d8227b6c29ee28253db7aafd0190a1f8c644e2d9f8838da8f046629d812ca49e

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
27/07/2024, 17:37

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

78fc8e77dd6e0e69003fa4af38ec54cd_JaffaCakes118.html
Size

15KB
MD5

78fc8e77dd6e0e69003fa4af38ec54cd
SHA1

ac510b5e0e46b7c119e8aa3de994753e671a91f8
SHA256

d8227b6c29ee28253db7aafd0190a1f8c644e2d9f8838da8f046629d812ca49e
SHA512

015277ba77ed66d1f6b2e06dd303f48ba6009ef7fc20272a8ee03915d8fa7f2b374305a40bc97386fe7b0330d2759a6d10f04fcf5ea66cf021bf6d202175f298
SSDEEP

192:+4en+h05jckanMfkdj2uwzBnGxOQwfRW/xlN4jWxp1jV0EooAKy285vSOeZOfo4S:Y+kc3GfOl4yr1jOoAKy52YJR5Nnwe2V

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3224	msedge.exe
3224	msedge.exe
3104	msedge.exe
3104	msedge.exe
1108	identity_helper.exe
1108	identity_helper.exe
5664	msedge.exe
5664	msedge.exe
5664	msedge.exe
5664	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe
3104	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3104 wrote to memory of 3680	3104	msedge.exe	84
PID 3104 wrote to memory of 3680	3104	msedge.exe	84
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 2452	3104	msedge.exe	85
PID 3104 wrote to memory of 3224	3104	msedge.exe	86
PID 3104 wrote to memory of 3224	3104	msedge.exe	86
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87
PID 3104 wrote to memory of 2004	3104	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\78fc8e77dd6e0e69003fa4af38ec54cd_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbcf3246f8,0x7ffbcf324708,0x7ffbcf324718
  2⤵
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
  2⤵
  PID:2452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2616 /prefetch:8
  2⤵
  PID:2004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:4444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
  2⤵
  PID:944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
  2⤵
  PID:2688
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5784 /prefetch:8
  2⤵
  PID:932
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5784 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:1312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
  2⤵
  PID:3164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
  2⤵
  PID:3080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,11917568911177666611,6492007083841915657,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5104 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5664

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4652

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2808

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2f842025e22e522658c640cfc7edc529

SHA1
4c2b24b02709acdd159f1b9bbeb396e52af27033

SHA256
1191573f2a7c12f0b9b8460e06dc36ca5386305eb8c883ebbbc8eb15f4d8e23e

SHA512
6e4393fd43984722229020ef662fc5981f253de31f13f30fadd6660bbc9ededcbfd163f132f6adaf42d435873322a5d0d3eea60060cf0e7f2e256262632c5d05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
54aadd2d8ec66e446f1edb466b99ba8d

SHA1
a94f02b035dc918d8d9a46e6886413f15be5bff0

SHA256
1971045943002ef01930add9ba1a96a92ddc10d6c581ce29e33c38c2120b130e

SHA512
7e077f903463da60b5587aed4f5352060df400ebda713b602b88c15cb2f91076531ea07546a9352df772656065e0bf27bd285905a60f036a5c5951076d35e994

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
210KB

MD5
5ac828ee8e3812a5b225161caf6c61da

SHA1
86e65f22356c55c21147ce97903f5dbdf363649f

SHA256
b70465f707e42b41529b4e6d592f136d9eb307c39d040d147ad3c42842b723e7

SHA512
87472912277ae0201c2a41edc228720809b8a94599c54b06a9c509ff3b4a616fcdd10484b679fa0d436e472a8fc062f4b9cf7f4fa274dde6d10f77d378c06aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
47d601aa38c9bda818a83e8ed09a96ca

SHA1
f8d9360765f6fa49131e7fea495219c86013e974

SHA256
b625f778f510f5d411b4e6e6e2b9bab62b47c8af22203cef19f297f03fe27e00

SHA512
63d206bd7cad19a243787949c14d55ae2b2ca91d01a782a7f9a558f13aa80bf92b424d50a3dfb596a2e64e69f6c72ca607b78934f50aa5a0c10b208f9d4f23ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8dc77ef72f5109e9845a1941cb37af94

SHA1
817073aad12a3aed67bba72c17a56f74e3ad0e8f

SHA256
bc7e1727bf99c3b8f11cc7353fdaf50bc2057b0830e0fdd9dc12ffdc7e783c8a

SHA512
41503927685d502c56e38b6d65fba4e09843611fec50662b519c1bde81466eb64ff56b137a37ec596a489471fb9b26b38e99020b493a3f433c1eb7b50be13053

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b9981a7d8a95b1c77270f6b721ec5efb

SHA1
6e8349225d168e5efa0696596cfa82d207641046

SHA256
dba7ee2b6159a7ca896fe11536459f6ed640ffe2202f526955601429417a3fa9

SHA512
ba81efa2c94e55471221bb05d3ecf798cabb1a442aa88723deecd93e664217424436e50f2d398c7d84c9b6457677be28a9377005f0ae01cbcc2c1b926393d081

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2d2c799b9b0710f3de9358c216c48d58

SHA1
10c3e431ed1a1243442ff0cf21700500e58d1e5d

SHA256
b2b294719b675f99b2353ec4fd3922fa08373c6ac243b8095b21e8892526cdfe

SHA512
da3b626884a04c214d7c6a7acd98db4128a1295b22599363b532f449737313cead1e02b7246662e8fbdb374d9369c1d180a790ca70e2b29d568721881226b0cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7dc9e46f15bdbb243e033f19b913fc03

SHA1
a36b757cd9210b003638a8c5150c086a3d5d3498

SHA256
9aa1b29a394a989424c36e6e065f97d0e6b74066fccd05f2fd3f465044436206

SHA512
0924d1780f2933730408dba961da5a66c56fcd0247b3a2036b5a04634ac06a9b8b44b897d7fac76326d9a07188526adff2abcfd02fab2bbac2a84131f5798bfd

Download Submit