ab7dc5e4d1b78408fcc8e0c38c242644b1341cf093344b70a4052d06a50faabf

Analysis

max time kernel
145s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10/08/2024, 21:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

87ab7b7f680b4821e4bb02b09d157ca5_JaffaCakes118.html
Size

15KB
MD5

87ab7b7f680b4821e4bb02b09d157ca5
SHA1

c974565bcc1d1106ed5eab86f2f56de39bd293f5
SHA256

ab7dc5e4d1b78408fcc8e0c38c242644b1341cf093344b70a4052d06a50faabf
SHA512

4ba30b953132f0816cfebec6af4a6f7cfc6ed0db636b1b2c6a94acbffd24b8bea1b07cdb319639cb6e384cb165664fabe70155700d8cb47b5a5a43ca3b50dce7
SSDEEP

192:asKh/5jcLXFHEPxA5Z4IpFN4fWFI6fXjleU02LL4Q3oQ2TM3BS3KlmP3KTAL3E2:azchh5FuvKD0jQ3/2TjOJ2

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1420	msedge.exe
1420	msedge.exe
3884	msedge.exe
3884	msedge.exe
4680	identity_helper.exe
4680	identity_helper.exe
4240	msedge.exe
4240	msedge.exe
4240	msedge.exe
4240	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe
3884	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3884 wrote to memory of 1788	3884	msedge.exe	85
PID 3884 wrote to memory of 1788	3884	msedge.exe	85
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 752	3884	msedge.exe	86
PID 3884 wrote to memory of 1420	3884	msedge.exe	87
PID 3884 wrote to memory of 1420	3884	msedge.exe	87
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88
PID 3884 wrote to memory of 3796	3884	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\87ab7b7f680b4821e4bb02b09d157ca5_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9cc5346f8,0x7ff9cc534708,0x7ff9cc534718
  2⤵
  PID:1788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:8
  2⤵
  PID:3796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2084 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4352 /prefetch:1
  2⤵
  PID:1816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
  2⤵
  PID:2600
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5792 /prefetch:8
  2⤵
  PID:1724
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5792 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
  2⤵
  PID:808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:1604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4248 /prefetch:1
  2⤵
  PID:3240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,5772977269962975178,4380664046158637192,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2276 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4240

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2440

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4532

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ff63763eedb406987ced076e36ec9acf

SHA1
16365aa97cd1a115412f8ae436d5d4e9be5f7b5d

SHA256
8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c

SHA512
ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2783c40400a8912a79cfd383da731086

SHA1
001a131fe399c30973089e18358818090ca81789

SHA256
331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5

SHA512
b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
210KB

MD5
48d2860dd3168b6f06a4f27c6791bcaa

SHA1
f5f803efed91cd45a36c3d6acdffaaf0e863bf8c

SHA256
04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77

SHA512
172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
3c90cc58e6d7ecdc8705599f57570ab2

SHA1
f70c5f5646a967ddc3759fe50f6b29aa36a87307

SHA256
cfa2abff2301f8afe1166d33136179deae1db3448070e2373f50cfbf351d0056

SHA512
13f9c3cb2163327199b6a6df76804a2b064f600eba56c492e3a95504df1055b500c25412a3af59716ab437501f4b3a2b3b6e86c057a231d44d37bdf3bbf75cab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
091e9b71d870ae81b2ed0160b3815a5f

SHA1
52b5ed445ee2538d4fc655c76fa57df2d08367f3

SHA256
11623ed47de2c54ecc50f3ddb6c58459e347510e76b2a35745421603e3717d10

SHA512
e039e2428dcc1ddb68e078b5771763d3742ae95bbb7e95d737e26441b0fbf0976e0620b45cc44082d5a3bc1ad96c1e6bbcc7509c3c4be32bbb77407f5f261522

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fcc5cb18123cdf0dae322cafba56547d

SHA1
a2e5aff33b61139c67c55d80eabfaad99446507c

SHA256
a59e094d2dc9adee8fbb4d0ffc5bc306d7a704a50046d21fc3e24cef9148f068

SHA512
99f47dfce826d957b95c3a052a358d9a055f3b63b53c397fbc9838a1f79e6d603bc3807753d48c256ffaf17438e254c3dd1b0a1146a0cfae9a0e558b2069e0bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
fe69f40bc458999e929a0c629bb86678

SHA1
ea4efab85f8dbbd4bd4d788b99d55b6b7c5d3cea

SHA256
7765fb21389684aaeaeb3c4be59293186038e42c09fed2bb799f78cbf157ddc0

SHA512
35a5061d576c22267908d5572f117328dbf0c9d6bc7c75ff01beaaae1c54422ca0cbce4d9d5363315ef714bd4c55ed6db17a798ee395170ff316555cfdb75731

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e745debbae4593835f2dffa80cec00e1

SHA1
09d3de196575d5c1a3e68cd98fc3c3852b716912

SHA256
d33887aaebba9234352e7674b8fe5326ac124eb91068cd6e93df381d2cf529f6

SHA512
2d11799f5172547b8de4c9df66fc6eadcad6c22d9af54b9e429bae2427b0de5ab2ce473199981cb01149a12fb506654a11a445aacc27be5041fa20f0fe377833

Download Submit