c85c9538502979d380fd9fab54a33db05224661b9dc51054a6443d4e52771417

Analysis

max time kernel
145s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240729-en
resource tags

arch:x64arch:x86image:win10v2004-20240729-enlocale:en-usos:windows10-2004-x64system
submitted
27/07/2024, 10:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

77e2f55cc4e48eb68667c044947ece67_JaffaCakes118.html
Size

91KB
MD5

77e2f55cc4e48eb68667c044947ece67
SHA1

4c8f640ee9fd2d47a32404ee1fcd7cd4ba59e808
SHA256

c85c9538502979d380fd9fab54a33db05224661b9dc51054a6443d4e52771417
SHA512

9eb73d31c844587d0033f75424deb2d6aec86ba238b8adee1d7bf39b53972c548f601c1d261cac76a2614db2a51877d1622ce45ee124daef0d8f3524b26628ad
SSDEEP

1536:gQZBCCOdZ0IxCu+9A1H0S1KiIYx9ZD5WpVWX8EeF2j3/nkNMqXR1UnE3lvYFPAQV:gk2r0IxlPd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4860	msedge.exe
4860	msedge.exe
3484	msedge.exe
3484	msedge.exe
668	identity_helper.exe
668	identity_helper.exe
64	msedge.exe
64	msedge.exe
64	msedge.exe
64	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe
3484	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3484 wrote to memory of 3076	3484	msedge.exe	82
PID 3484 wrote to memory of 3076	3484	msedge.exe	82
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4760	3484	msedge.exe	85
PID 3484 wrote to memory of 4860	3484	msedge.exe	86
PID 3484 wrote to memory of 4860	3484	msedge.exe	86
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87
PID 3484 wrote to memory of 4728	3484	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\77e2f55cc4e48eb68667c044947ece67_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa95ea46f8,0x7ffa95ea4708,0x7ffa95ea4718
  2⤵
  PID:3076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
  2⤵
  PID:4760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:1936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6244 /prefetch:8
  2⤵
  PID:428
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6244 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
  2⤵
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:3124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,3244135858128316714,18313664033031262053,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3052 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:64

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1652

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2440

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8004d5759305b326cebfa4d67dee5f25

SHA1
36b9a94959977f79dd0a14380ba0516d09f8fcaa

SHA256
21f35e2ac53a817389d7027e99018450993fc66e37f916e454bff9eed95562d7

SHA512
7afba827395c1a5438091bd2762a097f6ea098fcbf3db99f90f9bc442afee7a7841a6e0e83f9cbf017cda0e52d35da93f8efd60cec73638baea5eaf1c85b7089

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
368c244e384ff4d49f8c2e7b8bea96d2

SHA1
69ce5a9daeaf1e26bba509f9569dc68b9a455c51

SHA256
6f8cb8fe96a0e80be05e02f0f504e40d20e7f5db23fd0edee0e56bcffa1059a3

SHA512
ac460f1b35bcdefa89104e26379fc5639499607be6559353665a73ee8dd41822699d767532d48cffc67c755b75042294c29e93062d4eab22ca6bcbe054108a5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
4b11260382201f29965c9e0a521528b7

SHA1
6a9e44676a7bde48a4a99a3b354a33350b4b5407

SHA256
ffefefe0301ab7a0b2440813ce31c0e27475a608db2c74373bf8e5871e8b2098

SHA512
885eca4d8d17392b2531d37aa16e2f32083893124ee4372f41ea7b2e2118e9e54fccfdb8a1b1610d47b6ec48cc7ee57cf5c8e08c79f0cbfd0eb90b734c0d7379

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
59203a702ed4cc0cc2169c16d4739dc9

SHA1
f5da5225dfe2c7e48b48fb7752fe7dc6a75b1b1b

SHA256
4e8cc73ac18ae83570a3288674bb0827dc77cf5737cfffe1ddeac0dfa369b976

SHA512
81f281e44d1a5dba1a04c9dc13f7cd9204ace71a81b64074dde1787f57b8d5dd8c72f8d2bb5bd34623948d8b8091cb4e436cd21de3a8a98f2079a77006789107

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
295f590b41c061055a72c8b33efdd924

SHA1
fe50f8831b34d34e1124425c92b3d4f497639dcb

SHA256
3741d3b588ef618e8f8c14f13b1f10b9f42aca0fad6eb27d2f805685dfc39cc7

SHA512
83cee23cc445103254d1eb3c9f23d05238eb5f9de760238c0ff42a617ee5a11d6f7a40200e05a5b70c0c19b257280d47ed98ae06ac62718a642db7f2e658f6d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
56367b6b7e5f5d3ef551e373112a5a99

SHA1
0e4ea6437cdf3dbd5ecd74ff02e01e523c6b7008

SHA256
e9a7bed4d455ed4079f5820f0dfc31d962ba090018a7d56120ed356a4b3032d0

SHA512
8efe825a92fe790f640586162d378cabba56d401002cb053e87b5128bc1d5eb4fc870b8b96f72069433f930aa799c05a36b324c3f14cc1795d501217d5351e0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
9eb9ce913710bf8bd14dc550ae7c0720

SHA1
7735281e3935a42688828da7d460b07cc8de0a28

SHA256
b743ff1cf47a37c9f2bc89d1f16f4af9f2e7f8e819e306dddeefa950fb496026

SHA512
54afa57960cd58a14b14385f0fc17144965fd635d1f8e4c0eccf40b9b4986a222938452e7653d47c17fa43036ff741673dbb89c8e961743d0097d806536414b5

Download Submit