c3374f7f3ecc2fc72101b7016e2df615389dfa1ddf0334e46fe71b0c7397ed2d

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
07-09-2024 14:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d21cef6b25bec56096b953a1392e1c76_JaffaCakes118.html
Size

79KB
MD5

d21cef6b25bec56096b953a1392e1c76
SHA1

c4e2db033254ebcbd036d7b0d346d73a4a281f1f
SHA256

c3374f7f3ecc2fc72101b7016e2df615389dfa1ddf0334e46fe71b0c7397ed2d
SHA512

4d32178fdb80d71ff85176e27dccef21889b39e2b6e23cc9121e096a8839bc1843a255d75e894a5959c39854133497575d769863560e6eab46ae0a5b053280e7
SSDEEP

1536:8+3x9PUqX7gyO3d9pfdS2vSGpvUiezqX7gyO3d9pfdS2vSGpvUieJoZ7:8+3x9xUxHF1vrdUxHF1vria

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1136	msedge.exe
1136	msedge.exe
2816	msedge.exe
2816	msedge.exe
1816	identity_helper.exe
1816	identity_helper.exe
1088	msedge.exe
1088	msedge.exe
1088	msedge.exe
1088	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe
2816	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2816 wrote to memory of 3496	2816	msedge.exe	84
PID 2816 wrote to memory of 3496	2816	msedge.exe	84
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 5060	2816	msedge.exe	85
PID 2816 wrote to memory of 1136	2816	msedge.exe	86
PID 2816 wrote to memory of 1136	2816	msedge.exe	86
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87
PID 2816 wrote to memory of 1876	2816	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d21cef6b25bec56096b953a1392e1c76_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffae52946f8,0x7ffae5294708,0x7ffae5294718
  2⤵
  PID:3496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2036 /prefetch:2
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:8
  2⤵
  PID:1876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:2556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:2392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
  2⤵
  PID:3656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5988 /prefetch:8
  2⤵
  PID:1612
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5988 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
  2⤵
  PID:3240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,3231288944823673055,8387529051232626505,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3116 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1088

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:228

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4880

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f9664c896e19205022c094d725f820b6

SHA1
f8f1baf648df755ba64b412d512446baf88c0184

SHA256
7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e

SHA512
3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
847d47008dbea51cb1732d54861ba9c9

SHA1
f2099242027dccb88d6f05760b57f7c89d926c0d

SHA256
10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1

SHA512
bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
e557b99c298a14575955175279893be9

SHA1
c710d367ed80d246df5c62ca0bf016d155ebae5e

SHA256
fe00a5e1974edf792a779b62a3bad677744582913be416983202609987fd1d9e

SHA512
8625025a3d35956de4195a50a9b3225b12ce4951ea6b9562b5b0386ce6af12727fc0138e34d2dc5e61cd939664e3c65fb5305160cd13ca3da1ab7ae9a89000fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
815B

MD5
68cc3c7a16eaf5f7ecb3668363d76a4c

SHA1
066eace1a6350e1f6808b989dd6ecf91d086f69c

SHA256
15a9fd2224567e2fb6b2ddf64d1bb3878780dea6d6679cfc033775661aee5eac

SHA512
df0cbb29e287fdec86a225963209aa8b7264e6b0856e957b7bef766f86eeecc9aae6250d53f24abc6af64952fa7d85ee650c0ca5d1b1631baefe0b92760aec7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
d71bd2ea2d0b0483a47e97d2c5a22b61

SHA1
fd9120faf92d21e360e35864b4c4447a6e29939c

SHA256
2d90579fcdb8a56590d6a03c566811255da250bd0234a88b2046be83f07d5422

SHA512
85f38020a4b554390ceb8ef500cceeab4a4fc6286f41a3247c7e96425ce6601944ac8033fe9167712de2ad2628c4170e98fac2df49486f87bb50b5f365f20ab7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0d135004a21bbd5a2e7965e85c587129

SHA1
1273950b7613a5de874fae2376ecdfeb7f6770bd

SHA256
4df9a0cdd924834a7e40d2503b4241baab961d022ee116af6fd4912f6782b79e

SHA512
0a85c2ee68e8726fd21b861c338d3d4a76bd9eb6c520ecaa0b198f0ba7281fc496fb0e1a284d79eebd326c40d8de472d4e10110040610325318f81dabc0e57f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
235928b593495a7487fafc7d879d10c0

SHA1
d2cd6b08af08540cb07fd5de36cf5dd36d8dcf45

SHA256
78356c0f96f8fe6c1fa7cfc685a771e6ffafecee7a9156f16e4360bdfabba022

SHA512
d965fea827a92169f03120f7431325b6099e06f4bccca19fe9b42a9c802f1d6ece0089c8f43dc85790d178786a374de45873757be553302a5559969b7fa6ef67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
0a424674f9dc5c616dbf7390d1f51bb0

SHA1
2f34e588d3abfa95192b326197d34ed8821e4fdc

SHA256
ed4c7b9ca3ea5f1a2edff9f4142729651d81ef3b74debc69a40f6fe8db754ef8

SHA512
c9470c825f782f9607b5c85bf700de9cb7a915ce91592a81b3612059201919f618be94b24e9a65ee2e92e7b9474e99c21d878518d9d858baf329a22a7675eb4e

Download Submit