87a3735f5270956a3b73e4e92b4a700606077b31585f1472162a80d290626aea

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
25/08/2024, 17:33

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

c13b651451f0068e24d00a4f23b632ae_JaffaCakes118.html
Size

153KB
MD5

c13b651451f0068e24d00a4f23b632ae
SHA1

dca282f7fa0f950fc07d3e9d75268bd38709c53b
SHA256

87a3735f5270956a3b73e4e92b4a700606077b31585f1472162a80d290626aea
SHA512

f42f8c6efc03fbcd8e1f5913411a1266fc48affaa647092f15e8e4d1eef325e5461dd202b12304596b539245d3e76da76185366eda04abda587c18c93e7e09e1
SSDEEP

3072:QIA6UcjvG8rMUcXmNRS78jbG1li7J4Gren74tfXF7zWEjImD:I+GXmNRBi1bCV

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4944	msedge.exe
4944	msedge.exe
2552	msedge.exe
2552	msedge.exe
2684	identity_helper.exe
2684	identity_helper.exe
3872	msedge.exe
3872	msedge.exe
3872	msedge.exe
3872	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2552 wrote to memory of 3584	2552	msedge.exe	84
PID 2552 wrote to memory of 3584	2552	msedge.exe	84
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 392	2552	msedge.exe	85
PID 2552 wrote to memory of 4944	2552	msedge.exe	86
PID 2552 wrote to memory of 4944	2552	msedge.exe	86
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87
PID 2552 wrote to memory of 3332	2552	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c13b651451f0068e24d00a4f23b632ae_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8e0d346f8,0x7ff8e0d34708,0x7ff8e0d34718
  2⤵
  PID:3584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2296 /prefetch:2
  2⤵
  PID:392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
  2⤵
  PID:3332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:2264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
  2⤵
  PID:3468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 /prefetch:8
  2⤵
  PID:2468
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
  2⤵
  PID:5112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:3104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
  2⤵
  PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
  2⤵
  PID:1512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2284,16713758269238158159,10387534829746270576,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3176 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3872

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4376

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3440

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
21KB

MD5
c3a1bf5fbff5530f55ad9f9fa464f25c

SHA1
449a621b775cbe1d3ab69c54a0e18c0ccf6d6caa

SHA256
4ea6b3a39d794db93d1084770cc340272f8e5ffd5cd8d0c05c1f5841e5dc13e0

SHA512
75aa617b33be2eabe9f67166d14939d58abdb2396b9911dc7ba612130d2ba9adfc90a3cc9b6de4dd6cf8731c90f2ca74b7f9cfaf4a9d0bcbf90d03c907e45a54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
b5217149939fb734187e7e0b17781ae2

SHA1
94822695f91e9d00d3a282c0006548b53d1e7197

SHA256
c57eaf98e69bf331632b10f14ee5975cd5b5c82a1e50ee784edce13e1266092a

SHA512
27f380445d37d1b08ce556c9407036647e0d2eac1db28e814800493b086954712e219dad8d4df11cdcdcffcc863edd04a32d356b54c7c528738ec3f3411c344d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
6c6d5db40a95ded09ccdcc57a9e7209c

SHA1
aea5e89c3ec322e42605397ac03dfff3c95cc02a

SHA256
96a14f1b430f5903e206f39deb31944a883dfcb1ef43410fb6f0e8c404008f9c

SHA512
c254eb3c5c57ad2a596af92af301eb9cc5ea7c4be97623457de95af1a0c5b09b8e4ab55d6e01ede9facdb4e1e31177f3a07a5a08bd70375fb83feefbe832e59b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
50c19bf9acf1beb89559aced5ffc3bd3

SHA1
00448d91de11d48e44dbf7525705babb1255301f

SHA256
cb85fc7178903cbe85990227105e348ada853dc73d6ca3aef4d5bd18346e5eac

SHA512
b52af34cfc63eaf8c5378f4a6609db21db20be3080b58f50adbec6f09eb2f4f6ea6cd0dfec69b03b5f4e751630e99201d3ee652d289163ef7232366e670f479a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
49e080526992f9772cb18194163a7b2b

SHA1
a832a72b9d53f4f5899669c34053923686d3b386

SHA256
bdd1ca852b37dde25f4c7711de825e17383c09cc9f6fc3a4772847d5a3efc032

SHA512
5a890c5df37af9006702d8ce01ac07a6051fcd7a80a2d7df07dbdea254484bbb603c0f6a6781fce0a2b7d4740d7c600ec650d686f4eb12c3f9206d1fd24c09fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
69ac659a78a0c7e1ab5897ae6a384c6b

SHA1
0530ef7eba56f5aee0dac4c48c207857fbb31af9

SHA256
dca49d4fb0cf0efc21812207626c221d236841d4899b2881196205f35f4fb7ab

SHA512
e7b3f9690dc1854926d072f08f0c3e8ff7e8f0f0e47b6cad91ccda6f37346d3165c5a79a6a16e42ba2184cc97b8773908fe2cdaabfdb552bf36f298265f0694a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b59db35c054789e2b8cf2b1fd674b190

SHA1
3042189609937da6fac76b4e0634461738ed6fd2

SHA256
e561b0b6083f409e3db417bff4d27cf9f20a3f414891e95f596f5a6c370b84e0

SHA512
e38e681ab52caa1c1d8e10aed1bac0edb2d24bb596b7c5444d48eb427fc80c21a4566500be4c60ab3ec10670526fd89af1e12da7cd2ed9250ed8997e5352005c

Download Submit