5ad2fa1b458b8aed34e66a796b037a27c7876f5649616bc485fd07a9c395cf5a

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-09-2024 06:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eabe42e52fe8592b202bcfbaa6353d30_JaffaCakes118.html
Size

53KB
MD5

eabe42e52fe8592b202bcfbaa6353d30
SHA1

afceba06b7a820b3360945bb31706507a5e443dc
SHA256

5ad2fa1b458b8aed34e66a796b037a27c7876f5649616bc485fd07a9c395cf5a
SHA512

830c031d0318dd0b3a8c8ea2db2adab0057e5ab4d25b8960107f40641bdad3458cfb5aaeb2bb2b850a63958dfdcee6cbe5539bd95d189ef1a889fcf8c9b8687e
SSDEEP

1536:eTupBj9gt86djVt1jQOoOLWTcsjPB92eSDj5:rpBjabWTc8mDj5

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5108	msedge.exe
5108	msedge.exe
1476	msedge.exe
1476	msedge.exe
4612	identity_helper.exe
4612	identity_helper.exe
872	msedge.exe
872	msedge.exe
872	msedge.exe
872	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe
1476	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1476 wrote to memory of 1652	1476	msedge.exe	82
PID 1476 wrote to memory of 1652	1476	msedge.exe	82
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 2864	1476	msedge.exe	83
PID 1476 wrote to memory of 5108	1476	msedge.exe	84
PID 1476 wrote to memory of 5108	1476	msedge.exe	84
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85
PID 1476 wrote to memory of 436	1476	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\eabe42e52fe8592b202bcfbaa6353d30_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d48d46f8,0x7ff9d48d4708,0x7ff9d48d4718
  2⤵
  PID:1652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
  2⤵
  PID:436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:2236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:1460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:2980
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 /prefetch:8
  2⤵
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:3644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:1644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,17665215718833209563,17423896559570292863,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5476 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:872

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1180

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
23KB

MD5
c897f8479da25ec570027594f1b4db24

SHA1
81a3ff06cf35a87e697fc4733966dffc270ad06b

SHA256
7fd05e325904c9c31e435d5c65b9b4ffa11a9116d1df0282d6cd7c87ef6f1dbc

SHA512
b1c1c46810c3bc5c407f7d30a9d74db8242860965d958ffc5bfeed35b1204774843775ae81b8c414ea89322d00d7ab97313965e20cebba588edf13b9b8dcbc10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
45KB

MD5
ede70f717200a59b4cb831635de913a1

SHA1
d4d6e893ac192b5df087e924ab3356852f8a7bc0

SHA256
c63fbcc69de230e4844cf735ccf668eeaf30e42126eeb464da39c2de6b0b0051

SHA512
b621bde28b90ba97c122677989d994cb5e88fd0906366af1a23ad3f9d9f3b7f2bbef95873f29100433d4068fbbf7ab798505e68deefc118097fc5f76dfc4b672

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
82c53200986d16fbc886c4dd0c4a495b

SHA1
434fb26fd1c4e7b64c0bef449b754ce783bbc2f4

SHA256
2080747be124ecb909e8c1d8642fafc7f3a0ace8b453d36ed9134eaf88e3b2cd

SHA512
e94ad7ada2fd8351e658ee084caa512f2b2edcdaf10bdea1c013512cb6fd311f195e6b65c15f845286fa75788b57cb574f6ab4304b602c21c4449ab1f5bc20ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
f6fe9a1251b71464ad30efa802d1e05b

SHA1
ca154b5f997a4db4a03e1b88e94bfc64de31d680

SHA256
721a112f160086c6f33e2d130d413b8d9db929c0847fdcc8a09d6e957c2124bf

SHA512
dcb29bc519f4ba5238cef071e845977af5e94ec6543af44dc63a65182b025fd374f0bc1e8525b0151c4886bf18c2cdbbcef586bbf79ba4d04361343c30b3b03d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
63e244d3534ddfb79ee208ae18f05933

SHA1
3a6fe6a3a0351ce9a5601c68c4ea0979f6dc97a4

SHA256
9fdda1cd409b9f614fad7544ca02668206c82cbcce0276ef6e1646a19659a2e9

SHA512
dde50a8a4aa595ccb81a99ef4ee8f939aceeae6040f6dc239af18f52cbb9fe8026763682fdd2e08f42a0d3a6841ea8a3744171124c44c677b4011d059645405e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ad770846ff174943f64ed5ed1b5b4d76

SHA1
c59f4e7b958d016b13f42f243eab240ce7d2abf4

SHA256
e41ff0100a7b69d41313589bb2794dfe3bf8c25502d28c570e0aa3fa07d6f430

SHA512
4499f3176ad1d428c9c9694736287879549bc9e120834801316a80ae35faea6f75eb2990038b76f03b5b41569925bb4f9eb8166d2a6be6b9dbe22e693578a775

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b9e355f00888b839a6bf3364d644c727

SHA1
40c61573305f1246277052d2fa047e56b0a10e12

SHA256
78dd129fdf0c0f48d455c218bc95399fbd0cef84201fdebdb948b077469bff72

SHA512
df96afe55fdf48d50a6af4195b99120c2bae069e1c50df5cb8f8863528ec202c2b70f4d68499b62b5c7a8500c580a30a661f6f449445a61dff3f64fe30cfc857

Download Submit