1678bc38b1d96cb43a881a3467df90c1a145dfdb70e8c39ccabe7fc98c649a54

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
21-07-2024 21:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6173dd1d1c7f112b32752a897f1f90b0_JaffaCakes118.html
Size

44KB
MD5

6173dd1d1c7f112b32752a897f1f90b0
SHA1

74d3852745ca25e7a1c0abf9a37b88f087dfe663
SHA256

1678bc38b1d96cb43a881a3467df90c1a145dfdb70e8c39ccabe7fc98c649a54
SHA512

556222f6da582e24d71dc7492b29b5eac8d65ff9a79aa545d8ef2b147f683041f56c2d0d4ecf94a48d97cc57031018ebdb518729366b6419790749daf9696573
SSDEEP

768:Zcd9QZBC7mOdMY9pC5I9nC4tsnyjl6QPd:gQZBCCOdp0IxCCsnxQPd

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2848	msedge.exe
2848	msedge.exe
2672	msedge.exe
2672	msedge.exe
2092	identity_helper.exe
2092	identity_helper.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe
3176	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe
2672	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2672 wrote to memory of 3980	2672	msedge.exe	84
PID 2672 wrote to memory of 3980	2672	msedge.exe	84
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 4224	2672	msedge.exe	85
PID 2672 wrote to memory of 2848	2672	msedge.exe	86
PID 2672 wrote to memory of 2848	2672	msedge.exe	86
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87
PID 2672 wrote to memory of 2264	2672	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6173dd1d1c7f112b32752a897f1f90b0_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff268146f8,0x7fff26814708,0x7fff26814718
  2⤵
  PID:3980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:4224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8
  2⤵
  PID:2264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:4164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1
  2⤵
  PID:648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4220 /prefetch:1
  2⤵
  PID:2120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:2188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5736 /prefetch:8
  2⤵
  PID:4808
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5736 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
  2⤵
  PID:3396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:1
  2⤵
  PID:4196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4240 /prefetch:1
  2⤵
  PID:1216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,14381507677008690523,15112322697426641869,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4192 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3176

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5056

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:764

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bafce9e4c53a0cb85310891b6b21791b

SHA1
5d70027cc137a7cbb38f5801b15fd97b05e89ee2

SHA256
71fb546b5d2210a56e90b448ee10120cd92c518c8f79fb960f01b918f89f2b00

SHA512
c0e4d3eccc0135ac92051539a18f64b8b8628cfe74e5b019d4f8e1dcbb51a9b49c486a1523885fe6be53da7118c013852e753c26a5490538c1e721fd0188836c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a499254d6b5d91f97eb7a86e5f8ca573

SHA1
03dbfebfec8c94a9c06f9b0cd81ebe0a2b8be3d1

SHA256
fb87b758c2b98989df851380293ff6786cb9a5cf2b3a384cec70d9f3eb064499

SHA512
d7adcc76d0470bcd68d7644de3c8d2b6d61df8485979a4752ceea3df4d85bd1c290f72b3d8d5c8d639d5a10afa48d80e457f76b44dd8107ac97eb80fd98c7b0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
667747081dc83beae6a3cc082f1759b8

SHA1
8411f1a7270f86f426eacb1bb536f77d6f3b988f

SHA256
545f9b2a1863cc3b2a0541a20dfe3b1cee18a619646d4e55855caa6d3923ee64

SHA512
acab83e2065896b2f74166bfc35804cbb97dea26160955125804c0d76d42d60f1d047e03328e58fc3402cc122a3e4ac4cd3bb245e5048f753b9b4668461ea01b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
eea8a5456700d19bdac2ee3cb363458b

SHA1
bf83c697945078b4b0c3a4197145d363256941dc

SHA256
4e9787c54568aa5b61198adee890c366a3a03db73a1e4ee381ac630a4e59249f

SHA512
aa8c5dc4541682f561a22552cd3a7a929e1b12c8c8c8df12a51ae429c19a561625e11b7654ca1203b9f82f33cce9229ad2076f06875d47bc56d2acf95099db89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b7423ee759918e8254f487152f55cff4

SHA1
d5fdb4dc5e340255009680463f14aafdec0f9f0d

SHA256
2fbd941e82e4ed171e76ddd9154e756c1e316b1b5ccd6948529b011e9dad4732

SHA512
7c0e1cb4887c50ed8e95a18a12b93e5d054b9ede18c54bd200243a2dfd4f7e25db077a01db0e772953d1fc6da24471b1345748b68c1d1f1f841880d14f642991

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
fed766c51d51007ded328898caaefcb0

SHA1
7734d3deb0b11987fbc6ffe394aa4423c0d1fcdd

SHA256
590866c288d5790be7006deb25ebb27cb9c7347c17063ec1032eaf06101ff881

SHA512
e5176d01a6fdee9396aedebb16dabffe281ba753bf35b2e5a8b60263288d3a7c9c39ca4c55d3e7d95ecd6dc1e052bdef3438e8be9b4f8bff5d6de7a479effd27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b5cfc448b0a11cf8c1c3d4772063fa1e

SHA1
12e571746a706d30c276a65e865125c10b1b9768

SHA256
43ea7b8793ef3db433439aa057247eb63f4d9b62cca0e8aaf706bc06284ee164

SHA512
61682256aba9b3ca068d68627425f830a84dc97b4c0081fcf010f2eb13fed0b92d15f52a92c470e82437d5160a6b6e368ca265da8016332fc8cca50013bfaf05

Download Submit