686c7d2eb2842a3f866c69747ab26cd0b5011223e4dc830731628edb4a1fb2ff

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10-08-2024 21:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

87ad03f7672e84db2090b1e78fb2011e_JaffaCakes118.html
Size

1KB
MD5

87ad03f7672e84db2090b1e78fb2011e
SHA1

40bffe374c81dad2b3767bc26ee93af1f1f1f596
SHA256

686c7d2eb2842a3f866c69747ab26cd0b5011223e4dc830731628edb4a1fb2ff
SHA512

e4e602f29d764a820f12cb24c89bca36a627877642d49ed5cb44015196ee10f4893fa8abee5e9fbf1e1695493d9a3064857674e24bfdee2fe353c5b249ece4bf

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4904	msedge.exe
4904	msedge.exe
2548	msedge.exe
2548	msedge.exe
2412	identity_helper.exe
2412	identity_helper.exe
5444	msedge.exe
5444	msedge.exe
5444	msedge.exe
5444	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe
2548	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2548 wrote to memory of 3920	2548	msedge.exe	86
PID 2548 wrote to memory of 3920	2548	msedge.exe	86
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4324	2548	msedge.exe	87
PID 2548 wrote to memory of 4904	2548	msedge.exe	88
PID 2548 wrote to memory of 4904	2548	msedge.exe	88
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89
PID 2548 wrote to memory of 4004	2548	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\87ad03f7672e84db2090b1e78fb2011e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa06a46f8,0x7ffaa06a4708,0x7ffaa06a4718
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:2796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
  2⤵
  PID:4488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 /prefetch:8
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=64 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:1440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:3384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2244,16508272370505785923,13556953541204460508,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3136 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5444

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1992

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4424

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ab8ce148cb7d44f709fb1c460d03e1b0

SHA1
44d15744015155f3e74580c93317e12d2cc0f859

SHA256
014006a90e43ea9a1903b08b843a5aab8ad3823d22e26e5b113fad5f9fa620ff

SHA512
f685423b1eaee18a2a06030b4b2977335f62499c0041c142a92f6e6f846c2b9ce54324b6ae94efbbb303282dcda70e2b1597c748fddc251c0b3122a412c2d7c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
38f59a47b777f2fc52088e96ffb2baaf

SHA1
267224482588b41a96d813f6d9e9d924867062db

SHA256
13569c5681c71dc42ab57d34879f5a567d7b94afe0e8f6d7c6f6c1314fb0087b

SHA512
4657d13e1bb7cdd7e83f5f2562f5598cca12edf839626ae96da43e943b5550fab46a14b9018f1bec90de88cc714f637605531ccda99deb9e537908ddb826113b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
210KB

MD5
48d2860dd3168b6f06a4f27c6791bcaa

SHA1
f5f803efed91cd45a36c3d6acdffaaf0e863bf8c

SHA256
04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77

SHA512
172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
9a768e0fca8f0105fb7d1a6165515844

SHA1
7eee12a01c499cc305d17152ac222f7c75e7ed0a

SHA256
03f7494970d408d03f5becea9e39014b0722221374f9bbf30912a0d8230b218a

SHA512
3d3ddf99a9272c99d75b3ae3052bb9c6f22bb5417ba2a7f6a1f4b177fcad14d9b5d202f23fb5aa9ae3e80ab18fbe0c66f4097f57a7706ded4b82a3802f9185af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8d6eda370e76a8902a3925fda539c73e

SHA1
1f66d0657aa347a71282d562b578243beb4bc479

SHA256
b96c04322cd517dff456a4459ca185200d765b4ad9b98f98469328e44410905d

SHA512
9201568b82b8c6f0d684cb4b6220d754a4e8c9a68fa86993e4320348a9cd993406abaa481233fa22d2a6bdf859785a74719d2a1a083c76ffa0e2b5e9be54b8b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
747118cb62519178b5738dcf97a331fe

SHA1
83c942fcd2b0fb94f4197d16185ed48f73b6bf6e

SHA256
e2a24ecc975ad0268ac6ff5a4967070bd9345f09a58d85562bb2d1b6d9653130

SHA512
3e6cbad7c27f805e3c284cf926ea0efcdc9c5c3b108be463d9be211583f36fefcf3e0a57167f09696cd73f439a25a855bce45c51c2b7ac0664022b7d2be60319

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4bf1f75943e2794d6daf8baab0bcbff4

SHA1
13879abffba4a81cc4c7a4d3f1595fd66e5874c2

SHA256
6c55f7542e8e5ea39c3a1e42d720b22cba44d0749fd8cfb42ec1d91f9b7dfeff

SHA512
7563a53bf72822533abd7f9b782b05a59edb519d59c4acc1a6e885db90871dff29521ae4fe62005a605b6c19cadb73bbc83c91a9d62d4571cb9267985b89ecda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
e1be9208f3d29c1166c4e71b3bff4ffb

SHA1
9317844a94534231a0bfbc3a5d9b2db1e3a6b050

SHA256
4494d4c4c6214fe278d4c22a1c4fdf5a8d217e777955e0393573a45332828fa0

SHA512
4e0e9f396c7e08ddddf8044aac4604810dc941777b9baf79b3dc58b21b710600328ae3fc24f04c2155ae227e71336499b792cfa1f9868cb912f76df75f85f9ef

Download Submit