8c122e04024580028a475d93c1f9ef58978921fecce1bd6c991e4a9db9882d67

Analysis

max time kernel
148s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
27/07/2024, 22:44

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

019f51961098f10e10723b6cd84cec28_JaffaCakes118.html
Size

72KB
MD5

019f51961098f10e10723b6cd84cec28
SHA1

9d69775e1229823aa80d555da2e3658c9ab6d5ba
SHA256

8c122e04024580028a475d93c1f9ef58978921fecce1bd6c991e4a9db9882d67
SHA512

6df14eb9e61da713a883ee9dcd642cf530b5b3f6eba7e0a3cb58ecf404490ff1b6557fea452ea20cb7ada6648b4e21e8f7e2194654993cb342f77493c0662171
SSDEEP

1536:DN8jOvYV+KeleFeskCbH54/qNtWjuzGaFz+aFleLAA4sE3ln:TAVtkCbHSVWFaaFle0A4sE3ln

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4108	msedge.exe
4108	msedge.exe
2652	msedge.exe
2652	msedge.exe
5040	identity_helper.exe
5040	identity_helper.exe
4424	msedge.exe
4424	msedge.exe
4424	msedge.exe
4424	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe
2652	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2652 wrote to memory of 3292	2652	msedge.exe	84
PID 2652 wrote to memory of 3292	2652	msedge.exe	84
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 852	2652	msedge.exe	85
PID 2652 wrote to memory of 4108	2652	msedge.exe	86
PID 2652 wrote to memory of 4108	2652	msedge.exe	86
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87
PID 2652 wrote to memory of 2956	2652	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\019f51961098f10e10723b6cd84cec28_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa84a946f8,0x7ffa84a94708,0x7ffa84a94718
  2⤵
  PID:3292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  PID:852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
  2⤵
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:4296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:3748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
  2⤵
  PID:412
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5848 /prefetch:8
  2⤵
  PID:812
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5848 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
  2⤵
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:4360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:4724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,18049704663929877793,6225884585764128905,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5512 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4424

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3280

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3580

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
328B

MD5
82a2235eb3875ca7ffb80d8faccd1476

SHA1
2d605ed6accb7541e7814a808d73e758b20401a5

SHA256
2098db46eb687a2e7aafd6385596291fee47276053593ac7d87d276261714950

SHA512
14741ad5705c13b2adb84fa2a2877755a21c3ca7e4f338c6ffecc56b5b79de7043b2fb0f4c3c2c378b7d35b7c53f5e68fe57f514001eceab30e0edf388032154

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c00b0d6e0f836dfa596c6df9d3b2f8f2

SHA1
69ad27d9b4502630728f98917f67307e9dd12a30

SHA256
578481cd359c669455e24983b13723c25584f58925b47283cb580019ef3142b1

SHA512
0e098ab5f5772fec17880e228a0dccbbaa06dc1af14e0fd827f361599c61899fe07d612a7f7b049ff6661d27fdc495566dd20fc28ceed022b87c212bf00be5da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
54f1b76300ce15e44e5cc1a3947f5ca9

SHA1
c978bfaa6ec6dae05464c6426eaa6cb3c3e2f3b7

SHA256
43dec5d87b7ee892a3d99cb61f772ba403882ac0772423f36034e84244c1ca24

SHA512
ac26e5676c675be329eb62b5d5a36a0e6014ab8a6366684b0fc2a59ae5f061f596f462b82eb4e9f135d2235a0cbd4af96680d234eecc873a8397fd81507d277a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
6d44c62e7dea27c1c42b35c7ee260507

SHA1
e790f6a10bc8aae8cf175e125ee1804de3418c63

SHA256
c038e30bdd57a4706baf88aefc3c91bf84e7874496af87c9f7f8791ff1066175

SHA512
57b23304d1028de16b91fd119ba63aad23ba7f1af3b7bbdd7cceead49b82482cf7fab39c4c0b6b96c0662e95db0b3158367248d51e5172fc945123d18485c7dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5dc9e0b774f92f25399a6972805e4914

SHA1
5c165bd0a6617d21c5c5c9d1c87e82f621765a92

SHA256
23e5d0330b2466b82ae6cc32dd9816f172ac127dae605a89cc6acf2a0cf0e3c2

SHA512
f5ccfa3bd965cab52c489089a57838a264dc2c69155623049146a64c5a6d3e4eee917760a5e17da13583b7e522c5e844f8170860999aace04cc57ae41ef89edd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
004522410b97039a59acf989065f62b8

SHA1
f63990fbbaae7e06cff98da1b00d0385a65f363e

SHA256
aaa17ef53c0fc4f7912340649b80dfe099c05098ffaec00214663a111af050cd

SHA512
e507e290b9aa7a7142524d510f914d05e7be82fe47a8fb0100c7206f2131f9bc49132d19b36d3739f8e489840214a65c0a66c62836849d7f3153dcb17f31740f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
58623e04f6c81f14c6ac2970e36c39b9

SHA1
acccac47de060730e5184307ca2e761beaebb1f9

SHA256
52b26b9bc500782e968044e6487c2f476242d607145c3cfa1707b316b02b2aa3

SHA512
7f0ba7b14cf5bdd7682b5b538dee3bd88f6a7833fc4b3e1f775f2d90c2d8665369c3b7d6e0e1376364005c21eb8e1a9f34a193268cd6ef466b17104f228f63f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
50123a15b1d3809e5c997c51c9a2cb26

SHA1
b963b5afb8a0707f683b1997aa9a36a57f03f0db

SHA256
5a249d8e943bd2c6ac39344ce28cb87009ffa04c8b4c4877e00e5beb1870e7cf

SHA512
ed117f77358cbaa95a4d7aca786570db382059d5f9d9b0dbf31b955d6f5d088f3fe5ff94e5a4df39f6d04c0943f61c4600a8e81e8714650145249cdb88ba07d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
580849fe8311623954d239c83f548b0f

SHA1
a6a8cc2b7eb162a652ba1d89284ba777159f295a

SHA256
ff1b88b6cae861c0638cafc3ceb289ae0ffa854b7560f5f35e7d94f515be295b

SHA512
2331dbb9b09bbae3310e45360edea92047641ac17ce12163edbe0a608cc8787ec1061b2e9d5b079fceada1b895c93872f2cd6a9fca97baeceb2b6f635860d8ab

Download Submit