ec41fef0539bfbfda2b602c4fc7cf21bb1f3dd26019435ad0bbcc5c33a108199

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
14/09/2024, 08:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dfd19a2244f2aac171c134c9a08c07fc_JaffaCakes118.html
Size

52KB
MD5

dfd19a2244f2aac171c134c9a08c07fc
SHA1

fb066cba53c6c755e1a02f99227e114d6dac72a0
SHA256

ec41fef0539bfbfda2b602c4fc7cf21bb1f3dd26019435ad0bbcc5c33a108199
SHA512

ca82304d516b9b7cd57a82217acedae5d03b1b88e37fc21047d8e22c8cdb2a55b993c222e7cfc1c483ed01ca9844ec6385e51203a9bf51bf85839a479fa0ef6c
SSDEEP

768:PHVYJFlBh+loNRkKqDcS13o58Dkp52ogEElkjRJQQGBtldB290O:fKRk5c2o58DuMtldo

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
208	msedge.exe
208	msedge.exe
3960	msedge.exe
3960	msedge.exe
3892	identity_helper.exe
3892	identity_helper.exe
4356	msedge.exe
4356	msedge.exe
4356	msedge.exe
4356	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3960 wrote to memory of 4444	3960	msedge.exe	83
PID 3960 wrote to memory of 4444	3960	msedge.exe	83
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 4780	3960	msedge.exe	84
PID 3960 wrote to memory of 208	3960	msedge.exe	85
PID 3960 wrote to memory of 208	3960	msedge.exe	85
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86
PID 3960 wrote to memory of 1276	3960	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\dfd19a2244f2aac171c134c9a08c07fc_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd8f2946f8,0x7ffd8f294708,0x7ffd8f294718
  2⤵
  PID:4444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
  2⤵
  PID:4780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
  2⤵
  PID:1276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:1796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1
  2⤵
  PID:2500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2216 /prefetch:1
  2⤵
  PID:3884
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 /prefetch:8
  2⤵
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2228,711969165729734760,1916791805378863143,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4356

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4904

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2016

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7114a6cd851f9bf56cf771c37d664a2

SHA1
769c5d04fd83e583f15ab1ef659de8f883ecab8a

SHA256
d2c75c7d68c474d4b8847b4ba6cfd09fe90717f46dd398c86483d825a66e977e

SHA512
33bdae2305ae98e7c0de576de5a6600bd70a425e7b891d745cba9de992036df1b3d1df9572edb0f89f320e50962d06532dae9491985b6b57fd37d5f46f7a2ff8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
719923124ee00fb57378e0ebcbe894f7

SHA1
cc356a7d27b8b27dc33f21bd4990f286ee13a9f9

SHA256
aa22ab845fa08c786bd3366ec39f733d5be80e9ac933ed115ff048ff30090808

SHA512
a207b6646500d0d504cf70ee10f57948e58dab7f214ad2e7c4af0e7ca23ce1d37c8c745873137e6c55bdcf0f527031a66d9cc54805a0eac3678be6dd497a5bbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
23KB

MD5
33a83c16527e4531fbfca2631f653674

SHA1
87a63514c262ba4bffc52d2ceebb3ca14353507a

SHA256
1156bb50a264543f6a9dc8922dd2c65d444c8bb11b3b18be95d5adff840b33b4

SHA512
f1dba28d0f81aa0894436ae7b4ba76a2e635f002f666d17d31b8b21500dc2321d7862ca8dcfd22e44aab4d1f33112c076dc95191c889546a40f9c6197cccbda3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
45KB

MD5
aa6a698d1c7fc6d35265b10af5570e9c

SHA1
00da372ad4964a5d5b8afff7fe1b207ff284f232

SHA256
02f6ae7bda59fb1a20d3386021fb972ced348bf724fea42157225d416f9f049a

SHA512
f5b2f732e899cc0fed577e1ef1c51c154ede5d206543e8ac7c1fabb182901f8e93e137b63f12cbb87b3f570a283a368bfb1b9d637cc5b1c4f1669ff5cfbf306b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
bc387c4a4bdbde0491f3550f9de861e9

SHA1
967846fa7dde7e8923b3b1ccf67924160d3b2bca

SHA256
dde5f2104733a047a87fb500c745cc28f7162873ce500e9791ed73ec5d7749bc

SHA512
c39f8b0aa8356be17e879f13e0202cd10f57c4abc0c0f4c780fb891b419976c955d0e451904db3bf4fcff4d2e6805b886203f5a3761be6bfe850acb4bf5bd601

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e308324f5391e8ed5d31857efea33b62

SHA1
5e927d9f1aab73ae20eafca5cd11505ef7ea7b45

SHA256
92a2c87275bd23c0b2a7c6c5b1fb586fe96120ba2f26c464bfd392ce450269db

SHA512
e8e750377a3ca31f05f7d0b764e246a4fa7425656fbb5903df09d14ca60e1178a64b800dddf9e0f8021805d5119d2df4988f8881936aa66438028bfbe312e27a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
fe10bc14bd87caa984affd365b8efb25

SHA1
247c6e57c0bd20c647884cac63052dfc626c69e9

SHA256
26ed015f4dc9fa4552ea67bcca5a88a29c8df254c98152c2f187303040e68120

SHA512
6b97eb3a645ea3186c7c39cba7ae674fea5661b6be18c0bbe438b169c9e5ee736da09523139527bd26b639c44cfc5caa8dc0e2ec2f859f25c695bc91685b3b55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
20202a2e310da9a73a8ada25f2db414b

SHA1
f4c1c160108786530af5c6d8f21949997fd69028

SHA256
bd5707216cc1a0542f668af29c32def668c7b346bb7fc56502fb405488ab7695

SHA512
1e00ca5194852bb60918e7619f4ca95eb0bac04f3972a295317bc05d02def98b0e6f27ded5afb2bc396d43e02da02139e7d5760a6ff84cb5109f2857ee86bcff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f409e63b2ebf1e1b46c0ba96d1760fe9

SHA1
56fd79bc3d8377952c072a19e4f799db7550effe

SHA256
b1310c544c24099f70a4167cc82eea6034a02ac49b46d2a35f52bd3ed59c2e9a

SHA512
aa4d511b926e0a21da60f0431f0607edd7991cbf96601a2944837ddb87cffcf067b34c017106d714c15b7b11a1ff61ac393bf6d437be7ab13b6abefa3b001ee6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
c9ad427892a9db2f7ba92acb6d49a6c2

SHA1
6b43317859bfcf0aeb95c7ac0176ddd4fb1bbd7d

SHA256
6b293ca2d8b1fd14da3e46e1a76be4a10f014083ad0d482a0d36d8175bb933c7

SHA512
a62708b84531d4cf152a72c6fb5ebe5bebe152c4769846bef91e1254c1fc40ef3ef901eb77fb9c3c7c035ead1455718d3630797ba33db5500a7f989c23d442ed

Download Submit