177a07b2200cd99d734d1edc970d63021775ca15d322cbb24612ea1fe8a7bdc5

Analysis

max time kernel
145s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
26-07-2024 08:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7360fde5132f7f980cff3c1f31b97033_JaffaCakes118.html
Size

19KB
MD5

7360fde5132f7f980cff3c1f31b97033
SHA1

ae7adf1f35704426ce1a9c1a6eeea077f4db3b00
SHA256

177a07b2200cd99d734d1edc970d63021775ca15d322cbb24612ea1fe8a7bdc5
SHA512

4d9a3267553cf24cc712f6074a9cf56f137a78d69d897c818b44e074388f203f3773a042255150c543a271e653a9bb16fe376fb94c58424f66975851b84a1cc3
SSDEEP

384:4+QfPFd9QZBC7mOdMwstKfpC5IgSnbmFe7AcVI64hLAPd:Zcd9QZBC7mOdMwtpC5I9nC4/Pd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1784	msedge.exe
1784	msedge.exe
624	msedge.exe
624	msedge.exe
3500	identity_helper.exe
3500	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 624 wrote to memory of 1364	624	msedge.exe	86
PID 624 wrote to memory of 1364	624	msedge.exe	86
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 4792	624	msedge.exe	87
PID 624 wrote to memory of 1784	624	msedge.exe	88
PID 624 wrote to memory of 1784	624	msedge.exe	88
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89
PID 624 wrote to memory of 4044	624	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7360fde5132f7f980cff3c1f31b97033_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffac95846f8,0x7ffac9584708,0x7ffac9584718
  2⤵
  PID:1364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:4792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
  2⤵
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:3912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1
  2⤵
  PID:3156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:3112
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6016 /prefetch:8
  2⤵
  PID:1764
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6016 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4228 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:5372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:5380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,6790624906897703614,10309793302190040188,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4688 /prefetch:2
  2⤵
  PID:2600

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3512

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2084

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
75c9f57baeefeecd6c184627de951c1e

SHA1
52e0468e13cbfc9f15fc62cc27ce14367a996cff

SHA256
648ba270261690bb792f95d017e134d81a612ef4fc76dc41921c9e5b8f46d98f

SHA512
c4570cc4bb4894de3ecc8eee6cd8bfa5809ea401ceef683557fb170175ff4294cc21cdc6834db4e79e5e82d3bf16105894fff83290d26343423324bc486d4a15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
10fa19df148444a77ceec60cabd2ce21

SHA1
685b599c497668166ede4945d8885d204fd8d70f

SHA256
c3b5deb970d0f06a05c8111da90330ffe25da195aafa4e182211669484d1964b

SHA512
3518ce16fef66c59e0bdb772db51aeaa9042c44ca399be61ca3d9979351f93655393236711cf2b1988d5f90a5b9318a7569a8cef3374fc745a8f9aa8323691ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
22a4b20c73ae14c26aee64ead119aa69

SHA1
4c93810eb9c519222b1af1cdcf335eb32f9b91e6

SHA256
6c4eba5ceba2580f9852d18aee37a33892e2647109354b84fb5b94ad65210974

SHA512
0b15dadf9ac489274588c8048af2376e52044279748584151aa870f34a09ed00872fbf3aeb5315d85c8867124c1bc5afd5c0816721ac207717f0a5f34310c845

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
fd41e2bbb944876bac9b481b34e84c8f

SHA1
0f1cb3f1d699aafbca48e6d6bb33e57322e28aff

SHA256
b82dba33149b9c59e990ba85af897885a79051a0576490ff631d5c93c47c89af

SHA512
ee9b7d17a08c29229c131e966caff30c84d916d6702b2c9e9ae3bb80eaf5c92a87acdd1e3b8fd3f85b05e894e7260ab1047478c5aea4c732d14fc3db9894fa8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
2f0573deea31e82c4d73520c30604e5d

SHA1
b64b177e9d0b180fa12369a550b53520928a88e4

SHA256
be826c996c433d0e6cbfcbdc57927fd17eeb05aa7e916a91219057e4b2bde3ef

SHA512
ebcec4e14bd48ec77e998840809bdd15cb8846b1b8e63d1bde149126c721f5cfcd9b2c2c674dea9854c41f5927f7f8e9beca73c3037f7163f072b1f85aaa6b76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a2451a3c5fa75a3c5163be8e4831abe0

SHA1
467a75ad85998937543536a3506398b4540d5700

SHA256
2fc7a798431501b18539cdaa9f09ea9f610e3d8d85396f50651a94ebe4039632

SHA512
3071a209a930400c69bc44d1b3a2c05d7730ee050dca15ed7d033ac62fc17e33b2800fb8be57ad7679eedc428768742cb90990ec483faae887c9ebf8be5d3cac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
98037bf00fae532c5fcd21a6706cb94f

SHA1
8e1228ccc4d0f5eb3e832e9241d8f864c7acfbc0

SHA256
b1da930b8bb8d61b5cb7b0f23547eaac6d8497cd3964abb62c425bfaf3e6b31f

SHA512
c8a2b2669049f8d3b2384e06c04b6accf17765e58bb84fc4b5d6b34f20bece97dbc61b9eae88128ec08dd6b241d5dfe46a7fda80db664438ddd44e5bc2ae95c3

Download Submit