5b2f8cb700472813b009e01910df486d6bf2bc8de2f0898de35e59dee5f6c574

Analysis

max time kernel
140s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
07-09-2024 15:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d248320d006b8803685314dea28f08ed_JaffaCakes118.html
Size

40KB
MD5

d248320d006b8803685314dea28f08ed
SHA1

1ae43e352dd2d8b5871d3749633154ec471610fe
SHA256

5b2f8cb700472813b009e01910df486d6bf2bc8de2f0898de35e59dee5f6c574
SHA512

a869397d4a8422077f71c19863887f3cd98cc60c97c40f45249486339bb497ca072a2cc522b14640accc9e259a36f7e34754d1aabb9a83e27a21186777816e6d
SSDEEP

768:CF/bf1bVKLb2vbyTenI/F9bQvoDEMjoGeQ01Jq4JNYAX2V0NtP:CF/5JKLSGTenIT8voDEMjk6IZGGjP

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1240	msedge.exe
1240	msedge.exe
2592	msedge.exe
2592	msedge.exe
4836	identity_helper.exe
4836	identity_helper.exe
1860	msedge.exe
1860	msedge.exe
1860	msedge.exe
1860	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe
2592	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2592 wrote to memory of 3812	2592	msedge.exe	83
PID 2592 wrote to memory of 3812	2592	msedge.exe	83
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 4032	2592	msedge.exe	84
PID 2592 wrote to memory of 1240	2592	msedge.exe	85
PID 2592 wrote to memory of 1240	2592	msedge.exe	85
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86
PID 2592 wrote to memory of 1296	2592	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d248320d006b8803685314dea28f08ed_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8cd7946f8,0x7ff8cd794708,0x7ff8cd794718
  2⤵
  PID:3812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
  2⤵
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
  2⤵
  PID:1296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:3172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5336 /prefetch:8
  2⤵
  PID:2576
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5336 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1
  2⤵
  PID:1248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3836 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
  2⤵
  PID:60
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,1507538264305594583,4891806337277276141,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2832 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1860

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1044

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2696

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
0ccede87a3818916452e9b2ec328324d

SHA1
b287fed987801bc12afe023d97183f5b11c96c9c

SHA256
b550cba8a92a6228e0ea7aa9240748f00f333002b9ef71b053bcfd41bb1a6042

SHA512
8d4e0e0f4d860977c8b43c1dd9376e70bec789706b79567a9eccea6ebb71ffd1eb0ef18285ead3e385646bd872a05dbb53928783265db3e2e91b452dd2005a69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
985B

MD5
673874bd8a11b47419e7899a7a8018af

SHA1
982cd0a96289345722f1e7b250d7768238d2c603

SHA256
531527a424b6f7d5ad99566477842da3a0a2aba4b50ac60b2680a68284521e6a

SHA512
b93cadda9ef082143860e3f5eeeb3a3cfbc1dc0a9eadb968b3b766340793dbdbd0ee7b20b228829b63f5ba7ebef23f9331b28b1af41daa21e101d66c96471e8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
032b252df51915fe7eba7c4fbd884728

SHA1
0350a732b5e71e85e326b75f240f6ef16b8283d2

SHA256
987d5fe9546fb147ba3b1b66c3b31908dafa2b6d94373e887eed1fef1fbfc3e2

SHA512
a3e20834e038f8f2c5789b73366ad6fc987858e7540566f41909e4b99c941074a205f337f8eba12d20d7497b2c306b1718f9ab9deb02d6c1e9314b14101023cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
be1048be9c509c5bcda3ba70e2ce6073

SHA1
fb5cc947b84a66553700c6859c108398341cdbd2

SHA256
eba5d5099cacd00f2fd65e29e805f866914355a993fd479d8e006ee62ef4c57b

SHA512
79ea9c869fc084cbc8f7a61399a5554768882f4e9e0c88863b9c0b44b649078c40d762986c3c27f9c2454f85c99cc330035018d95a8690d6148dee459c106ab9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b3ab1fe0584c667d8f8323ee8255568e

SHA1
b58db7371ee3797b7737cd9c675ab5b88cc8d9c8

SHA256
dfe62d085be44eaee0334f409b636b1d331859669737003fc228ae2cb198763b

SHA512
01bd4f9c3fd6545c0c99eb8096d0dfb3703a1fc4e2f1f6322b447dd5099430302b967b40085b25390e2405ff6e70ac94192539b05c1bf9f4ba5dae3f9e6ad06b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5ce05c152f216f0fb686cd747a0dd250

SHA1
338bb1a8b9a84d2d2a36ede6d31bca2d41985777

SHA256
bf5fb7f2833c5ffefb5092efa440c18af2b57a0dbb917396f03cace923176618

SHA512
f0fb394432730411ee756d9086ffc8110137f1cf48dbd441aa4d1c1932b60dc1318e975c96bb0559f05128294c27b6e8c855cca9e230dfbbadb6b0e2fcd53de7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
9d178ec9dc3058b921b9153dda064de4

SHA1
1482ad955d726dc613cba7ed5b13bc7c4ec65c23

SHA256
1aa7ec4a1f17180d37d402efcd495403c1434be7eeb738282238cf48388e8f74

SHA512
744d7ec913fba1abdc1f5ec96c80565483d429672cfd62d26e5fdaf811eac9a3c56eef56d2318615bf9c0b3f12d45d8c324957943954b005f78fb2c6ea0cea83

Download Submit