9d7a9f6fa791fa107757d7fe7d5e8913fb06b24e27a46d77323530dd8803f4ac

Analysis

max time kernel
145s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06/09/2024, 04:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cea9e7ee60cca58b23605f1f19e386ea_JaffaCakes118.html
Size

87KB
MD5

cea9e7ee60cca58b23605f1f19e386ea
SHA1

214930e8f3bf9f59b78f441a4598065ec1bbd4c3
SHA256

9d7a9f6fa791fa107757d7fe7d5e8913fb06b24e27a46d77323530dd8803f4ac
SHA512

b1d9e9fbfc9a0488b4549a476622b94ad326f9152c45d8d9353e9fe24260844f91207cac81726ee851998ce229352e889807fd4e2935640f778208ed11767da5
SSDEEP

1536:MFoXHH2lEvF9QZH63mPg7xITfCku3hAxRBv:DHWaN9QZH63mY7xITfC3hAxT

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
984	msedge.exe
984	msedge.exe
672	msedge.exe
672	msedge.exe
2012	identity_helper.exe
2012	identity_helper.exe
2236	msedge.exe
2236	msedge.exe
2236	msedge.exe
2236	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe
672	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 672 wrote to memory of 1112	672	msedge.exe	83
PID 672 wrote to memory of 1112	672	msedge.exe	83
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 4596	672	msedge.exe	84
PID 672 wrote to memory of 984	672	msedge.exe	85
PID 672 wrote to memory of 984	672	msedge.exe	85
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86
PID 672 wrote to memory of 1680	672	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\cea9e7ee60cca58b23605f1f19e386ea_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff88fe46f8,0x7fff88fe4708,0x7fff88fe4718
  2⤵
  PID:1112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:4596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
  2⤵
  PID:1680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:4468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
  2⤵
  PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1
  2⤵
  PID:3028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6148 /prefetch:8
  2⤵
  PID:1896
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6148 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
  2⤵
  PID:768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:2108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
  2⤵
  PID:2700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,12390167895732806010,16011396091716352616,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3896 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2236

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4632

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2264

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9b008261dda31857d68792b46af6dd6d

SHA1
e82dc88e2d1da2df7cb19d79a0346b9bb90d52b3

SHA256
9ac598d4f8170f7e475d84103aead9e3c23d5f2d292741a7f56a17bde8b6f7da

SHA512
78853091403a06beeec4998e2e3a4342111895ffd485f7f7cd367741a4883f7a25864cba00a6c86f27dc0c9ce9d04f08011ecc40c8ae9383d33274739ac39f10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0446fcdd21b016db1f468971fb82a488

SHA1
726b91562bb75f80981f381e3c69d7d832c87c9d

SHA256
62c5dc18b25e758f3508582a7c58bb46b734a774d97fc0e8a20614235caa8222

SHA512
1df7c085042266959f1fe0aedc5f6d40ceba485b54159f51f0c38f17bb250b79ea941b735e1b6faf219f23fe8ab65ac4557f545519d52d5416b89ad0f9047a31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
ad51733b375b61e4730148e330e4bf0c

SHA1
c15278c39fc7f62e816ac8e04b1e4d8fbb774b92

SHA256
df6e893328aad55ae3c9d8a98529136489a6dbea3baf8fb4b075db2d8a4ebb34

SHA512
c9e073ed97137e6ea1ec902d9187c22809d3edcd1a34e0c5c40fa4209f305fc1b456d05c79661fa7df6de8f500225fa2ca811a3d464fcc45d64d9e42c6ea48dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
943B

MD5
442a415b01c0c3d6da6cafe3a9d12487

SHA1
44d47a86a7cfe77c4f6bc617385ab1c6a285eadd

SHA256
627e3e3497474377368da1e88ddc064726c776c313cbf415df86106ffe71eb03

SHA512
7a807e2149d3a1bb49acb39a5038fd8edd6c51acf7c4bebecfc138ad78b6b7c5339a6412d859739f900ee22a9b757bf2b90746107278cd1a226c0aeba4d7c6ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
708B

MD5
2a88ca8caaf4c26e2a8e570cf60da36f

SHA1
75f7ef0399054117fa07781e98c2121436eb2dc9

SHA256
cf850c8002e4f6acb093018ef5edebe19e43a3c00b8955aeda18a3da503211a9

SHA512
fd414ea1d2022bcfd03bebc7f0b389a03f2108116d21a88bfcb7eb302bfb5698263bc7e71269996dcd954b6beaf00c7495d174bb54d3a4c985a7b469a4019bee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
59db3c5d2d1ce930ef241a3511d7efd8

SHA1
a83edaf2daad45857aa045bbe55371ee2eecead3

SHA256
129a5d92b049b8d9c2b78ba574ec8005f7be170493658a80c18070f0aea0ed01

SHA512
50eb5ad412657537e494f34852f994055f3598b6d15ff3a2e983b672640500873b13a78cedf2892db24af42d71469a8bd301c82f05fc109e45a849458891f1b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
52c1b9ea1175db3d1562baa1c264e1a7

SHA1
9c5ee4ccb48668f076a125d1caafc7c4cd77955f

SHA256
c75d87aa65751d67d4089160cf966700ba716b48b48ceada90dc0af98485a5f5

SHA512
b72c88ecae08e73b7d57d826e81cda09ba387d650a066b89c55aaadd109a2379a6a6b4cf7362d410adc7a4d016df4a45bee6332c9526dea16e8bcc9fe6a28544

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bb9a2c6243152cb1fbcaf8ac25b7f60f

SHA1
43f9508a495c0dc5f365a9b107869b04f35df3d9

SHA256
d8ab2bdf16f2c3697e43a3fc43c6c70a9c1bdcbeda62f6ecef45b050df06f8a7

SHA512
78200b18d7ed3e79951880dc67ecea9ff909e99863469130f9d26dc6c0684ce3365efc4e1f9e95ee18bb934871da59ec58077d4ca68bcd6584b4b60659f467d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
0864fa5728f0b03f0e841d0bb29591e9

SHA1
ef4985656f8327bf69b7cd7f287e822b00d02934

SHA256
9f3174195d79d984bc22b785b9f622b79180f3eb1558be017be46055e4df3d39

SHA512
1a02acbb4cd0021f8e0e0ebfc47087d12af14a2daa9d16afc7f8fcba3ab64ea1dffd41f8306035e2566b9c8c2ba236f48b76b43564921a8a1939405af52f4119

Download Submit