ec67f789cab2ba5165fe2da403c7ec35f7dc8d070787d25033d78f69d32b7982

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240730-en
resource tags

arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system
submitted
02/08/2024, 01:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8270dd66440e10368764dc817cd72e8d_JaffaCakes118.html
Size

72KB
MD5

8270dd66440e10368764dc817cd72e8d
SHA1

524f99d6a8d3cad9d97caa119b9afee8168eb4d1
SHA256

ec67f789cab2ba5165fe2da403c7ec35f7dc8d070787d25033d78f69d32b7982
SHA512

e5e725f8c04054140638d373f4d70d5525df32cb14726ac88e7aea746403e6fa570b9e37193f8a4e3fac336a7d80e003861e31824ecd55dbf91481ce7fc31396
SSDEEP

1536:vnPg+J0m1akFGwHJnrKu/kYBPlLe+kb7FvdJ5:Xg+J0m1akFGOFrKXOPhkb7hd/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2016	msedge.exe
2016	msedge.exe
4176	msedge.exe
4176	msedge.exe
920	identity_helper.exe
920	identity_helper.exe
4972	msedge.exe
4972	msedge.exe
4972	msedge.exe
4972	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe
4176	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4176 wrote to memory of 1564	4176	msedge.exe	83
PID 4176 wrote to memory of 1564	4176	msedge.exe	83
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 1708	4176	msedge.exe	84
PID 4176 wrote to memory of 2016	4176	msedge.exe	85
PID 4176 wrote to memory of 2016	4176	msedge.exe	85
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86
PID 4176 wrote to memory of 4872	4176	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8270dd66440e10368764dc817cd72e8d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb0bae46f8,0x7ffb0bae4708,0x7ffb0bae4718
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:1708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:4220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
  2⤵
  PID:1320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2968 /prefetch:1
  2⤵
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2800 /prefetch:1
  2⤵
  PID:1304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1756 /prefetch:1
  2⤵
  PID:992
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5140 /prefetch:8
  2⤵
  PID:2668
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5140 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:2612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:3232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,9840336844107760597,1311927761329270326,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2332 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4972

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3464

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4308

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8d8ccfa6a8b1b15db876b848b8fdc102

SHA1
dc7d92c35e9c84d8d78ac0aedc926214cee68135

SHA256
b48f98046030e23b843422251481c3f19cfa0cf71fb36a8ff89dfcb152761f86

SHA512
6ae61b6cf236082b9930686ad2650c3ce3fa337550363e0858062dbb399093b0ac6bbca3d4c40101e222ce764fa4fb704bfc591e6d5b0a6c165f170cd6c9d5b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
81e22c2898ac78c14a840076a8446b9d

SHA1
ff5b7cca3ff2c4e77e6330e2c5e2b62bb56e9fe6

SHA256
a5e570fc8d3a52027db48adf1301fe8dffc500a4bef04d0d6bff15fff78ade8d

SHA512
19381615be8f53ccae56a21c29c314c3247ac78fd3cf838f52ca98757b54f945f0d178cfb44ea5ad42fc68b3d3e6e7ce4e4f40eb69f791fa5132f591c62388e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
52b8a2281dca2fe4ba40d913d32cba26

SHA1
829221286912396ed61cfc823131e29d997ee5ba

SHA256
f1db5ff3bc81683e2bab9ef058465bbb290782ec78b0169cb153151d344b0339

SHA512
eba2f946483068fcd4b0dce53d507ea418e048052effa912fc11a7e53ec207f0c0178738b7397dc715ed3f858cf46c9cf0abfcfafdf1610d9ae429fcea3e8f3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
88b2239f553c0ffe74fcaf4ef16f8e76

SHA1
3696a1f27cfdfb3ff0b32cdc5cc8d845f5155c19

SHA256
c9d711f7f7a7cac41a7400b845ce6b74ba10125b3fdf0bce518cbe11a6739352

SHA512
84dca2b535f1b77279d023bff594f200c62217e8473e7524fa90949947290d33ba95b4061ee55acaf6c77d4f7912f12d6ae0f2c7f8e896dad464f80b34c40739

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8f10692c68f737758c139c4e6967dbd9

SHA1
96b8378fd711649d3dd5e26a8947373a64ee0102

SHA256
760fd12bb04e6157e30acc784869374d233c434e5617164c411dcb88a1c5a6c5

SHA512
cb905ce182638b33084e895afb47182c1c6a8292e597b181efde59d894e3c615913631018c0621a7ea8e8253817774f6e55f0035cd485d8c3438cea4a6ce414d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
96b8a91cb2739c427261091461b760fb

SHA1
e87293cd0ef948b5f5241f767b73ba23283eb178

SHA256
18afa373ac4aeb9d4f01a14682582d590d918dab774226d5cdf868b56f4e8c2b

SHA512
3222819ba3986271c2cb915e42b274c3101af3b7628e159a241f39473fb692f0446e46d862d37d6f52b137e20328949235c3abcc937ecc20bd9e1cab9fc9fdf1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
25ad4cf55fed815d7685b44963950ad6

SHA1
61a370fb3a6fb6aaad0c4ff7ca1bc73bd027977d

SHA256
fbce30937dd3de2a344464dd245f936aedea70a8391d82318903d8ef5e7d6cca

SHA512
abbcb675701be18b9e8472d2d611648785ea5e3c2018755266f887765f28807ba5d036e6fdf054b7bc175651540792ab924b407d11333141a1a691416e0c3264

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9fc9aed2c83e925ddf435d46270e1c19

SHA1
2f17a9ec790a7e70579d4b0e5740dac4174d003c

SHA256
168f2132121b48126754509b7fc53a5d3af43c84b94704ce7f237dd328f6725f

SHA512
6c038e2da59fdbf9794a1dd0603badecff633e83eea2ebdb61648298dc18866d1056d8af5149891e71cabe42f235c36f4e195305f38ca7b3f88d733a9d4d2abc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
fd4853061f59a9ba74a4442150d8d7e9

SHA1
2a51b78230948135674e4c981953c2e622cd432b

SHA256
6a8c578212de3011208e718b92c0eeab2bf013924e5d6eeeac5b68fc774423c7

SHA512
4dd3ef58920adb581233c80e761333c4015455a9511ab1a85ccfec6654dbe0a2e8e0aaa1cd8967f5086b5832586b9a1b78cc130a855493eb549663eca11a8690

Download Submit