19d38508356424f6684706eb8e7c81fe30ca4523bde0ccc6ada86c97646be303

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
23/07/2024, 19:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68b41fd99b6a78308fe9d827c68fb9f5_JaffaCakes118.html
Size

26KB
MD5

68b41fd99b6a78308fe9d827c68fb9f5
SHA1

654e69820d2f1cab83eabc00e8595d26a267550d
SHA256

19d38508356424f6684706eb8e7c81fe30ca4523bde0ccc6ada86c97646be303
SHA512

cc58b99cdf51965dd2d3a9817d608721a46cb9294cc2c1748e501d2f285d9d9a0cc2379bd9e18221a2687c29a48d0ea6e7e67b167e2cfa1d49f1b36264c34bdc
SSDEEP

384:4+QfPFd9QZBC7mOdMMoBKfpC5IgSnbmFe7Ac7a6+YkJvAgo0ioAjPd:Zcd9QZBC7mOdMMtpC5I9nC44IP0io8Pd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
948	msedge.exe
948	msedge.exe
4512	msedge.exe
4512	msedge.exe
2484	identity_helper.exe
2484	identity_helper.exe
1352	msedge.exe
1352	msedge.exe
1352	msedge.exe
1352	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4512 wrote to memory of 4884	4512	msedge.exe	84
PID 4512 wrote to memory of 4884	4512	msedge.exe	84
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 1780	4512	msedge.exe	85
PID 4512 wrote to memory of 948	4512	msedge.exe	86
PID 4512 wrote to memory of 948	4512	msedge.exe	86
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87
PID 4512 wrote to memory of 4992	4512	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\68b41fd99b6a78308fe9d827c68fb9f5_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff97c5c46f8,0x7ff97c5c4708,0x7ff97c5c4718
  2⤵
  PID:4884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2272 /prefetch:2
  2⤵
  PID:1780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
  2⤵
  PID:2860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6416 /prefetch:8
  2⤵
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6416 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
  2⤵
  PID:560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3720 /prefetch:1
  2⤵
  PID:5364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
  2⤵
  PID:5372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2240,6607884186775233652,13336349614891759027,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4996 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1352

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3260

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4064

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6c86c838cf1dc704d2be375f04e1e6c6

SHA1
ad2911a13a3addc86cc46d4329b2b1621cbe7e35

SHA256
dff0886331bb45ec7711af92ab10be76291fde729dff23ca3270c86fb6e606bb

SHA512
a120248263919c687f09615fed56c7cac825c8c93c104488632cebc1abfa338c39ebdc191e5f0c45ff30f054f08d4c02d12b013de6322490197606ce0c0b4f37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27f3335bf37563e4537db3624ee378da

SHA1
57543abc3d97c2a2b251b446820894f4b0111aeb

SHA256
494425284ba12ee2fb07890e268be7890b258e1b1e5ecfa4a4dbc3411ab93b1a

SHA512
2bef861f9d2d916272f6014110fdee84afced515710c9d69b3c310f6bf41728d1b2d41fee3c86441ff96c08c7d474f9326e992b9164b9a3f13627f7d24d0c485

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
9e2214c791db1b7acf8a370a6a0f9a7c

SHA1
2742dc731dba4102a5bb86d1160b88b6cc1a62ed

SHA256
f433a429a2385286f23f6185f2ca6d99ce6c8235c8de7fc108313c029af51060

SHA512
2997b2aab92bbb09ff2ee10a20f4d3e68c5e83b7dcbb2f08fa055b22f8242dc648e39a402eb8202d94590ae889ab49c484cc6724573669c00b28d6533cdda6ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
50cb4ed85c9977adbf51cb27c198901a

SHA1
3ffed99da8f8a96d4c765618834108f65d865004

SHA256
68baaae8d65cd21c3ef3f4b5eff6485b4de5889547e0693de21ca4815fc043e0

SHA512
4a0d7132d1185756bdf29aa10b7799a2bb2c75b9ce9ff4bdbee7144caed427ec01d1dd7f7a5cbe27f9fd12a115c8d0231d0d742c47852296e8375b5ec00f7b89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
39487ff06d5b03731099cbb81f04a382

SHA1
75bb94c0f03b4866644dde1706fe8d117f954c5b

SHA256
706f3ad2b64d524ab031b7a9396e2b3ab1aee5412bb253df727e30e2a2ecf755

SHA512
9b745591e5c660422caae16313652bb19da23aa807be0e684154d059d28543e12536873536ce0c6d3b0a62334a5ec138df86aa70776875353b4089b599b8c698

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
205cb54fdaf806bb262f428c9654465e

SHA1
871a9fb094e5706608ad277454662a792c4b258c

SHA256
1501d391258cdaa5d36852ed121fc548bb555aad4cb5f8f7e8edb8e479aef046

SHA512
022083ede4db2b3508356d70a4cd02c1715a85b2296a1963770c2d00eed5db619a1ca85e0eda450339adecb3881359b4bb45e681e78cc4a497588d1538c1a8ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
12b93f194eee9f2a4d4603db0cc28e70

SHA1
e5b5c01b99d464a9de341ed05cc7c2ce9c53a3ea

SHA256
48f4489734f9be817e3dc615dbcc0117f876ea608697da536c63c4db9ae8e92b

SHA512
fa0c3cf119dbaf71f92958328d49db0577d2a943abe9d676bab8b1e7b33bec977a5e6df6fa46af7234f5658c0c35a07e165efd491225b33ee651dc4bf4eaadb9

Download Submit