169fccb3c5f068e87590371289d6ae5d8f99d35a786b3bd2281ed63d9da71b29

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-09-2024 05:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eaae8585dbfb8a0da637c6aa87d89b06_JaffaCakes118.html
Size

15KB
MD5

eaae8585dbfb8a0da637c6aa87d89b06
SHA1

7ae47855492a42f27409c6306821f42f7591f600
SHA256

169fccb3c5f068e87590371289d6ae5d8f99d35a786b3bd2281ed63d9da71b29
SHA512

ff9dfba0c73f4cc1809ed6f1087e64c75c511803a7d8c811791297c4baeb33e4b709680c10bbfa91a1856f79deda0f68433406ec804fc0fc0f42edba5e175a1e
SSDEEP

384:QucftMNfd1yM4veG0V1T3PhgwNeDH0pibvJ2:/cftMfF4mPV1T3PaqeDHr0

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3880	msedge.exe
3880	msedge.exe
1776	msedge.exe
1776	msedge.exe
1936	identity_helper.exe
1936	identity_helper.exe
1676	msedge.exe
1676	msedge.exe
1676	msedge.exe
1676	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1776 wrote to memory of 1732	1776	msedge.exe	82
PID 1776 wrote to memory of 1732	1776	msedge.exe	82
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 1328	1776	msedge.exe	83
PID 1776 wrote to memory of 3880	1776	msedge.exe	84
PID 1776 wrote to memory of 3880	1776	msedge.exe	84
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85
PID 1776 wrote to memory of 1240	1776	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\eaae8585dbfb8a0da637c6aa87d89b06_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa47c746f8,0x7ffa47c74708,0x7ffa47c74718
  2⤵
  PID:1732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
  2⤵
  PID:1328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8
  2⤵
  PID:1240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:1612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
  2⤵
  PID:3552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3772 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:4808
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:8
  2⤵
  PID:884
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1
  2⤵
  PID:4220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,13226537814349509098,13942119093304762898,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1752 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1676

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2520

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3444

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e4f80e7950cbd3bb11257d2000cb885e

SHA1
10ac643904d539042d8f7aa4a312b13ec2106035

SHA256
1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

SHA512
2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2dc1a9f2f3f8c3cfe51bb29b078166c5

SHA1
eaf3c3dad3c8dc6f18dc3e055b415da78b704402

SHA256
dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

SHA512
682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
212KB

MD5
08ec57068db9971e917b9046f90d0e49

SHA1
28b80d73a861f88735d89e301fa98f2ae502e94b

SHA256
7a68efe41e5d8408eed6e9d91a7b7b965a3062e4e28eeffeefb8cdba6391f4d1

SHA512
b154142173145122bc49ddd7f9530149100f6f3c5fd2f2e7503b13f7b160147b8b876344f6faae5e8616208c51311633df4c578802ac5d34c005bb154e9057cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
a72a879ee234bbc2d92fb864cf134f6e

SHA1
3f811a03b44324d9ba12ccf43cc5e5536971565a

SHA256
87f1398f3853255ca8128e96ad9afb5d616d9aa4e2dca533baa0ce692fc9ad7e

SHA512
e5d352aadbad00395ca51c952ca7aa3e73b0adfb34035770bda7850cc8fb4a2a2018da5326e226a1c91fd2e45388d2c10f70936dbfa1d954f530c499894922c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9888ee34ceeec0b288a45610de9bc9cb

SHA1
9cec8c91568b68053f035206f2c8f403dd579f16

SHA256
9d3eb508395d8af563715dd13b703d451cd8dabee374d3e3d2b15f89b3806d10

SHA512
71843c31e2542e1a1699c5183494ebba5a437041f624fa7d6d132580df4f8918bba887e12f24e30bbf3e19e1ac4919b8eb0f928d855c78cd2ef82ff0a3d408aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c23608f102a2c692a4ff86ed35b3ce4c

SHA1
b6b11f9ad1d1a8ad1872cc0ef1c4ee3eb499dd46

SHA256
60829a87d681c6fe91112f024f521bfd505b8094da690050f2338976481d19ca

SHA512
6c6f95383bd56961582f01de55fc8c9b30a2461edf924f902d2c56ad6e6c8e78f8b989e992d74f9b8252560fff4311824563af618f4e49df3cc72b936248f4d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e5ad38010579bac4a4f005ee9bf3804e

SHA1
29a8498bfa60483bb296abfb6ad51227af538cea

SHA256
b331b033d952ce1d1ecddb0b90a49a5104ecd2bd9c115a9fb6bf870d9d8620a5

SHA512
530d924d68e632b340794f2e16078bec2b1ab20aae2dbd3b68f813ef559c6afbf1949678627e18f7191f8f6b36bc2f61b0c8383a82f926ab711ae0ceef416cf0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f14f2fad6d44c317deaf219e3f2b1908

SHA1
869a70bb9632f32e70ae8583ab16bc01090b179c

SHA256
22086a6dec3bed08ead9dc883dba185ef617965c9462024aa09a6c79dfb5066f

SHA512
5d3bcdc6e22f69de6f4bc2d0111bc26820be1fba0550a6025eb73793492a9b2c786882367097f5c3f410f26bb414b082095d788761c64a86da560137d06696e8

Download Submit