d7d9d77a8dd6c17eb2c116ad62b3f0ab5964a51c3fcefeb2c9ea76446e55b122

Analysis

max time kernel
149s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
27-07-2024 10:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

77df3542f9a0417ff508201d2da7f677_JaffaCakes118.html
Size

42KB
MD5

77df3542f9a0417ff508201d2da7f677
SHA1

ce565cc6bf04cdfffb92a44ae810c5da22eb660a
SHA256

d7d9d77a8dd6c17eb2c116ad62b3f0ab5964a51c3fcefeb2c9ea76446e55b122
SHA512

6d2ea93933c8ede2e411404d2e32e4da528c641caea76f36aad025d522c823dd87f9bad147e1a13abc7a14c7fbc7aaaa7b0b6582d5b5e465ba25ada9df4232e7
SSDEEP

768:Zcd9QZBC7mOdMwrpC5I9nC4RDvjxEufEwBwowa7FrPd:gQZBCCOdH0IxCEDvjbEwBwowqFrPd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2616	msedge.exe
2616	msedge.exe
4136	msedge.exe
4136	msedge.exe
4296	identity_helper.exe
4296	identity_helper.exe
1868	msedge.exe
1868	msedge.exe
1868	msedge.exe
1868	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe
4136	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4136 wrote to memory of 4932	4136	msedge.exe	84
PID 4136 wrote to memory of 4932	4136	msedge.exe	84
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 4272	4136	msedge.exe	85
PID 4136 wrote to memory of 2616	4136	msedge.exe	86
PID 4136 wrote to memory of 2616	4136	msedge.exe	86
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87
PID 4136 wrote to memory of 3944	4136	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\77df3542f9a0417ff508201d2da7f677_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff91dad46f8,0x7ff91dad4708,0x7ff91dad4718
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
  2⤵
  PID:3944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:4772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
  2⤵
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
  2⤵
  PID:1580
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6352 /prefetch:8
  2⤵
  PID:3832
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6352 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2528 /prefetch:1
  2⤵
  PID:400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
  2⤵
  PID:2312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
  2⤵
  PID:5220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,14551284221435252694,1297537326671121897,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1300 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1868

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:456

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1324

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bafce9e4c53a0cb85310891b6b21791b

SHA1
5d70027cc137a7cbb38f5801b15fd97b05e89ee2

SHA256
71fb546b5d2210a56e90b448ee10120cd92c518c8f79fb960f01b918f89f2b00

SHA512
c0e4d3eccc0135ac92051539a18f64b8b8628cfe74e5b019d4f8e1dcbb51a9b49c486a1523885fe6be53da7118c013852e753c26a5490538c1e721fd0188836c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a499254d6b5d91f97eb7a86e5f8ca573

SHA1
03dbfebfec8c94a9c06f9b0cd81ebe0a2b8be3d1

SHA256
fb87b758c2b98989df851380293ff6786cb9a5cf2b3a384cec70d9f3eb064499

SHA512
d7adcc76d0470bcd68d7644de3c8d2b6d61df8485979a4752ceea3df4d85bd1c290f72b3d8d5c8d639d5a10afa48d80e457f76b44dd8107ac97eb80fd98c7b0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
aef4c67f102490b199cb4d5201733a9a

SHA1
ec7dad7af38f9c8ae207657dfa8f2948c852a204

SHA256
2cbd9f7150be1ee2e8fcb027420fcb13b7c1bfb62b3bd40e8ec213205eff08d4

SHA512
7d3e51d2f1337e503f90127387cec43da2967ef54d3e3899375dd6accaee8c93c1a3ae02985c1c193b6de0d9d3c460f88cb1c8ae170f8ec855a652d2ac094850

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
c8082660cf29c5caa4724344d7d07ee0

SHA1
33ac6ecfcbdc17bc3f11321adbeff4eac5b4bbc4

SHA256
80d7392cd9bc9b8de5c4b3ace638e770df5a6a50e7fbc66979c46576ff475c45

SHA512
5a574099dc525e7463eafa95124bd427ac850ce1b47757c1fc0543b5aefd5e5a055503d75549240ec5b4720c9cbba8cbc857814ea07b6efe789e423a38843a3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ba827e05f9efa57b5a1f9838a68d9632

SHA1
fa8eb1eb23a80adb6f67f0591e23fa70be693124

SHA256
aac140b97870ae247cc6b46438373a7c3b8089bac808c3271758f33b5d43d964

SHA512
7ddbfe2dd2846b4a9eb4f05eef35efd3dabc961962fdcb8b9ceddfd08a7ce957cae4106adcf1367ed7891c1d6b1a1ec1b1db82e19e182ac23b59cc426aa659ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e402eb34-6842-41cc-9a0d-a552a889c0a3.tmp

Filesize
5KB

MD5
d4e8ddc060d021ddddaa5b881cb23ecc

SHA1
ffcc277142f49fd267c85dd9a64207650161d967

SHA256
fabc617bff081f58670950ff934064726bcd1dc95f1effbdccc0b0e405581beb

SHA512
dce184ebdd0826ae74d062a61437377be0d0b4810e33206b06db7d901e77c311f4db9802adfde356ac1a32da3b8ff53f8b0198ebd642aa39d3712741c8bc9b87

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
fc4e59ce55924501b41f900f2cb8013d

SHA1
0084b00dd4ac0225cfa90db4879a515d827529c7

SHA256
2bc06c4f3badd9d8916fd23fe62786da03d6078aa3fc0e3f78b0b187fa42fcb3

SHA512
efa820bdd2b4bf9c15f6dd0720acfeec01ec5653a33828be1dc7ce34ca197e72eeb38c2e271b8f924c8847d0755f15cfdf7be8eac0a00c4a10d192954f0b6585

Download Submit