ab32e9cbf8bdb1c5a041fbd95b8a5f6885c33cfbc33daaf4c5ff87be07726c0b

Analysis

max time kernel
145s
max time network
130s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
08/09/2024, 07:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d3d886a3eae17047cd5348846d0d4168_JaffaCakes118.html
Size

17KB
MD5

d3d886a3eae17047cd5348846d0d4168
SHA1

375987adb638c1bafec5ee4a571b4fd4fa65eb55
SHA256

ab32e9cbf8bdb1c5a041fbd95b8a5f6885c33cfbc33daaf4c5ff87be07726c0b
SHA512

b57c8c73d5e6a31a7cce306f096189194e0aeb9beabd3f88647c7ced6cf85299a41988abe8eb4ce1813c052465439e4f7e96883207fa7fb0c9a1ab957c25beab
SSDEEP

384:Eo6XHV39JqfO8aDdRtxdgQdS63D5UZshmM9ag6:EzX1NQfO8WNHJX3D5UZshmM9a/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4736	msedge.exe
4736	msedge.exe
3052	msedge.exe
3052	msedge.exe
2356	identity_helper.exe
2356	identity_helper.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3052 wrote to memory of 4004	3052	msedge.exe	84
PID 3052 wrote to memory of 4004	3052	msedge.exe	84
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 2776	3052	msedge.exe	85
PID 3052 wrote to memory of 4736	3052	msedge.exe	86
PID 3052 wrote to memory of 4736	3052	msedge.exe	86
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87
PID 3052 wrote to memory of 4120	3052	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d3d886a3eae17047cd5348846d0d4168_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffae52946f8,0x7ffae5294708,0x7ffae5294718
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:2776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
  2⤵
  PID:4120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:4112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8
  2⤵
  PID:1056
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:1444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
  2⤵
  PID:3836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,15961551051244675296,14203048490083501059,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4752 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4900

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3372

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3592

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f9664c896e19205022c094d725f820b6

SHA1
f8f1baf648df755ba64b412d512446baf88c0184

SHA256
7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e

SHA512
3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
847d47008dbea51cb1732d54861ba9c9

SHA1
f2099242027dccb88d6f05760b57f7c89d926c0d

SHA256
10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1

SHA512
bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
494B

MD5
081c8d367a9774b804172e289f5ae1d3

SHA1
0d3c3013537ffca59d3107d104a4d25a55f0dd09

SHA256
9c55836f6ab502dcbf23ea29e370aa6be1c71daeeb1e2de970785e28ec64eae2

SHA512
58bc604b72d98af66258a693aa0413baaf720555040038f56a08dd5ec674ae6c80baea4d8a288aec92a22963168e9624de6122e04925d348368a62cdaa6bb721

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
462B

MD5
3d220f59d71ae9ced0b7685128998665

SHA1
a657dc7c0691eb43d47c5b5aa7527bbfc6f3962a

SHA256
2d8d3316e59d4062f0d665138c41eb8ab855b753bd7990d0d1a70c3a1afe34fe

SHA512
cc0e2ff71ea373aac82b41a6662d4824ad638e2eed4b78c546ea687e4f76ba189a69aad279738c8dd11e839ac625e37a0040d8d44c19a33abaf51f66ab1f6896

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9d049f62ff184cd2c0c5d0bda9befc4f

SHA1
33140c452fae8a0c12e78cf85be74f9d209fb450

SHA256
d6e7993c00052e41b4069db32cece0dcd6e6e0dc357b273d4e2ea58b1e66e862

SHA512
1c189a6f619d55629e95dcd93f5716c8cf21b39f0047496fb720411e299f4d2b1222d654bd3f04d24d311d501305ad2b8e440d1a36b665574d687934b4a9b86f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6e51f36fd7e87856050598a8a63033f6

SHA1
c7cfde47f8704a17be89fc793774f76426653869

SHA256
498a724c9b1d7a9a1f5b887996d8737999fb3517d6dfbd2abe02f98753a0dba5

SHA512
b7625c14777776375fdd76d60da9fc8881cf31d05cb3981d3de68e6291ecb537988676b27e006c5a5a406dde0c6c0118fc6cb36b9fe916acfc7623935c8e129c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
45be4896efeb1e77cfd5e61416801117

SHA1
445b487274e7a21ed7550cea37f18c12a10b8ed4

SHA256
22230b1f9c3b81ab9b03ffe0f4a26e25f7ba37aec3283dcb4a310738687e539f

SHA512
36dbae7edd4aadf2c64906f4d9e91eeae760589570524557276312f5cad7a719bed7b0415d93cdd91d92ea2902a5a1b46d988d897fcf51d972241c60f6923790

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
c1fc230d92d984ab1aa99a79d30e7a41

SHA1
0e362d9c029e71d9fa2756c871632950d95c4868

SHA256
4b8b340af1e1b8ca555c78e9a822df5665d1bcf34e95152619cd2437f30cbf00

SHA512
b827e78047f842b649c232f4bff0d0e3fc52d0287c6e442a4c2a80a48d7dcf98edca395e973d36bd91ad7a5d5f997921f3f9289096c31a68fa0c642c44936dd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
626bd686533e220ead8be30f099a1aff

SHA1
9988f067ea1a6e9408a1cc942da5599fa2b62280

SHA256
087e5777dd10cd6c5f196612f250700dccdd94e07d341fec9d0db61d74338dc6

SHA512
f60395d5fd07ab9a657072fe07ab15799a4ee9a098a9e469356f41f6a7d4bc599bfa49d9a76cdca62159644691f81be6f89568ea6a732fa5fbc6e395a264db44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe583af1.TMP

Filesize
370B

MD5
b4bc93123ad6dc43a4a5ed89b3e30641

SHA1
252504f3d27940300f3cc5b64ab961ee4436fb12

SHA256
fa17333c8bb0cad3e8fbbca73fe87d5954023ef90f13c87cb4afbc9fd6675e84

SHA512
4c782acf7e8f2f2675ad3fad82d6795d6d10387015a55bcb53af7d084701654bd659a40f25b59560439e17e97395fdac412828c4764d29602e4cfae014327df7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
c7d518ca6422dec264ffe565f18392f5

SHA1
db323ace5d0029c94eb08ed7e1a0535cfdbea06d

SHA256
172532757fe438aa6914d30d87585b4d224f62135aa82775b517144a90710b56

SHA512
79905862a0d7afcc4d056906a1af05c1a74fd536ff68359a4f1d2d6096594d58632a1cbd2da17a97ed64877728951387545c3714d6013ce00aa9c1da63ededcc

Download Submit