca

Download Submit