15b9fd8d1048a6b6f2f45fec30dd69c2aceb355e15d031323fd58a721ca25da9

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
26-07-2024 08:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7342167beeeb9be0de6661143bd7e126_JaffaCakes118.html
Size

16KB
MD5

7342167beeeb9be0de6661143bd7e126
SHA1

0be07f35420e8c9f78ec956f646a3804088311b4
SHA256

15b9fd8d1048a6b6f2f45fec30dd69c2aceb355e15d031323fd58a721ca25da9
SHA512

0fe8fd46fde688d7760339048e3c7c9ff81fe3c5d25bd91d7f417c624df9c58ec32d48571d70b4dd39d2e7ee6e8af295a4c17ff3079c7369b8fe69df6807cea1
SSDEEP

384:hKfcB+CN7EVCHJffF1bkR9gkdyt1XPIuXX2V:gcB/OMF1bact1rc

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1504	msedge.exe
1504	msedge.exe
4696	msedge.exe
4696	msedge.exe
3008	identity_helper.exe
3008	identity_helper.exe
1016	msedge.exe
1016	msedge.exe
1016	msedge.exe
1016	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe
4696	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4696 wrote to memory of 1052	4696	msedge.exe	84
PID 4696 wrote to memory of 1052	4696	msedge.exe	84
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 3852	4696	msedge.exe	85
PID 4696 wrote to memory of 1504	4696	msedge.exe	86
PID 4696 wrote to memory of 1504	4696	msedge.exe	86
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87
PID 4696 wrote to memory of 2136	4696	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7342167beeeb9be0de6661143bd7e126_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa2de146f8,0x7ffa2de14708,0x7ffa2de14718
  2⤵
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
  2⤵
  PID:3852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8
  2⤵
  PID:2136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:1836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4624 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4048 /prefetch:1
  2⤵
  PID:1852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5944 /prefetch:8
  2⤵
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5944 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1
  2⤵
  PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4112 /prefetch:1
  2⤵
  PID:5280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:5288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,12354334005771724891,16385065419513452576,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6320 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1016

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4820

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3536

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2f842025e22e522658c640cfc7edc529

SHA1
4c2b24b02709acdd159f1b9bbeb396e52af27033

SHA256
1191573f2a7c12f0b9b8460e06dc36ca5386305eb8c883ebbbc8eb15f4d8e23e

SHA512
6e4393fd43984722229020ef662fc5981f253de31f13f30fadd6660bbc9ededcbfd163f132f6adaf42d435873322a5d0d3eea60060cf0e7f2e256262632c5d05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
54aadd2d8ec66e446f1edb466b99ba8d

SHA1
a94f02b035dc918d8d9a46e6886413f15be5bff0

SHA256
1971045943002ef01930add9ba1a96a92ddc10d6c581ce29e33c38c2120b130e

SHA512
7e077f903463da60b5587aed4f5352060df400ebda713b602b88c15cb2f91076531ea07546a9352df772656065e0bf27bd285905a60f036a5c5951076d35e994

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
829c8ec05cab7a900b95e257b29cb73d

SHA1
46470e479612c43ee264fbc3a67de440aa359130

SHA256
b8a6f44c387df53fb08e01b22ac77e8463edbde791806039a19172fbe1b8fc0c

SHA512
bb50ef6450d68093dba923651cfa6705486fdc2a7bdc719eed40987ce534306208597a2d5a0c8fb6389f1886a368d895fb3240068556d7d00b4423289badca62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
39d3be90ce50722f5187508fb290bab5

SHA1
60287cbd148068e72c9948dc89b6c83ce94ea6d3

SHA256
f1f031b76282187bab28c24eca8c0e285892cbfaa0f04140a3546d2daca076ee

SHA512
22e5dfe4a3c52ac5d310423b31dea560726dc7794b2941d0767966d8ea9b4ee5c123c0da29003254dd79dd33d9c1652d5bdb6b4911c0ad499b532ea2854b596f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
15336fadc539c0a4510244ddc1ba6fa3

SHA1
6270949ced8db6c33213da1b280cc0902f8b3265

SHA256
ea89ad8982f171eda7c56055af0f552fe04e39d9b1bb438886430a23cde51066

SHA512
a43d098447416053d4032602d385fa5b2d6e1b51823dc702ce488d0e9fb0a251deacb3b117f2ba8c59452a19e57aafbf00419d1af3564d64ab2048906d05d0a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
aa5ef274bc0490dfffea9410b8a0c56a

SHA1
ab3c690eced20acdaaca5e8ed1abb96d98a5eadb

SHA256
499462bd7e3fbedd70ea2412bfff58f6f2dd9ae802844428bdad58df5c7c3db6

SHA512
c140d79c94a5840ee96936e8c715a0ad640ae1e0e8141f34d8b27f64c8d5ccfb0e49f80e2cb40eafb8a72282d3331e72e0ab4a0af63cba06bad0e6d371192310

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
76bb0a6fb1b71d2dab8a8c39ec558635

SHA1
57e4056a243af07692749ae1d5f57d5a982a73d3

SHA256
825c500f474e6ddce3c215faf47bf649cfb940a29a8ea34ee8dd8052e6c1f582

SHA512
5cb37e1ba2225bcf61f044e236b232f214bd45d7f92a7930e40eeb709e604c9bcc4c26c7bc3ec0fc601ac7f05feb5189ce984cec333c5a8cb80d4709a93c7ae1

Download Submit