876fc5b1ea294beb68a7dd1a26f8eb9f69b1a15eee926700f69712a8c62d80cc

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
07/09/2024, 12:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

d1f7d50a168fd1e4cbef3cba640e0456_JaffaCakes118.html
Size

123KB
MD5

d1f7d50a168fd1e4cbef3cba640e0456
SHA1

c625013fc53cb6832f80efbbf66ae05d30695556
SHA256

876fc5b1ea294beb68a7dd1a26f8eb9f69b1a15eee926700f69712a8c62d80cc
SHA512

baa5d84ff347245fc7662a613bf61b1dfb10ba0384b9746504f1fcf5d702c96171319a7b38d416f7fb38764866de9beef7fb6a3e102b01a1fb0b11a594cf7dd8
SSDEEP

3072:xFTPyDGHJV/k8VYMks3IbXwJL/KwQNsRVrFeCbNaJVBPKK9lQFKwhkKUX3w6c0dg:VHJV/k8VYMks3IbXwJL/KwQNUVr5

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4480	msedge.exe
4480	msedge.exe
2492	msedge.exe
2492	msedge.exe
516	identity_helper.exe
516	identity_helper.exe
4728	msedge.exe
4728	msedge.exe
4728	msedge.exe
4728	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe
2492	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2492 wrote to memory of 4992	2492	msedge.exe	83
PID 2492 wrote to memory of 4992	2492	msedge.exe	83
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4920	2492	msedge.exe	84
PID 2492 wrote to memory of 4480	2492	msedge.exe	85
PID 2492 wrote to memory of 4480	2492	msedge.exe	85
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86
PID 2492 wrote to memory of 1016	2492	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d1f7d50a168fd1e4cbef3cba640e0456_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffebc3c46f8,0x7ffebc3c4708,0x7ffebc3c4718
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
  2⤵
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
  2⤵
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:536
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2604 /prefetch:8
  2⤵
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2604 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
  2⤵
  PID:3924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,6821705723565726191,12238787936690463651,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2600 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4728

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:720

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5052

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecf7ca53c80b5245e35839009d12f866

SHA1
a7af77cf31d410708ebd35a232a80bddfb0615bb

SHA256
882a513b71b26210ff251769b82b2c5d59a932f96d9ce606ca2fab6530a13687

SHA512
706722bd22ce27d854036b1b16e6a3cdb36284b66edc76238a79c2e11cee7d1307b121c898ad832eb1af73e4f08d991d64dc0bff529896ffb4ebe9b3dc381696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dd2754d1bea40445984d65abee82b21

SHA1
4b6a5658bae9a784a370a115fbb4a12e92bd3390

SHA256
183b8e82a0deaa83d04736553671cedb738adc909f483b3c5f822a0e6be7477d

SHA512
92d44ee372ad33f892b921efa6cabc78e91025e89f05a22830763217826fa98d51d55711f85c8970ac58abf9adc6c85cc40878032cd6d2589ab226cd099f99e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
844B

MD5
58db8ecf711427434a1d484cd903d910

SHA1
81f0915b103914a576e879e96b32f85d55a37dcd

SHA256
cd2315c753808f3f5f50efb048c7ec2ce806e07a5ee43a0fb12f98d2d2913754

SHA512
f5c425d09114ca278e15285e6ef4d3aa3c18e590e31f7b471be00134454ed1505a4ff33c5a49130d5bb52af81ea6d230b64fd0dd5d158ccecb3a2195fcb17007

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0103f638483caf0d6efd140507d25e4c

SHA1
1581cd50bcd95916e305c6b200ffb3469ec9a618

SHA256
e434f79d7c0cff69001ad9fc8f2bb33036b36778a0547ddfcab5621b9cd7ad15

SHA512
7a11eb188d6873069839713f4cc6437ba57c3de2eafa24970f77749df882fd528db4a56d523d0c00855323c144478aef8abf93160df1ffc224d55d683c6f0716

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d8cd904b6c7724a429a98ce150dade8a

SHA1
e4c3c7ea7248ed2453905e22dc6a93da349dbe70

SHA256
964069ea23a4ad5a596ef8af711b1b014e06715a2c2cbca53f17e2eb7306172e

SHA512
866db0e58a51dcbdcfc587deadad4dedff5b8ac1eae352301458f7d7b585dcd1b4b18781deeaef8c09a8f922393eda9e020862afb8984b9283c09c044c0cd56a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
50f5d3e9bc1b10607c470707f925e167

SHA1
425ef55c48e758768729d4d0cc03b99dc96b284e

SHA256
a6b5d33a07cd5dcdff8df1c5fe3578125f7fbaf68b861378b8cb943400e70ef7

SHA512
17d656863d243761edb68fc721711403c60e2e25004b2900db9ea959760f64e149f3bc1347a9fee7067adb9ab54450d7d871b84fa2124dd2e672bfcfb780256a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
8051849a1e2128a5c3d9b0e4d24de937

SHA1
e0132fab3b2da23f56a202c7d314f1e05ee815e4

SHA256
94d256a17f8072b94e0d56d2ec55aba015cf64bc797e56e47c7044421a7944c8

SHA512
60e8980db4ab3227ca45b3b40c7f0c009470e94ef3051395a0db63437b20ef38ee24c0e191209c10b06919b97895c844cf96fa86df2bd4749f978d5c6dd1771f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
540B

MD5
2ae64a44ec935b6a832ffb885fc8b576

SHA1
d51a4394d794040b2b97b425b9b32ad7f3f5df54

SHA256
5101fbb383d6d87288079f24a98a1d81c0097ccefb5ff3406d52d432d7b5630e

SHA512
3e4be7f6201c7548cfb7774ec14bcebf88cdf49df86316cbe0e74021c513a473505cbb2522464884f9f948cb436cecf05987b828b2eac7fe318458df4953ebbd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
540B

MD5
6c19f7d43e8a4a9de336d14d0b559f43

SHA1
872ae8c42a7053a1e11e815f1a4e543ad99bc937

SHA256
dd4603aac012527aab5ea2c9a1a5411482b580d20749fc24e91b9c315ae62ea5

SHA512
4cc55b0f80a6382b7652f7bc31badd6eaf4e207df8318c0bc7bdf8565694919cadcf4f3d323fac6ca930893dac2cf1a7121ff86d4538201fd285c12188ac23be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582e2f.TMP

Filesize
372B

MD5
1e93e41c2e54972f7c8bd2081d1c85f0

SHA1
76a24ebfdaf4e879c3744b9dc13ecb36c48f0c1b

SHA256
33a698aaaf11e3d4bf2f023ce67aa4b0f86edbb770ca78f65bc6f2ab4856459c

SHA512
befaadbedde9c9a4e251949196eea4a854feb03ea11f7df77c861abfb65422dded343953657491784ded9f91dd66eaca3a85f4872d0b7ad60c3fec76805b2306

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
3c95b81a13e3b9943a806d817052f89e

SHA1
37f82b925f4de8ecc0a98d523b1d26b54183b68a

SHA256
4df429c9d159618dcc004d23d7c7b180e24c3f3ab57190a021a1199415cffaae

SHA512
c003c8525b845c08707e0a718056adf0a46147ececebfbd31da20bb327c10947991268c37184bd168de4759eb1a3535a535017d264c1644735305b23ad1fc14d

Download Submit