07407c96300592c267b00e75619728203c55d1d52c32bcc04d2dc85bb47f3890

Analysis

max time kernel
145s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-09-2024 05:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eaa37d02c9caa65068cae9414774661a_JaffaCakes118.html
Size

53KB
MD5

eaa37d02c9caa65068cae9414774661a
SHA1

b49b4e37ab6ed95f44b33707763aaaf217390279
SHA256

07407c96300592c267b00e75619728203c55d1d52c32bcc04d2dc85bb47f3890
SHA512

a4ef003e2e2b8e14055c6c0d5fbae369d0e95bf12f4aac29a6fbd086f84f094bd9772a812888020a8e5d7d8ab3f708f9b8db88373346299643380455221b81aa
SSDEEP

768:5UV8wZcNwuXXfBjGn6pGK1dles3P6N48pdULxJ8viRvkGB43KHKLixHMrh3hjDbP:dfpZes/EmxJ/tWaUgMrh3hjO5bwFn

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3700	msedge.exe
3700	msedge.exe
2028	msedge.exe
2028	msedge.exe
3536	identity_helper.exe
3536	identity_helper.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe
2028	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2028 wrote to memory of 840	2028	msedge.exe	82
PID 2028 wrote to memory of 840	2028	msedge.exe	82
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3680	2028	msedge.exe	83
PID 2028 wrote to memory of 3700	2028	msedge.exe	84
PID 2028 wrote to memory of 3700	2028	msedge.exe	84
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85
PID 2028 wrote to memory of 4604	2028	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\eaa37d02c9caa65068cae9414774661a_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff82e9a46f8,0x7ff82e9a4708,0x7ff82e9a4718
  2⤵
  PID:840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
  2⤵
  PID:4604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:3788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 /prefetch:8
  2⤵
  PID:2196
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4052 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
  2⤵
  PID:3256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,17809370200341899360,7000537521434180016,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5024 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2284

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2300

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1988

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e4f80e7950cbd3bb11257d2000cb885e

SHA1
10ac643904d539042d8f7aa4a312b13ec2106035

SHA256
1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

SHA512
2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2dc1a9f2f3f8c3cfe51bb29b078166c5

SHA1
eaf3c3dad3c8dc6f18dc3e055b415da78b704402

SHA256
dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

SHA512
682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
23KB

MD5
c897f8479da25ec570027594f1b4db24

SHA1
81a3ff06cf35a87e697fc4733966dffc270ad06b

SHA256
7fd05e325904c9c31e435d5c65b9b4ffa11a9116d1df0282d6cd7c87ef6f1dbc

SHA512
b1c1c46810c3bc5c407f7d30a9d74db8242860965d958ffc5bfeed35b1204774843775ae81b8c414ea89322d00d7ab97313965e20cebba588edf13b9b8dcbc10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
45KB

MD5
ede70f717200a59b4cb831635de913a1

SHA1
d4d6e893ac192b5df087e924ab3356852f8a7bc0

SHA256
c63fbcc69de230e4844cf735ccf668eeaf30e42126eeb464da39c2de6b0b0051

SHA512
b621bde28b90ba97c122677989d994cb5e88fd0906366af1a23ad3f9d9f3b7f2bbef95873f29100433d4068fbbf7ab798505e68deefc118097fc5f76dfc4b672

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
1de248384a7a291bd1e2c1a5e70bc43c

SHA1
e16b541d2015ee09cbe3fc36c13be1098cbac6b9

SHA256
8e70d4e5d990e29830342ea2bbb501c5b648ec66615a8bd779c348dbf8135ec0

SHA512
5b510e31efca903dc0dc4baa0d561d45c3239901f43543aaf95bd3f572714815a08c6a228a381bff88d9cd78267f0ff5e8b7063c28370bf5510ae56564c58bfb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5c5783a16280795db07fd0658f8f719a

SHA1
fc4a347178e82dc49414a6a1807cfc234c29bc57

SHA256
a1373e65c39bcde8f9d5ea6b19d359aec3ab60384fed9fe57bae585b9f2b5794

SHA512
3abd7cbcda9adb70dc49480349c7b45e57ecccb0739777a83040a78c163d813d04cda918da548b8922d2b46064c9827f60c51a000424216a2238cc2bd33b4ce9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
98ccae883c5a7be044d91c868e58195d

SHA1
f52e86ff3f59216a2d6f2ffa8067b096d842c8ac

SHA256
fe3079da9953ee8727fb90684112e0d23c0f04aeae1ddd54dcbe9e65114a7fd6

SHA512
ba3a0386c5d92c1cc4ff854d5724e8a21955f4be57ae7e42f8d9f7a741496086c555a3c6a96170142db74c4becace9200d5c59672f3463f982f1d94dd5b4e64c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7d28e4f38537b803682143747261cde4

SHA1
705b8a77e374289e7d0ad27f10df41726d41932a

SHA256
68254516146f070f1f594fa257e7955821d80bbb9efc2aea60a281e849540ee6

SHA512
ae1c04a434489ef67b74cef767b3e1132a706a170d30ddd0174a84028aaf416ef8b1e68ef969e2bea97e9604ce1be437b0df37178e959a4c342ec8b49c75864c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
92cc298144683ff5113e45d5bfe5e729

SHA1
7ff89249175783887aeb09546f40f4ab4d73fbf0

SHA256
a47d369ca5e297476d5685af7c23cb996a95f01b83b554b9e07c117278071c32

SHA512
028322b17978856f165ca4e0e9296585602ae2cb9bc86bc4c089e3333a4b3d48ccc69a4850bebfc10f07086cad6a412d7507f5f61e2a836e96c0023e1bafd9f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
51431e5c58770baae3de85a55d6bde65

SHA1
c8ce0086436bfc72f1eb792924615f4f1d5e96bb

SHA256
7c2461bc3f95199efb433924fc01c59584f2a59a8a2923e70baf8eb8c3cf6a0f

SHA512
7e600a0652577152e8116d21191de1326bfe14ea509d8ffdb0fbc553288d1b0ce232e47ed1d888d6f0c31e6bf9896bbdf0fad7833156d3d965e3e3100c7f39b9

Download Submit