59bd2795c7efb5502d8fc2b18f220a37c5a37f9f54b43c0e18e36cf60a1417fa

Analysis

max time kernel
145s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
26/07/2024, 14:55

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

748483a2d1a5608adfeb8b619c60e8c1_JaffaCakes118.html
Size

90KB
MD5

748483a2d1a5608adfeb8b619c60e8c1
SHA1

e9bfcf2f8c857fc7736a18a06770ada0a66eb7f6
SHA256

59bd2795c7efb5502d8fc2b18f220a37c5a37f9f54b43c0e18e36cf60a1417fa
SHA512

818e4ed3bb804e59a81e9fbad8a250954827bd7b667c44b8eb345adca3d8b31d0825d18add69d18184f5c3254e10c69f27066bd110c475db3683609cdf2a43a7
SSDEEP

1536:gQZBCCOdc0IxCAbMwinoK9DiS5+xyGICVoJYJefmaZnKUt89rufLWGhNs2pyNovc:gk2q0IxLPd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4380	msedge.exe
4380	msedge.exe
2876	msedge.exe
2876	msedge.exe
660	identity_helper.exe
660	identity_helper.exe
5208	msedge.exe
5208	msedge.exe
5208	msedge.exe
5208	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe
2876	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2876 wrote to memory of 3484	2876	msedge.exe	85
PID 2876 wrote to memory of 3484	2876	msedge.exe	85
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4072	2876	msedge.exe	86
PID 2876 wrote to memory of 4380	2876	msedge.exe	87
PID 2876 wrote to memory of 4380	2876	msedge.exe	87
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88
PID 2876 wrote to memory of 4412	2876	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\748483a2d1a5608adfeb8b619c60e8c1_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f3a846f8,0x7ff9f3a84708,0x7ff9f3a84718
  2⤵
  PID:3484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:4072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:3676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4620 /prefetch:1
  2⤵
  PID:3168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:3968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
  2⤵
  PID:1772
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 /prefetch:8
  2⤵
  PID:4528
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:3732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:5376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
  2⤵
  PID:5384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,7582623814006985190,11050617381490087946,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2396 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5208

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2460

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1972

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
584971c8ba88c824fd51a05dddb45a98

SHA1
b7c9489b4427652a9cdd754d1c1b6ac4034be421

SHA256
e2d8de6c2323bbb3863ec50843d9b58a22e911fd626d31430658b9ea942cd307

SHA512
5dbf1a4631a04d1149d8fab2b8e0e43ccd97b7212de43b961b9128a8bf03329164fdeb480154a8ffea5835f28417a7d2b115b8bf8d578d00b13c3682aa5ca726

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b28ef7d9f6d74f055cc49876767c886c

SHA1
d6b3267f36c340979f8fc3e012fdd02c468740bf

SHA256
fa6804456884789f4bdf9c3f5a4a8f29e0ededde149c4384072f3d8cc85bcc37

SHA512
491f893c8f765e5d629bce8dd5067cef4e2ebc558d43bfb05e358bca43e1a66ee1285519bc266fd0ff5b5e09769a56077b62ac55fa8797c1edf6205843356e75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
8a050bc3498a1c55a138444db10915b5

SHA1
3d98537b03133fc4f683e4be2289a5e69b757032

SHA256
2cd48f04da67eba58366f0179bf1f0916708c96c9993874bac10aee8ebaf28ce

SHA512
64adfd2b9d6927d2e95ed792fb507a553e31432ae403573dccc85df0e087413c55c6e1b35808de3cd0e5a3639ec1940886c878b33e2908729b17c83b3113c590

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
74557e95e80d102ebb73b016d72cd1ec

SHA1
61f7532637b3124245259cb9a420180caba0a32f

SHA256
a601c639b2a036cac5426dff0fdffef9b511fa72be2997b27b88dc9019ed9aa8

SHA512
9f2bdddc724ef7a33ff7ebf044fef858562300acdbb1e4df921f2666d1711287e28734368708dc54caeb4fe50380d07ae026ea49f608864f8d0dde8867521676

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6d1aba0bf2c52f7d8efaca72371d4008

SHA1
11e882829d389d9f6451858e1ef8025fdb12d3b0

SHA256
9527ec22b685879f494a429523bc4fe0ff7b178e18134ea2cb7fce099b36f181

SHA512
d9dcc24957d80582c3334c750f10699739549f1c957838318904601766c8972cd06eaca296baf80f84d3d1e9df9c3e0a29152f8f05f209c870aa33da99d8283b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7e9c756b910e550a352b19a8d3ec4b4c

SHA1
afb23ec8e5607bb8458fe2e658ddbffc3794a7a9

SHA256
c22f18ea361f3b62131958deba30c2127e7580f2f2fcef407191bc26eb67de84

SHA512
01e9da4526b5e9f982069a483426c2e41254c90a2f2ca7eee41108008e134986c44ce8c9399bb159c53ae54a532032760cd949beeb1b58d46d071acdc3bc76e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
14beeb58a8167be8462e250fe33e50b8

SHA1
5a0685f11500876fa34e894cdcd018729e05adf2

SHA256
5d70a15b3289c35fc017abda7c734f2a59ba05ff47c1f0e5bb8e5e39570db918

SHA512
8476be2b6bb8110b0370f56ca21e9c94c570de53bd82a347208338c99584d9bad737214d00413912d0b3bc91eb4bb79e90e6d6b1bfdd11923ab4452ea1d46b45

Download Submit