a8b398b240d7df104cd08c7393b9fbb583e47923d9343dd0044dacc791b86ea9

Analysis

max time kernel
145s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
17/08/2024, 18:36

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a3ac963f2eade6d8c7a14282e5352b43_JaffaCakes118.html
Size

131KB
MD5

a3ac963f2eade6d8c7a14282e5352b43
SHA1

004f84da16f7cd2e3c50b55e4f31230c07a99118
SHA256

a8b398b240d7df104cd08c7393b9fbb583e47923d9343dd0044dacc791b86ea9
SHA512

29ed06da036b95a1b06eb0e0f743b2291080deaf013ac624133b774841bdc83af49da9f3fe230e3fdfdb3d20fbc52bed1ab67c19d3d10494678a4be64e58bf88
SSDEEP

3072:GwIA0zeaUDkzzQ5sVHxGyr0gvdyHFK7BvO4ebQ7ZZb7hr69aBnXTaF18KlBoRL/n:Gz6Qj

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4044	msedge.exe
4044	msedge.exe
4564	msedge.exe
4564	msedge.exe
852	identity_helper.exe
852	identity_helper.exe
5092	msedge.exe
5092	msedge.exe
5092	msedge.exe
5092	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe
4564	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4564 wrote to memory of 2520	4564	msedge.exe	84
PID 4564 wrote to memory of 2520	4564	msedge.exe	84
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 3132	4564	msedge.exe	85
PID 4564 wrote to memory of 4044	4564	msedge.exe	86
PID 4564 wrote to memory of 4044	4564	msedge.exe	86
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87
PID 4564 wrote to memory of 1192	4564	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a3ac963f2eade6d8c7a14282e5352b43_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xfc,0xd8,0x7ffbb4c946f8,0x7ffbb4c94708,0x7ffbb4c94718
  2⤵
  PID:2520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8
  2⤵
  PID:1192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
  2⤵
  PID:3140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5532 /prefetch:8
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5532 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:4312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
  2⤵
  PID:2620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
  2⤵
  PID:2464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:2732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2240,9588551465753134042,8541900999153207517,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2040 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5092

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1196

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5088

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9b008261dda31857d68792b46af6dd6d

SHA1
e82dc88e2d1da2df7cb19d79a0346b9bb90d52b3

SHA256
9ac598d4f8170f7e475d84103aead9e3c23d5f2d292741a7f56a17bde8b6f7da

SHA512
78853091403a06beeec4998e2e3a4342111895ffd485f7f7cd367741a4883f7a25864cba00a6c86f27dc0c9ce9d04f08011ecc40c8ae9383d33274739ac39f10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0446fcdd21b016db1f468971fb82a488

SHA1
726b91562bb75f80981f381e3c69d7d832c87c9d

SHA256
62c5dc18b25e758f3508582a7c58bb46b734a774d97fc0e8a20614235caa8222

SHA512
1df7c085042266959f1fe0aedc5f6d40ceba485b54159f51f0c38f17bb250b79ea941b735e1b6faf219f23fe8ab65ac4557f545519d52d5416b89ad0f9047a31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
ccfa5c0e85062e3c06989591b6ea850b

SHA1
e39e8868d79b26ca38168012dfd9ed96239b1be0

SHA256
ac7247a821c1a0c7498b007e25b6f96b194e4fed7e12610d0f21175984d20f64

SHA512
403c8763d874b368b2692c9e0b7f0b73e329622d595c383cc5dde283440f866ccce3c0fc93cbeb92deeb8adb2455be05d47c910ec8e76e17f3cc6ced2f76f093

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8bf32ff707c2dcdd77831a34c46f9cd3

SHA1
b796f0c306a71602d89d92d2aeb6bdb85b982ec5

SHA256
132fbc9b047fb545ff79d938d763b1a2a15f09b20e87cd48db0092bd4302b04f

SHA512
08eff6b16d04adce2c49c590bb3e0dd65234795b0733426bcfc3c7283efb782b292c6d6e95ef6b0ec79a22315b806a0fa732a7361dcec0fc278742d89088115b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5b10b619085176f0e49fc5a0d9c309e9

SHA1
dd9a2dc05c27f64c7d3497d3195fe97a453451aa

SHA256
b6f7f097f541ea4d22f3394ee2578c32f53a32aa2258c1f8b53fa12ae3090981

SHA512
8d07684afda1dabb9aa45230309779f26fbe33d83c34ef267ee93c67eeeaa26049da46d22a757e47b4d8abe2fe5b2f01ba57b57e0ab81465668da47342ab3fb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
2555c3e274db297cf175cc9fa436e6c2

SHA1
16afcc588ee3f037579d63227fb1aceaedaf5560

SHA256
db885423ec15a7434f50ae9da7a956f211945765a6c98ec55c1276de0f5f79b1

SHA512
57b7c4c6e9c0ecbc5c68969f0deceb67c571023acaeffa6205f448de7e68e30089003541c1ad15724891ef3ea7f64ba069ad1b54c709e1e0bd804a41335258f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2b7beb7bf0a721109211267166ec112b

SHA1
47302fa19a8340f2bf79642888c836de00b52d66

SHA256
c97f84213d67e8d3b352ebb328b21b8380f7eb9bf5e038d9522047583f31b153

SHA512
68221d3aff5fc5e477fcc90f7119e01ca3e31f72608c538fd787ce3184a3988e83af667f9bd65ee89e31170e807db68e37790e0a7b125a4ed61cbea15976acfb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5df2fa10f444263fbc32c84ddb182501

SHA1
c13d354bd2714f5ab81d579a6adbae8b24ff1a6e

SHA256
c49c5f94c532418b0aa26e1d3d6ae65aed34ac94405d868c02aafae8f04ad334

SHA512
227242f7549f5edc210da94f288d655c3c09443a1127c46af012133276d038c13633e12aacbe2e3e3de7681374e7d25353bace55a99250ab7574c50ceae06355

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7374620cde931302ce951d72072ed7c6

SHA1
48ecb76d70145ca07d1b6463e28b229cfc5a9d72

SHA256
745cc04871077fa84171bc9ac59c4da481e3297e6ab535777e5b0defe7bcf8e9

SHA512
1a7605fb90ebbf80c0983f9acec75c25e1c13c6464365f3331c8d805cef32c56a35ad123b0cade31eb22c9ec710960c5904e9255c45fb8686bb61ed38d7f194f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
c055796f660ab424740cc54770be332c

SHA1
6016e0bf703435bc7ed9af7e20a2770d7238ca8d

SHA256
b748bb4734279f59f34da93e90ecb9a1cb36799eb295fa7078fed31bfa2a5d6f

SHA512
07376688ae4a85e85ef4542bf00461b6ab206cb69203032f8bad50df6c557c545071fa8c42400432616c40871b0aaa80c9d76b11a5879f3cdedcfd923a1189c5

Download Submit