688e075f96404800e79afe58545591771386b5d56e0553331e11c4e227363425

Analysis

max time kernel
145s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19/08/2024, 03:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a96122322084464ab05801f0fd8ad1f2_JaffaCakes118.html
Size

26KB
MD5

a96122322084464ab05801f0fd8ad1f2
SHA1

e77ada4df1e4cdabecaee9d98f8e521560ff2854
SHA256

688e075f96404800e79afe58545591771386b5d56e0553331e11c4e227363425
SHA512

8b0bd9b6a25acb880f037b9caed0f57c93ebeca76812e647d687457f0f24e1e372ae2c2409a1bf7fc7ed05e075c9f00076e4197627ef6f94a5b389ca274a85ef
SSDEEP

384:4+QfPFd9QZBC7mOdMsCBKfpC5IgSnbmFe7AcOr6NykJvAgo0ijAUPd:Zcd9QZBC7mOdMsvpC5I9nC4bIP0ijXPd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2408	msedge.exe
2408	msedge.exe
704	msedge.exe
704	msedge.exe
3984	identity_helper.exe
3984	identity_helper.exe
392	msedge.exe
392	msedge.exe
392	msedge.exe
392	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe
704	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 704 wrote to memory of 860	704	msedge.exe	84
PID 704 wrote to memory of 860	704	msedge.exe	84
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 4404	704	msedge.exe	85
PID 704 wrote to memory of 2408	704	msedge.exe	86
PID 704 wrote to memory of 2408	704	msedge.exe	86
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87
PID 704 wrote to memory of 3444	704	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a96122322084464ab05801f0fd8ad1f2_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa527746f8,0x7ffa52774708,0x7ffa52774718
  2⤵
  PID:860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2056 /prefetch:2
  2⤵
  PID:4404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:3444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:3392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1
  2⤵
  PID:2232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:4628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
  2⤵
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5880 /prefetch:8
  2⤵
  PID:3096
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5880 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
  2⤵
  PID:1900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1
  2⤵
  PID:5248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6208 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1948,4372040884250582891,10261975927739158925,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1988 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:392

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3088

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2316

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
96142ba45f7203a8c4d877b2d70588b6

SHA1
e1d1ac761b3c41ba0a3409d7bec68ca22ae1fac7

SHA256
dac3fb834fb077720a5a79f49add75e37c15bd07ac063b5516061ffc611c334b

SHA512
fe09d408370c5ddfa3264f870118fd2edb2e4184871a8029bb62a438be6da78a8e1f72d176149ce6a4963e9981136dc878aedb1e0c660833482a9850680a4beb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b367ffa3cd6896506992c5bb8b91addf

SHA1
93c9bded12fd3a814e4a87d1ab6b102818a9996e

SHA256
a2e0b202caf41d3a5fbde3824043e423cc9ce0ec9653a9d1a2d23b04c1467b96

SHA512
44e2745fad967ce9b7a2be00b75d6617d441ebe2763d81a8c038d57906b1c94d6d57c930141331c39e032a284b59014646dd9054be213fd973e75a2269466a8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
3787b1e6bfb0640b27e0ef763a5100f1

SHA1
312af1df815cb3f895c800be7ad5d3b0359fb524

SHA256
c707922ec080827c0c7234929c11655d0ca5dafc46e8ae598b24fc30dd66b36f

SHA512
46fe5b9f162ba6193bf22ccf3abfb0aaaa93c82115c3c754417d86e1f002a5f0f6ad8ae170dfc6689084c8bb4a20662374d3946a8afc75df0fb31ef188f463f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
c400390cdbf60c98654d112127cdd0f2

SHA1
99cd801e6baefc389295c0d34168007bf7170778

SHA256
b00c251d1380949b8da9ea46dcdd0a296358ea6fe6d665a64a189938a75b8a0b

SHA512
df53787c4ae9552537e84848366906afb13e12f462135654c55978be6cee7f357f76e29387db4a7ee82ceb214d159eb6e8a599c82fbbf31ed377f810eb7ea4ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
85eab6aa96dd3d2e5f5cb36d07d1801e

SHA1
5a20f1e33a6fef42938929c45145f094de6ca0c8

SHA256
2bb8820254a0466b9efb712153362b4010e8b6486af5b8c7c0f4059eb8f0008f

SHA512
7a5f550abfbaea746c317d9b41c5df1a5ba3e4a2a2dc6ebf9340102fc040eab53328c82d71f200b664742df669d7bbe7ff27edab8d7a51a1b4f7828a658fc769

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
852d886f30a60b001ee9e16d15da655c

SHA1
713ae02473e2af931fb4455db3be07a00c734e97

SHA256
0c05a4e24bafde15c1c9cfa778ac25eb5552c22b1a589b7b473eebc752a6ca68

SHA512
09625a70076a264b7138dc14f2fe81b0e8ad6cc0ecb3cc4f5d5bd73eb58fab1e2528c5e3a3a40837740895a5a694b94b2fa174a8595960ef122823a4132d4f73

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c8f20865-a05f-464d-990d-ec90ce052ba1.tmp

Filesize
5KB

MD5
79c856c16cd80f6d6b3879fea682c58c

SHA1
a226c99064929532c6bd82660c255ab692057dc7

SHA256
0aa5d8110dcc9325bd41aee4b67a407bb8ed7d5bc140052dcf9806720f501e59

SHA512
328df19ce5ae3493f3443e344d10fa2654e1805200dbbd2b8cc7d1354c209dbb336f6a6770b39a3c17fcb149cea7270bfa6c2be98da721cb292db1c4f9338071

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
50fc3f2f4beedeae47ee57e79d930de4

SHA1
cbbf186385351178f3647b5f7455602785176c8a

SHA256
6dfe71815a026b7ffe86d1799e15e6793ed4cc25c1804e80bbcdd525533e103c

SHA512
f222f11e196abcd71f16b7b3408b26efa35e120fe3245ec89c728ff4ab9fa7e3f12dcbd24797de19b0a023d9b81616e21d0847585cc788ba7e48aab1c2c3eda7

Download Submit