adf950b65149cb4bb6d97ec89ae9d454c51a3bcc75b818dc7c9f51d88f3ff263

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
13/09/2024, 06:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ddda33b04acc7e5e42181407177f1572_JaffaCakes118.html
Size

36KB
MD5

ddda33b04acc7e5e42181407177f1572
SHA1

56e92da94331664d298ea612dfdda1ac8278cd5c
SHA256

adf950b65149cb4bb6d97ec89ae9d454c51a3bcc75b818dc7c9f51d88f3ff263
SHA512

ba2ca5e1b774b2df774a22bb68657f7f5cb243dda4ccc3d593dccd2382cddcc5f8700d2efdbc7466b9eab3b1189680810eb2fa9b38140bf303d556c9777157d5
SSDEEP

768:W27vfC+0139G0rg0uS5WZu7BkmO4SuSFjkVGCngd:ZvK71N9c0UZIkmxVF4

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4724	msedge.exe
4724	msedge.exe
1704	msedge.exe
1704	msedge.exe
2036	identity_helper.exe
2036	identity_helper.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe
368	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe
1704	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1704 wrote to memory of 2028	1704	msedge.exe	85
PID 1704 wrote to memory of 2028	1704	msedge.exe	85
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 2364	1704	msedge.exe	86
PID 1704 wrote to memory of 4724	1704	msedge.exe	87
PID 1704 wrote to memory of 4724	1704	msedge.exe	87
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88
PID 1704 wrote to memory of 4268	1704	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ddda33b04acc7e5e42181407177f1572_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbc5b746f8,0x7ffbc5b74708,0x7ffbc5b74718
  2⤵
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:2364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2408 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
  2⤵
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:2528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1936 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 /prefetch:8
  2⤵
  PID:2820
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3872 /prefetch:1
  2⤵
  PID:3296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5452 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
  2⤵
  PID:3924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,13529044228042202259,7866380054892157454,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1
  2⤵
  PID:4788

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:676

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5080

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e4f80e7950cbd3bb11257d2000cb885e

SHA1
10ac643904d539042d8f7aa4a312b13ec2106035

SHA256
1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

SHA512
2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2dc1a9f2f3f8c3cfe51bb29b078166c5

SHA1
eaf3c3dad3c8dc6f18dc3e055b415da78b704402

SHA256
dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

SHA512
682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
3e4b68512e3300cf8f010d586cf162e0

SHA1
913ed0ec416c2c1086736195c5e1d5a2b0be413f

SHA256
35f47c8ad2aa07e9ca83c14e683e08fa7c6b8546061848bb04ba05ea8c95352f

SHA512
a46aaf8173c93a25bef097a1f0f2af206632d2fdfb5e6aa2070a6e89e5a939ff2beae5317b2f4d94de22e6140e5405e74441818bfa3116c2ec6de15bdcd3028c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
770B

MD5
b7af73134069b5180b5c5607c5f29dff

SHA1
14f5fd7e999461941df36a64fd023b5599dd3a15

SHA256
cd00a11445ede5ed89484d0c0e4db6fbd2de8dd115ce7472dc5a51e9d54debf0

SHA512
0c22f3c70cdaea71133f4f59d5e586becf340c54e46526732e4adbe17906d6ab30c13adacc0d8efff2f31b89045bec87af86b37f285139813bb39dae2f3337cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d915b3f044a099dec05517e50675fdd9

SHA1
7bacf0f1668d36bfebc3490ff9141c2cf0080528

SHA256
70e64fb4e3f5e360143653bd97dafd1ea23f51a7897967c453e0f79f855309ae

SHA512
102e18ad97592642c8d8705fdee0937cc9165762414612157ec833ff7ad7d20d37b4831ea7a6ed3b722ab50dc73fe0f0d16946afc34956b5fc8860109a45a41e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
018f44b4097c7f15f188ce118ba89bed

SHA1
3db4340de3fca8f6a4978254123a47542d959489

SHA256
f097209ffdf38ca5e1ef3951d60b485ecc0dae51f68dd73ece57c4134998b5d7

SHA512
1a8cc1704552ee83239d535e9d6a388485d15529b3b2a3d8a90ebc078ebb1848b6666c4810ef5e973342fd461ec2d874fb7c48a0c97fb51f2a477c1fd6b4141f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
32ed4d262bb5f66379d5e3621df03187

SHA1
4a4ca0154137814484cf64a250eead9d8f3dc27f

SHA256
58a0dbd4323c4789c912e299d153c0d9aa41ea524a64cc2aa12bd2461fe3344c

SHA512
7619b2ba68d26e55291fbf819fb4df35e51c8d4cc3681f97a4af72c6fd9a749d539da6327fd80e9b9ce6fb19de744e2bd2523ff1469d272ae688b10b8dcb201b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
fe515c59aa66a7ae4a3101d9c15380f5

SHA1
06a34e8b57edc2fee9dd77a0ff0db2b412a4b5cc

SHA256
dc361a68777c6dd056e53dbf5d192ec88bb4212e883f20db60496ca4ec6b2e95

SHA512
d6a7a42abde09b9970efc33f42cd489e54dcdffa2e45617668c57a8161600f1982a852d1c86ab49aba18688af38e6aa6564ca976080d0c3ea40174b6e0914a4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5857c0.TMP

Filesize
370B

MD5
51a76329e196065f3d5f1e8757300e9f

SHA1
18ac6ec857ad1de38398d3a4ba4e19a7bc9bb051

SHA256
e2775e5c6d3ad1a26d831c635e98fefe7228c6dbad0abe370408d9eccf3b8b77

SHA512
70b0a5d4f2df4c6999819b9ff40860fbe0b247e8eeed111398236f06f53a5ed44887f4796f73ed7acc9c40e7a421cd8a226c531e4fa87da0bdd4a88b9530020e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
59e69c2c84b9b0caf3333a6ee0522d11

SHA1
11a5837607405042f8b000a73466846518a9a05c

SHA256
b7e02d634b53c87b72fd9450aed744298b15f4ab53b16c903c1c7c4f640ebf30

SHA512
fe52a02271b0b753f4bd444c789577fa7ecc3f3f25d50e5fc46a3010addcfe340652b31524ab7c19f95a7a9b2c34a30ed59c511d498cfc9006b34f19bbf6f5f7

Download Submit