47805bbbb4b7d5f8c68313deff618b6b85bb55122b6b57bc96d3be8d38448077

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
24/07/2024, 01:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

69d5e7d84974154a92785e74abf1d1f2_JaffaCakes118.html
Size

69KB
MD5

69d5e7d84974154a92785e74abf1d1f2
SHA1

3971c4fa1ff1f437248a84ddd69ff846fa620b76
SHA256

47805bbbb4b7d5f8c68313deff618b6b85bb55122b6b57bc96d3be8d38448077
SHA512

d50d6ca29a1227b4f718bda83d6d0bbe5652769be15f8f6d2107179d24f008ce6445ad9a9231803d737a8c3b8f553d8aa544daefaea5c05ad26283599f8d386c
SSDEEP

1536:gQZBCCOdd0IxCS8S1qhT5xdxhb14/Id8/vb9Xf+FwhXcZe2EqH2ukDyY+8P19sN4:gk2b0IxP1qhT5xdxhB4/Id8/vb9Xf+F0

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4396	msedge.exe
4396	msedge.exe
532	msedge.exe
532	msedge.exe
2120	identity_helper.exe
2120	identity_helper.exe
3356	msedge.exe
3356	msedge.exe
3356	msedge.exe
3356	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe
532	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 532 wrote to memory of 4700	532	msedge.exe	86
PID 532 wrote to memory of 4700	532	msedge.exe	86
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 3172	532	msedge.exe	87
PID 532 wrote to memory of 4396	532	msedge.exe	88
PID 532 wrote to memory of 4396	532	msedge.exe	88
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89
PID 532 wrote to memory of 4760	532	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\69d5e7d84974154a92785e74abf1d1f2_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff404346f8,0x7fff40434708,0x7fff40434718
  2⤵
  PID:4700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
  2⤵
  PID:3172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
  2⤵
  PID:4760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
  2⤵
  PID:3084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4320 /prefetch:1
  2⤵
  PID:348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:3240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6232 /prefetch:8
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6232 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
  2⤵
  PID:4408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
  2⤵
  PID:5236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,14918028114950449606,17125370114578533573,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5736 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3356

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3808

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4668

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1f9d180c0bcf71b48e7bc8302f85c28f

SHA1
ade94a8e51c446383dc0a45edf5aad5fa20edf3c

SHA256
a17d56c41d524453a78e3f06e0d0b0081e79d090a4b75d0b693ddbc39f6f7fdc

SHA512
282863df0e51288049587886ed37ad1cf5b6bfeed86454ea3b9f2bb7f0a1c591f3540c62712ebfcd6f1095e1977446dd5b13b904bb52b6d5c910a1efc208c785

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
60ead4145eb78b972baf6c6270ae6d72

SHA1
e71f4507bea5b518d9ee9fb2d523c5a11adea842

SHA256
b9e99e7387a915275e8fe4ac0b0c0cd330b4632814d5c9c446beb2755f1309a7

SHA512
8cdbafd2783048f5f54f22e13f6ef890936d5b986b0bb3fa86d2420a5bfecf7bedc56f46e6d5f126eae79f492315843c134c441084b912296e269f384a73ccde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
4acd7ed6b94a612b9aabd76c5a85b48c

SHA1
f22e995c392c2c1dc3b974c5b4132cfb785b4f87

SHA256
d3f2593a5d84b3e42c18ece14dcb50f938cea788ea7c1cfc88bf634d3a7ded8d

SHA512
dfffb406443ccd23955a9b8f7fbd569975b26fa0e773760d9787ef1c219e240d8cdf60795bdfe6a353413f45a5047221cd2611c2744f7e828c8cfc4f9a664e0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
bae4da8c360ad3c0b6127dab406ae560

SHA1
fa9a0ad30d7aeedb7d85cbdf65b4b7e320331bc2

SHA256
40d685ebe51d0ca4ef49732e7305f3629341d9cb1abf3388ba0efdf8e0aa1fa5

SHA512
16077c56f11a8a223684d810d7d9c4a137079adf134928862c422637dc8f4a1cfc94a251e71fa1ab89f5b2218dc88c689e4ced1bd19a946e14e65d455f326b4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
fa7a55a33d0a760212de81eb1d3aa2ad

SHA1
03d6f5f814141fd60909e46ac354d1a3c4be1bf0

SHA256
bf015d18b9f1195735af1658a2f1e10b70ea3fbe19c836441387f1086c878384

SHA512
214d09179acf3ec32dc8cc464f6c77af5f4dbde46790b322ee655a9f34b72880f4576effa9111187b2148c59de313248c6b15ef66e201f3cb2928799d5c6b4ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3445ea7de704600ad489577435a3ab0e

SHA1
1877bbeb36c251ea74c39e9d154e459c401beec3

SHA256
8e13b915b6f3331a271b8f2d155cf097c4339ce2fbe432c9454f0bebbd87a8b6

SHA512
1d57aa152e3480671fcf5e9173e71df5271c9a488012fb96d895b63e8e6df02b64b1a9917399ff38e67faaf78ce83db5c781bc97371912e829cc940619934d96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
50c4060718f1fb379b14508e6be8e628

SHA1
607c2fc25468101744a26d668f86335b9dfbbac8

SHA256
d1fe519a547afe1681d6d6ff49d43220a013973deb0f565aee1f65deebd58cc1

SHA512
c4a5f309af2130ec541a082d27b3d220010a46e9d4e7589f5d06913ca754facd4952cc467c0f66dd14539811baa029dea528d5c65e70514bd1bfbb8a1c4b494b

Download Submit