7a88d917284bfc0691bda796d80e43f042eed79df6f010ec438323ac5e88a995

Analysis

max time kernel
145s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
24/08/2024, 15:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bed864ee8f1e017794587b433cbd96d4_JaffaCakes118.html
Size

265KB
MD5

bed864ee8f1e017794587b433cbd96d4
SHA1

7ccfbe992039262f03fbad26f6a73a41fce48b49
SHA256

7a88d917284bfc0691bda796d80e43f042eed79df6f010ec438323ac5e88a995
SHA512

034cd42c5edbb06f546ec674da04288b4cdeda510081cb988ebde99e299089d6f3bd8afc98b24dbacb3547eb5a4fbeefde3a91db7f5956cf28f3da1635524194
SSDEEP

3072:gt91Y6M55RQB1+PcYc+7nl1zHKitSvfT8AKZU2l4oYfAqAi9G1Pmeu9EAKZHb+Cw:q1S+AQ

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2060	msedge.exe
2060	msedge.exe
4396	msedge.exe
4396	msedge.exe
1300	identity_helper.exe
1300	identity_helper.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe
2532	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe
4396	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4396 wrote to memory of 4424	4396	msedge.exe	84
PID 4396 wrote to memory of 4424	4396	msedge.exe	84
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 3352	4396	msedge.exe	85
PID 4396 wrote to memory of 2060	4396	msedge.exe	86
PID 4396 wrote to memory of 2060	4396	msedge.exe	86
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87
PID 4396 wrote to memory of 4964	4396	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\bed864ee8f1e017794587b433cbd96d4_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaba0546f8,0x7ffaba054708,0x7ffaba054718
  2⤵
  PID:4424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
  2⤵
  PID:3352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
  2⤵
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:2196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
  2⤵
  PID:884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
  2⤵
  PID:1560
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6096 /prefetch:8
  2⤵
  PID:4336
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6096 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
  2⤵
  PID:1432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:1840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1816,4217208771475589085,14798596439036516885,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6172 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2532

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2084

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4724

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecf7ca53c80b5245e35839009d12f866

SHA1
a7af77cf31d410708ebd35a232a80bddfb0615bb

SHA256
882a513b71b26210ff251769b82b2c5d59a932f96d9ce606ca2fab6530a13687

SHA512
706722bd22ce27d854036b1b16e6a3cdb36284b66edc76238a79c2e11cee7d1307b121c898ad832eb1af73e4f08d991d64dc0bff529896ffb4ebe9b3dc381696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dd2754d1bea40445984d65abee82b21

SHA1
4b6a5658bae9a784a370a115fbb4a12e92bd3390

SHA256
183b8e82a0deaa83d04736553671cedb738adc909f483b3c5f822a0e6be7477d

SHA512
92d44ee372ad33f892b921efa6cabc78e91025e89f05a22830763217826fa98d51d55711f85c8970ac58abf9adc6c85cc40878032cd6d2589ab226cd099f99e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
7fe9f1a0cc7821c0a0140cc98c78f555

SHA1
2f1401624bd217491f700365737049a39f542142

SHA256
17d6073294cee9cd22a56cf5638d5b77e23c4fcdb3bb31f3509c4133d0b43ec1

SHA512
66402096e1cb33824dcb2421113c37fb9d270b042ee168e7e72927f79321478c8bd6535a54ddf5170c61dc8a00c62b3c46dba533062ab477c2891758ec3cc180

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
95f3b0dc607fb537519955574069ae78

SHA1
c6bb39bc5de364e1ffa9963dddf594247569ebbe

SHA256
991b373ef3937e1bae3e3362d1fc866892578bb76ef1f53ec52d58ae8871a3e0

SHA512
43eabdb5d518b35239f45cc053c88ff94d1df4a43419d262b0e89eff873625268204613cca4464146a9886ae53fe70b1959eec83abd6535749fc57f36263514f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
83941567ab98e33d052b0982093b0cac

SHA1
523f1d7881714bb8b1d7329c2f21af8475819968

SHA256
a4ae138969a0d151236276034ac719704d9a34e15d098e64fe0ae430da25af50

SHA512
c724018eb2880d50d04c7fb925d04293137844bfc7dbdd867a5b01decfef70f94478cc3c5d40583fff3e63ccfcd5f64f362fb501eac38047559602a0e8c51719

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
202ee22b09c40ac2f96795c1fc4101e5

SHA1
537f6dd8aad0f66a7cadc531798a94bf131ec67b

SHA256
113b031ad6389a48fb0b61e84070b11f0d7b8a5c5107c3c13db4548ccaa927cd

SHA512
71f0b152070d6c7c061886081895062faaf384636d6b3232d834cc2d92b5bfe00340eb365984641fbacd0d455466599a59cdfe1648c1d36afa7dd0302ddde06b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ec397158036bb55df8b1ee6b22ce5568

SHA1
f9351022413dfef2840ce54c557fb9e3f4d1162e

SHA256
5765c365919e4e7471b9e20a253f063e67348a8d18f88a91e71a225453b36adc

SHA512
59538dc1a3b21fd84ebc5fe2b43a4fd44f829179d7030bac778c44fcdf5a66824811bd05e20853ed2556a3a61563dc7a959a65f90c389469f7db51240d433518

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
8aed29688dae0f384f616e4ae6ce55bc

SHA1
babab2ed47f7c1e3f4c2c0bc93473d9130907d64

SHA256
b9fd00fde7191804e24769ed2e216a65081848fe525d41d233c0ee267c9ffc9f

SHA512
b764d39dadb5edf5189dc3519a38eb63d543ea86c220ef00f63f0f7229ce48bbeaa5fbb6f6e8fc14ce1ee9748eaa6933b9394e93a5be76a25bc0108fb95e9287

Download Submit