fd2404708ed3d64088f2c6e59206cdecf47ec4b9bbffbdd53e6290e48d1d97b6

Analysis

max time kernel
148s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240910-en
resource tags

arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
submitted
19-09-2024 05:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eab2bbafcc43061811829e427bc6941c_JaffaCakes118.html
Size

27KB
MD5

eab2bbafcc43061811829e427bc6941c
SHA1

135d4af860756f9e9d243dd468eabcb0964204df
SHA256

fd2404708ed3d64088f2c6e59206cdecf47ec4b9bbffbdd53e6290e48d1d97b6
SHA512

8af3bb470aa477a44f1d3c862cc615026674382fbfd746fc767fd40a0a9099b9e5b507c6849b110cdc13bf74080842ceffddec298be8be99a41fc4e9876428c0
SSDEEP

384:yd2kP/TYsavbEh+aBMz/pn1sfxz+UES4OG4w9tWSsi7FcA9Lierx:yT8a+aCuz/ES4TFtLsi7FcARierx

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
740	msedge.exe
740	msedge.exe
3152	msedge.exe
3152	msedge.exe
5092	identity_helper.exe
5092	identity_helper.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe
540	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe
3152	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3152 wrote to memory of 4536	3152	msedge.exe	85
PID 3152 wrote to memory of 4536	3152	msedge.exe	85
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 4020	3152	msedge.exe	86
PID 3152 wrote to memory of 740	3152	msedge.exe	87
PID 3152 wrote to memory of 740	3152	msedge.exe	87
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88
PID 3152 wrote to memory of 1104	3152	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\eab2bbafcc43061811829e427bc6941c_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8097d46f8,0x7ff8097d4708,0x7ff8097d4718
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2648 /prefetch:8
  2⤵
  PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:1664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4196 /prefetch:1
  2⤵
  PID:1700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:4400
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2624 /prefetch:8
  2⤵
  PID:2972
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2624 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
  2⤵
  PID:1872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
  2⤵
  PID:3256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,1336331331200695158,6669909715059778027,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4804 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3988

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2004

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7006aacd11b992cd29fca21e619e86ea

SHA1
f224b726a114d4c73d7379236739d5fbb8e7f7b7

SHA256
3c434b96841d5a0fa0a04a6b503c3c4d46f1c4e3a1be77853175e5680e182814

SHA512
6de169882c0e01217c4ca01f6ead8e5ebb316a77558e51cd862532dbf9147d9e267f8db667ff6e9fa33164243724f5e437cb882392382f3cae1072dadb762c1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b80cf20d9e8cf6a579981bfaab1bdce2

SHA1
171a886be3a882bd04206295ce7f1db5b8b7035e

SHA256
10d995b136b604440ac4033b2222543975779068a321d7bddf675d0cb2a4c2b1

SHA512
0233b34866be1afd214a1c8a9dcf8328d16246b3a5ef142295333547b4cfdc787c8627439a2ca03c20cb49107f7428d39696143b71f56b7f1f05029b3a14376a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
1024KB

MD5
08cf0185407480cfefcdd545f0d3dd73

SHA1
dbabaa61818339030631ed366441deaecc68f760

SHA256
835c856f28cc39873d49c985e317b0e0c987ac439bee2d6f70bb78bd77750f15

SHA512
167e92ac21fc210185e25e1cbef815b41a942b3d02381f2a26ff133d04e28e1812317ee5fff791cd9d855f064227b646b16a5fe4686441af1f9e68217adb79f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
bc3d3f527b8c7cb3aed75e6c81e8b88f

SHA1
22530e7547a2bd1ac9628b8e2e810c075e1f22cf

SHA256
e671401b62567d752d7ab3f0e304ef61bdde73153ec3cb93908af19c53f4b7d0

SHA512
a486f603f9f2e0ed918cbb964bb0c8b6952ff03a857c8cb4819fce592192941094ff3e542636d9f25979534713899abbf3088da1ff28a557532f320e9a853e09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
182B

MD5
5fba847350341dc385c90bbd14b812f4

SHA1
986d1713b103f3d565ccb88077a8598c8393a24e

SHA256
ecb5860418331ce7b5253419ebab9fb495ab9dba26b7d0751699949555074372

SHA512
227478553cd394c0ae057d78160c461119d7418765a14ab55ac18daec588ef8883c09c931adc149f380fead0a6e0e92cb0d6d8c29c27cacd63143b615b23e830

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7265c6dba14be296baa38a0f11fab895

SHA1
673ad3046c939d4cec59e806b461685dd3c71574

SHA256
b459edb9817bc5bb8e80d7b172ed5eeb131dc6f012a5fe6d63c340cbd29b3aa5

SHA512
be24b472d86d474f04d56469a0dd7407914d89af6dd74fc276f14b2a2d6f040cc26e63a4eb9dc7f08acdd06e119c85d1811fea3cefc6a4c08502dfd940a743b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c3a7fe6cb7ae23fb9fbb4fffb0c81a9c

SHA1
e8d0db29508d19fb3b8bed7a1f26ae964b03fbaf

SHA256
ce9de6b85c8381e608504c97a6d4b29b9ac86a4e5ccbe68a16e00ef15be5bd2b

SHA512
682f0b149e8bfd042c94f2adb6000707392407bd05d0d1ca1c41f77971f264efaeb87fda159b39020ad828bc25164e912f14fa3593a666906b8c61f77bef91ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
8ed47c7a381d90e8c2e0641425377da8

SHA1
535cbbbe1ecf82a6abd51878293dd073186de2a0

SHA256
7164350784c7249e198b8cb287a1ee9c9187a63f011ce772b13dfa46e3216499

SHA512
ad97c7be77df7f9ca9fbef0d10ccdf5781198ca99282a723cf2ba888821b97d70d149ebb6eebcfdf93b8e46e19a95572c0c640cae665fac44f21d43328747911

Download Submit