9040796f431c4b0b0dce6f70c63ead93343042eba352d19071bab6a300237e25

Analysis

max time kernel
145s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
23/08/2024, 15:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bc463460099d07e9d284ffef4ddcf8bf_JaffaCakes118.html
Size

14KB
MD5

bc463460099d07e9d284ffef4ddcf8bf
SHA1

ce4e8d3ce81c5af6b36bac4fd4d7fa88880c6dd3
SHA256

9040796f431c4b0b0dce6f70c63ead93343042eba352d19071bab6a300237e25
SHA512

36dad0bbeb23ceb44a63f679775975978ca93419ac958642107f9cfc65dd23265670cc8035b866addfbcd4d4b3356801deb445abc1ad723765e2a6f29fb80d03
SSDEEP

192:M6Kho5jcJd18fCeu2o2UwgfDIYSDiqpe6rMqcamZTCh2SjSq33pIHXxmlmP3KTA5:MBkciflq2afDIYS/Q6rjh2U533pI42V

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2940	msedge.exe
2940	msedge.exe
836	msedge.exe
836	msedge.exe
2040	identity_helper.exe
2040	identity_helper.exe
6024	msedge.exe
6024	msedge.exe
6024	msedge.exe
6024	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe
836	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 836 wrote to memory of 3728	836	msedge.exe	84
PID 836 wrote to memory of 3728	836	msedge.exe	84
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 700	836	msedge.exe	85
PID 836 wrote to memory of 2940	836	msedge.exe	86
PID 836 wrote to memory of 2940	836	msedge.exe	86
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87
PID 836 wrote to memory of 3432	836	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\bc463460099d07e9d284ffef4ddcf8bf_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8ef2a46f8,0x7ff8ef2a4708,0x7ff8ef2a4718
  2⤵
  PID:3728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
  2⤵
  PID:3432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:5048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
  2⤵
  PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3868 /prefetch:1
  2⤵
  PID:3760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
  2⤵
  PID:404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
  2⤵
  PID:1060
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6076 /prefetch:8
  2⤵
  PID:2972
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6076 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
  2⤵
  PID:5220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,8921975687401768689,8122917368767119381,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2248 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6024

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4704

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4804

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecf7ca53c80b5245e35839009d12f866

SHA1
a7af77cf31d410708ebd35a232a80bddfb0615bb

SHA256
882a513b71b26210ff251769b82b2c5d59a932f96d9ce606ca2fab6530a13687

SHA512
706722bd22ce27d854036b1b16e6a3cdb36284b66edc76238a79c2e11cee7d1307b121c898ad832eb1af73e4f08d991d64dc0bff529896ffb4ebe9b3dc381696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dd2754d1bea40445984d65abee82b21

SHA1
4b6a5658bae9a784a370a115fbb4a12e92bd3390

SHA256
183b8e82a0deaa83d04736553671cedb738adc909f483b3c5f822a0e6be7477d

SHA512
92d44ee372ad33f892b921efa6cabc78e91025e89f05a22830763217826fa98d51d55711f85c8970ac58abf9adc6c85cc40878032cd6d2589ab226cd099f99e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
212KB

MD5
2257803a7e34c3abd90ec6d41fd76a5a

SHA1
f7a32e6635d8513f74bd225f55d867ea56ae4803

SHA256
af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174

SHA512
e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
d7bd78bd5451ad95361a1da0b5c0010e

SHA1
5c67954b7a6862ea5cddebbf3f78967d1df9e0a8

SHA256
ee9afae6009d2dbc3ac6729c797e31a7fe4608e3ac1aa7a4df779997098d11d6

SHA512
3e092af9e2a6d712d5de7e39a5cfcc17ba348f4ca65cafb358b5ca0517427633b880886ce1a3b03dcfc54293d2c1c2a1d1221eed90bd2e02e92211c16290287c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
3eb0c1c2e5b5e0991bcf095e5dae5b9b

SHA1
1544d2e4ef801c2a357b290480ee916b02245c16

SHA256
b282f32b6ebf382276d5f15d73cd944fe8e5d6def4b7cf4e7b5fca05ae8126b6

SHA512
4b3ecd7628507321dd0b6431749857f52050d4f640b9830db1034c46db3881000e150033db10673deda76be349bd8dcc9e429e44bff89d0cdd23c6e3976eea50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
027ec4bc2c7041d34d8a61ce8a127652

SHA1
9405a51c8a610404e6b0bb694c6bd46ce352069f

SHA256
7dfddb7c63a90885b9d5b6bdfe4bacb2f51cb2aff44f92a791334c7e5bbc252f

SHA512
a8f415e80e97f32b25cfc76a60292945be8b388ea2ab940eca87e830b49c4207997356cbef9c594dee546223327710da8b0fb33f88186599a2d61aba0c979c57

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ac58a922a89677617fc7dc49e9a461de

SHA1
4c3e59d016437cb989453fbe0edb8ce565a6ada2

SHA256
8fee5ad5b918d3f75eed85b8df575de2bc55a2ae971f1b4de6783d43a677660e

SHA512
060107493ad914f899cbde46e313e722f39c663d49408d0f5dc22dedf7bcaa3be13fd9c3dd23ed9e03c97a11ed88b70c0736a65976ad682e6081c6581b9e46ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
443ae7bcde865285c9ebc190d277a96d

SHA1
666eff1e8bbebff8fbb9ffcc28f0238668f021fd

SHA256
495a62841e936b8e9f39dfa5f39a6cb867d5c1f45fdf14b2ab2479c12f0ba9c6

SHA512
368ad5ed1a3cc2403df9135b75e91f9924549fe9bba6be1c05b11817d3cb747d45bd3a861feccda6b3b54f5408ff3ec1f5b5e020d9359367ce3a93d9c3df4904

Download Submit