92b6463e1010aee1783de6f22554756378aa7abdce7157c2fef13dee59a75973

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240730-en
resource tags

arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system
submitted
01-08-2024 20:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

81c1ce3cfec7320f449b2437f25cf50c_JaffaCakes118.html
Size

56KB
MD5

81c1ce3cfec7320f449b2437f25cf50c
SHA1

c016e0b92d09d622da618309d06cfb9c0b1f710d
SHA256

92b6463e1010aee1783de6f22554756378aa7abdce7157c2fef13dee59a75973
SHA512

7740f8462a6fc2ffea70666f711bb6f711a1a102809375b0db22e6b16c1d379202e8db68b4a67a203ba7276bdf9e1693876621d110395b2703e7990ad446825d
SSDEEP

768:Zcd9QZBC7mOdMxnpC5I9nC4X0obKVi/HUURPd:gQZBCCOdI0IxC81x/pRPd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3496	msedge.exe
3496	msedge.exe
2404	msedge.exe
2404	msedge.exe
3908	identity_helper.exe
3908	identity_helper.exe
2412	msedge.exe
2412	msedge.exe
2412	msedge.exe
2412	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe
2404	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2404 wrote to memory of 4640	2404	msedge.exe	83
PID 2404 wrote to memory of 4640	2404	msedge.exe	83
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 2808	2404	msedge.exe	85
PID 2404 wrote to memory of 3496	2404	msedge.exe	86
PID 2404 wrote to memory of 3496	2404	msedge.exe	86
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87
PID 2404 wrote to memory of 4988	2404	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\81c1ce3cfec7320f449b2437f25cf50c_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff91cb46f8,0x7fff91cb4708,0x7fff91cb4718
  2⤵
  PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
  2⤵
  PID:2808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:4988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4244 /prefetch:1
  2⤵
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
  2⤵
  PID:4468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 /prefetch:8
  2⤵
  PID:2388
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6204 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
  2⤵
  PID:736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2180,489214907542779795,467664036641633986,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6012 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2412

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1360

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2452

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
336e632142966bb5b1555731fdae58b9

SHA1
df21896206cb41e55caef4082b8d402435de5389

SHA256
bf03fb88aee2f97c7757c4d05b84f3873ba82c16de2a537679f521bb42d2a3d8

SHA512
f7cc58005811b16b1842307d473d379a0444269936ab2c0bbd58d827ad5383e0400e2a7e863f59215412a2f84924b1f8758b155b1b7eb83d045d1b6883c92173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dd3fc896ff3b0d6ebf2ed72827fd3aa3

SHA1
8c8a9bcb355d3fddca81c5a0b7c85a094fbe9b5f

SHA256
7d083e4431e3faf959c6c5f74d0319e5c7b199407b6a36c7adc980376e6da72e

SHA512
5950639d09cd39676d2277efd11e4e21fcb6431cd67f7f2ba900def9d25fc4d56015ae2a0e32fa9f599e71f1ffd0f1b3981c57a30d73095915f975e783633619

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
c85792e8030be64448e2425fc3c2c17d

SHA1
c99effbaa305fc77166149b2346b18f4a9712156

SHA256
c814d8d23204f6bde7734c1b01a97912e752037b6b8a8672f57f541e54a7b916

SHA512
bc09274cd8dca7c475f3347491c5a608d01c2f262c0fd5e3d931a863b7f7da8c05f97119cc2fc30d06afb3910dc44e9446209a2591529a13387fde1f2ff1c349

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
c99b2b95fef8a5cc6c431600e7a82ea6

SHA1
800038d4f951e33dcca8f9ad8fc81ac83f42542e

SHA256
44a2fae84067e7963bee95779d5ebada82a3fc90cf0d282b744418191dbf7cad

SHA512
4072ad76e28d9cdf65cf974b012fcf4cba674e1fc792b9967d396d2fc285432b700a967686ae38d23d68dd016705e9a36c8f3e444acde19df679c234c3e39dc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9ee454b77fe98e05aedfdd5638434e52

SHA1
9972dfbd224687df89adf938027125ca0d36abd1

SHA256
e8bb0c679fc0cd34386178a07a7d1a2ea2c06ddec8327e93e889d4164f1862c4

SHA512
a68a3d69748b745f83efc8c9c4110a4182989ac654e22f91b2cc06f7b3357934f23d4c9eb7e89d8652f1d2e9fb267b36214eb45a1fdc3206cbd234d67ca53939

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2587d4145bf9b4d022f385cde31ea5c2

SHA1
406dfec9ef3af6b2fc3d8f2ef674b2e460e9f20f

SHA256
206413ae56442043daa41e9aa906856783a3e2f9628bbea69c07d225053ba67e

SHA512
af413f700d483da8fa615d5968d7d84b98392c3f7720f2ea790a3e661b9d094e92878ef6453f7bda202195e4d03182e206adb4d9232a1ac46da49bbbb9ab0ff8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
141ecb40f2c72379019c383506958097

SHA1
5649c85c2d77dda25419fa755bac8e758ba346ba

SHA256
bfefb183a33332c70e388534302814d59196f46b9bee3fa421b1b65e043f534e

SHA512
44660d6b300250127173cf627d4a41e5ba47e6a065c8790d53629bcb0111bb989a89bd763a1179d39017be1a97f3bdf9a6d850744b993c0bef74ed8f1c2483f8

Download Submit