623d58192e91bbecfbad72082b96100a1445502c19b3b6c7bb9a0952c8279192

Analysis

max time kernel
146s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
27/07/2024, 09:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

77a947813bd4e63e844bb403cd5c1715_JaffaCakes118.html
Size

43KB
MD5

77a947813bd4e63e844bb403cd5c1715
SHA1

b03dbda47c335ca8172ce867b2e7e816cc523224
SHA256

623d58192e91bbecfbad72082b96100a1445502c19b3b6c7bb9a0952c8279192
SHA512

3da0f0f502978c4e7dff1f165dcfddb0df46711a5f0c1e92a017c62ede9081c4f5aac96ed2ccca956142921392ed4d6293e82abd86510772831b04a951a1ac90
SSDEEP

768:vLQ9kLXkUalYEQZIFx3znhG7pZWUD+nzc4JY31JO9ZYfSa6Zag4Rmh:vLQ9kgUalYEQZIT3znhaKRW1JO9ZYfSb

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4752	msedge.exe
4752	msedge.exe
4652	msedge.exe
4652	msedge.exe
344	identity_helper.exe
344	identity_helper.exe
4364	msedge.exe
4364	msedge.exe
4364	msedge.exe
4364	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4652 wrote to memory of 680	4652	msedge.exe	84
PID 4652 wrote to memory of 680	4652	msedge.exe	84
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 3504	4652	msedge.exe	85
PID 4652 wrote to memory of 4752	4652	msedge.exe	86
PID 4652 wrote to memory of 4752	4652	msedge.exe	86
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87
PID 4652 wrote to memory of 4360	4652	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\77a947813bd4e63e844bb403cd5c1715_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc8dd046f8,0x7ffc8dd04708,0x7ffc8dd04718
  2⤵
  PID:680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:3504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2820 /prefetch:8
  2⤵
  PID:4360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:1196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:2964
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5672 /prefetch:8
  2⤵
  PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5672 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:4168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:2084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2936 /prefetch:1
  2⤵
  PID:3428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,17355790696655852394,5805115662152811553,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5668 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4364

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4744

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4488

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6c86c838cf1dc704d2be375f04e1e6c6

SHA1
ad2911a13a3addc86cc46d4329b2b1621cbe7e35

SHA256
dff0886331bb45ec7711af92ab10be76291fde729dff23ca3270c86fb6e606bb

SHA512
a120248263919c687f09615fed56c7cac825c8c93c104488632cebc1abfa338c39ebdc191e5f0c45ff30f054f08d4c02d12b013de6322490197606ce0c0b4f37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27f3335bf37563e4537db3624ee378da

SHA1
57543abc3d97c2a2b251b446820894f4b0111aeb

SHA256
494425284ba12ee2fb07890e268be7890b258e1b1e5ecfa4a4dbc3411ab93b1a

SHA512
2bef861f9d2d916272f6014110fdee84afced515710c9d69b3c310f6bf41728d1b2d41fee3c86441ff96c08c7d474f9326e992b9164b9a3f13627f7d24d0c485

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
899bfb5368dcf21c400a62b9caea025e

SHA1
26e7eff6976c7e3958527c9f3be6b1bc512760d0

SHA256
c4e8d1850b5acebb0962ef378104c1a1d4c9d0af4d0504e62d9d2d57a6529b83

SHA512
d4a4b32b317192afe55d4f5c26c1a02c84dabaffe76ae5e3d6d70a3d9dd63d820138a5207915f8d6f76f0e91ec46d7390cad291ba200a66de5ac426eca560628

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
478B

MD5
c29ffc425df7c2763631d827e630b0e8

SHA1
03b67c653366396d786d8ee90b60dc7364da4a8d

SHA256
9b3b3c36af56013fea42a5358369e00faa0a26b40122ce1cdd8fdad395b2e735

SHA512
759d6db35252e49be19a4a14ef7f1ecec20f8a330c4ff58ba961ba377b409e15889aea991ae1504134c31657b450545cc3fb5b12b4f6402d4f5d35bda9b39357

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0796bfaa16d9cd204457953d6afdde3e

SHA1
bf62e8c4b7f75302f5f5af820d99fa7d5508cfff

SHA256
9abc419377beefca81033c3a2f82a3777776d3bc189be8c0e31a4ee51e789fe3

SHA512
7e1ac44865eebe71ffcea9523ab7598358a8111280731b8d2ab41a381bbe03246735aa041e79847ee5f4c19943f65e942ebd6091626bb4f8f4133e2428c7a644

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ac89532e694e3ac856503f8fee817e0e

SHA1
16a15cddee928b61bf0d6a341962d20170de66f5

SHA256
05097e91930e535abbd276752c3889cba5ecc2f0e7b5749aa4e39f725aa52b68

SHA512
75da90c7209a3bf7fae08a161bb7ae09bc7a46841d53bdc69cc34fb533092a23bd54ab2838a6a0ad28dc308b3b31907e3fb51039efd26067d34ea812e1cd74cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9415fffe640f5d4b767ceedb94a2b4d2

SHA1
8734da5d9deaffcfccf3cef201fcf2810a85d27b

SHA256
732ae0ad17f04f8a2e84b8edc2989781d9409742294e3d6e1efd3ddc8a725218

SHA512
9a5ae8e0108120c482e2d41db33c4dbabc57870dba1409f0fdc5208683e54cd771d48e1cbddfed83073d37efbc398c05798a8524c872d3ff1c6d0e06eb9ac717

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4a155916154c47a4646b068aeb2a5154

SHA1
bde0e28d3d442e9a7e8450c169a3ca76753c2a82

SHA256
0df9a97c07af508477388a548f29724ad505ea7a8dbffe5a9dcbf1ea6b7f8055

SHA512
15ae17746dcfcdccb7515c0d72273e34f99c5f793eedc0524604fb7a1e75be5e39ada21f4fed76c89fa098e3c6b798732db053560331d19e821025dc8906038b

Download Submit