6625992f8cbcf9d938562bcbaaf7a19f116e11d531d24102ddd77c74a2b0819c

Analysis

max time kernel
145s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
21-08-2024 22:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b552c58cae0d4ec85da6cdb80c8832d3_JaffaCakes118.html
Size

91KB
MD5

b552c58cae0d4ec85da6cdb80c8832d3
SHA1

083f5b0590314b5c033dff1fc0a83d3d1c3e41bb
SHA256

6625992f8cbcf9d938562bcbaaf7a19f116e11d531d24102ddd77c74a2b0819c
SHA512

a0e6a3b17a6ca6882bcd84a97821b0a0a56ca0521d0c3fa09419781dd1d943d95c23325452e6eeb3d7e1623d8723a487b411e162e82e0e086a9097d89f23e746
SSDEEP

1536:Hlr1qh3fVyYpepYhsEJOiwJ+IMYslmsmlIXiQCGGv4bWVZ9/1liL9CAYIMNAmC9M:+AYHOTXs+rmwEMNdC91B8

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1132	msedge.exe
1132	msedge.exe
368	msedge.exe
368	msedge.exe
1896	identity_helper.exe
1896	identity_helper.exe
1208	msedge.exe
1208	msedge.exe
1208	msedge.exe
1208	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 368 wrote to memory of 4564	368	msedge.exe	84
PID 368 wrote to memory of 4564	368	msedge.exe	84
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 928	368	msedge.exe	85
PID 368 wrote to memory of 1132	368	msedge.exe	86
PID 368 wrote to memory of 1132	368	msedge.exe	86
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87
PID 368 wrote to memory of 1004	368	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b552c58cae0d4ec85da6cdb80c8832d3_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa2e9046f8,0x7ffa2e904708,0x7ffa2e904718
  2⤵
  PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
  2⤵
  PID:1004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:1836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
  2⤵
  PID:1100
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8
  2⤵
  PID:1072
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
  2⤵
  PID:3992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
  2⤵
  PID:3484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3940 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,17759217214736694650,8203620747662047423,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2712 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1208

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3504

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4496

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f9664c896e19205022c094d725f820b6

SHA1
f8f1baf648df755ba64b412d512446baf88c0184

SHA256
7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e

SHA512
3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
847d47008dbea51cb1732d54861ba9c9

SHA1
f2099242027dccb88d6f05760b57f7c89d926c0d

SHA256
10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1

SHA512
bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
212KB

MD5
2257803a7e34c3abd90ec6d41fd76a5a

SHA1
f7a32e6635d8513f74bd225f55d867ea56ae4803

SHA256
af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174

SHA512
e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
e807d3aee204e2b01d615d247d43fd52

SHA1
59facb02a15098b706b9c81f8637bf5ad1f7ec2e

SHA256
20bd09a80316562c5448f4929e559eac09f02e977f951901b17b43313dd582aa

SHA512
fcd8319de546f918da2abb4f4a63513c1616862f7100f82022934cd44cc7a2ba5cd2378443d183a51059901fa41815427b9725a72cf91a17fd6a5d1cedb58c5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
814B

MD5
23ddc4146ac525554a56a73b642c3607

SHA1
597fc4af5aa3675674fe32131e9a6c9951d7eac5

SHA256
8ab23be5272e981a98f43b1459879014c2ae5edb94f58dfac3d7cebee113bddb

SHA512
a1f32e46dcd595c1e145d9fa4835673e5a1046839cf5d864ac67550ebc5dba924f12b73207b8623c466afaabc9d7f1b7a0f27180430120651e0fcdbcad6f29b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b75332e544c2130dc5f43e1f519940ed

SHA1
dc578b317767a74b0f6551a791b153d288aa0771

SHA256
255b86503d13a39e8923c0be2c7437c79ef6315f7e64edc131abe72c433daa51

SHA512
15de45bde2020735274b2554c7b1bf75ef7d974c91006bf60e92ebe5fae202d47a316ab83a11d3157e9df4b31400258144f4c6b37bf74676208aba1ef9b4f211

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
235e0a3bb75ed624749914fff9cbe6b9

SHA1
1ca3f24b898ef549f3d21d96b7abd8f0fa25207d

SHA256
9bd1ed74da14be2970db9636ac9535e928f65177e72d8b1a72caad799f27f487

SHA512
78f64a80774b8add3c21c87e60f99f07fa9fb8a657bbce1953e3a98e580bea05c22f93bcbb503c27aa917f07414145a982c82f0a22312bfd48f843da0ecf1752

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
299ae8d55abf55f82c58883ba7231d39

SHA1
4dafe6f93105ee1dfc672004361d01d1177a6ed2

SHA256
bcbaa21fa6a3ae8e129328d51c053ced626c735e9a4c5ffec509d7c4159f62cd

SHA512
baa38c3a05d4c202f8e6222f31f08a43d1ef1079db3a39b45e642f0248de8311dcc5aa0a82b86da80bca8cc39d0c9e2d4b4a832bc3c72ddfeb47384b1b82f6e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
6eebe0520316bfc045e382231fb3fd3e

SHA1
f6b57ad65975cda7b27f1cb97eda6bd4df437924

SHA256
435e265208241036931f07cdee578b24bdb5a59a6c226b294c9f8c8ce4ebf315

SHA512
75996fc19a5e0279e8b7623dcd934563b83549bc33c333c9579a912bbc37a552426f7d3db03e6ea97dc5afefdda996e04460e799dccd7b0ddbe227130bf1acc7

Download Submit