f19f8de45b5f75482742a5b55a6f64d0466c58ca3cead30f97a974a0ab17195c

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10/08/2024, 04:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

84dddae686d04113aad0227a6695428d_JaffaCakes118.html
Size

236KB
MD5

84dddae686d04113aad0227a6695428d
SHA1

3502238cd6ddf55bbdef74d33ed2b38d30b0f942
SHA256

f19f8de45b5f75482742a5b55a6f64d0466c58ca3cead30f97a974a0ab17195c
SHA512

26bc2967a1527c3b183949403ffda0da5c7cee69e2c2a60c744b48abb660fd583c508d596bdc17766cc7a7a577fed70073fc17f8ce55fba697c7d4d94a214a6a
SSDEEP

6144:lnyBGBFBQBeB2BBFqJjxBIa5IVz7ESXXDyJuC4t:VyBGBFBQBeB2Br+mzlySt

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-355097885-2402257403-2971294179-1000\{D2180D0E-1010-4838-A039-1F547C169875}	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
760	msedge.exe
760	msedge.exe
3272	msedge.exe
3272	msedge.exe
4424	msedge.exe
4424	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe
1500	msedge.exe

Suspicious behavior: LoadsDriver 4 IoCs

pid	Process
656	Process not Found
656	Process not Found
656	Process not Found
656	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe
3272	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3272 wrote to memory of 3740	3272	msedge.exe	86
PID 3272 wrote to memory of 3740	3272	msedge.exe	86
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 4224	3272	msedge.exe	87
PID 3272 wrote to memory of 760	3272	msedge.exe	88
PID 3272 wrote to memory of 760	3272	msedge.exe	88
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89
PID 3272 wrote to memory of 1912	3272	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\84dddae686d04113aad0227a6695428d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff80c1846f8,0x7ff80c184708,0x7ff80c184718
  2⤵
  PID:3740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
  2⤵
  PID:4224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
  2⤵
  PID:1912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1820 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4284 /prefetch:1
  2⤵
  PID:1828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3268 /prefetch:8
  2⤵
  PID:4716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5968 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:4424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
  2⤵
  PID:3116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:2728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,2752900028769957951,10609673526775045868,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1404 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1500

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1332

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1824

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e4f80e7950cbd3bb11257d2000cb885e

SHA1
10ac643904d539042d8f7aa4a312b13ec2106035

SHA256
1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

SHA512
2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2dc1a9f2f3f8c3cfe51bb29b078166c5

SHA1
eaf3c3dad3c8dc6f18dc3e055b415da78b704402

SHA256
dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

SHA512
682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
cf3b269345939d45d068fc0cc1854879

SHA1
565f0cfe84bbad4ae8da8d3c733efb4579bfd02d

SHA256
0c7cbbf3038665cdefbc570c2d8e754c71149a13eed855be59e8525cd9756901

SHA512
03d5cf2b5202b80a2a3a0a02c661002add752b93d4d3f6adc80a78b2b18b09552e64f8ea8f3e9fa8d5abed946f4278353caf16bc305cd2c6cd9ef9a52aa39164

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
3f83d772928b8553477facc9f6d8a824

SHA1
cc17640653069455fa5a82f91f66345aa14a677b

SHA256
7f470cbb53622358d2260113a8b2bb1837fd2108d620714a160adf0adca381eb

SHA512
d400e885e6fb667b8b463b1af9950e4ff8f77092fbd4a0ec5d85a5e230bc85cbdaddde462a09f6f85dd44733532c3032056e28eccbd3288efd7a2c5ba24c5bdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8fde8457716e3b79f789ed058d4ab301

SHA1
b63c6cd5ccf5520dc7703dd4cc8cd1b100fbf14c

SHA256
328b92bb4cfcb9b4feb32380ad4fe2daf27fddbb2bc285fb95b8ef3def4bdd61

SHA512
ed9705a5d4032a43bf6097b69c3f80ba01f7d573225e27ce13787806390e3e41eeb2d8890c864830aa7a518f2a07901ca0686c702b047ebec1805c52fb71b598

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
50145a2b2711a5d9f79da2cfd3cbc7dd

SHA1
1a08f9a3f48d5e53545b3ddf8e4c9886c8a927f3

SHA256
a31b688ea4cf76516ecdb079afa1cd9a8545229670b5f72c1400cf5177f185b2

SHA512
dc8c4305eda86c7119288d69e903c78e991ee9bb3cd16a746994b5234c6a163edc953a79947027932b53366724709a2d7eaeb219d8fab4d2dadc8c20b6c01b8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b435c40d30f91c7f484e39dababbbd02

SHA1
c78cfff7438227a15d916601aa1f4068f32758b0

SHA256
57f9cc622181c5cc9174117e87ef0fff164b7fbfb926ff884e0ff7aae620d0cc

SHA512
cc8f55a0882f09fc591a8803377440e4de1a79f55292ecfadddcffdd681eeb7c98cd0a7583ab91b009fcbccbe7a1d86726607cfc04503ce2223eeb2c0f1a15e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
79c9a544a4a0fce4c8cd10b2174632da

SHA1
a577712ad545dfaea327dc0bc5fc8a550ac4f3b4

SHA256
7ac891dbec16fc97c6921c362e7c6d8d47c77c9387a7ec1a5d678ed6552b4328

SHA512
0ecb24143e88b8c2a1d2f8d219da28d5fb118804431a1eb99823d8d2d3389d6bf7aaa5d2e242ffba55cf74cec1fefe736dff75c4d4b2ccd79ef062938a059784

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58c05d.TMP

Filesize
372B

MD5
85cce87f96c43f6a940bf9e3db3a5e9e

SHA1
d86caccb268d52b28426e4db7ac61497179575ca

SHA256
fe194d4116237a9da1dd39c41574fd93f07b410113b3930bb5367ecf8faf7e2f

SHA512
6dbfbc40444407a6373579c5bba2c8008d2f2645ddd423c0b6f13b7ebb25f94f168f7625574e2d39dec473f595c32b950833217e151910aa5038d323fc1f8fe6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5c9d63f8caee1670c4d4144cc1ef2948

SHA1
eaf7ef7fc0ba060a5ad192e4780ffd8dc39f4b9c

SHA256
a1f08ea7174b332710667b866910084b0ee3f7c6a9c783b00531c978ada7b7ad

SHA512
8743d9841e74aec5f95d1a5fe425724a448a46a93e452448aa1cd0586f97582a9ea3fa582ce442b29dd8be14ee26a0be1971cda2ff7bc8bdb53a56a604358f1a

Download Submit