a7a5dd33d9c4ff69e62bcd3ec699860560b8f806b219208265e4530fb8ec0d35

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
25-09-2024 09:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f5a9f45508ee874cb65924a30c69fcc9_JaffaCakes118.html
Size

32KB
MD5

f5a9f45508ee874cb65924a30c69fcc9
SHA1

d9632134f8092f64b5f56db721c747c7ff59308a
SHA256

a7a5dd33d9c4ff69e62bcd3ec699860560b8f806b219208265e4530fb8ec0d35
SHA512

571c4e93855833df99cc03eb0784e3379a68a6c9d9da7bae814287fcddd536af9e08eae9ace5bdbd57559683dd3aaffb286eceee60ff2c16b8ba97e2e961037a
SSDEEP

768:0Lj8knXc/iDVO469MhbNBVVwmWO090xsoJ2MAEy:0LwknXc/iDVO4694XVlWO090xsoJvAEy

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3116	msedge.exe
3116	msedge.exe
2928	msedge.exe
2928	msedge.exe
2424	msedge.exe
2424	msedge.exe
2424	msedge.exe
2424	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2928	msedge.exe
2928	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe
2928	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2928 wrote to memory of 3112	2928	msedge.exe	82
PID 2928 wrote to memory of 3112	2928	msedge.exe	82
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 116	2928	msedge.exe	83
PID 2928 wrote to memory of 3116	2928	msedge.exe	84
PID 2928 wrote to memory of 3116	2928	msedge.exe	84
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85
PID 2928 wrote to memory of 1400	2928	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\f5a9f45508ee874cb65924a30c69fcc9_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd790346f8,0x7ffd79034708,0x7ffd79034718
  2⤵
  PID:3112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,422888473460679966,18279080839598160131,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,422888473460679966,18279080839598160131,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,422888473460679966,18279080839598160131,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8
  2⤵
  PID:1400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,422888473460679966,18279080839598160131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:1612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,422888473460679966,18279080839598160131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:1828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,422888473460679966,18279080839598160131,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1360 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2424

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2528

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:732

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e4f80e7950cbd3bb11257d2000cb885e

SHA1
10ac643904d539042d8f7aa4a312b13ec2106035

SHA256
1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

SHA512
2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2dc1a9f2f3f8c3cfe51bb29b078166c5

SHA1
eaf3c3dad3c8dc6f18dc3e055b415da78b704402

SHA256
dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

SHA512
682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
27KB

MD5
612ce5de1446bed4407492684d4dd037

SHA1
0b1a4339516e06b6c28375733e664ac856df45f6

SHA256
64733ddae4bce2e0ee5a074a0aae5a13421b7b35080532b98c6b6f73cb1625cb

SHA512
38224a3460b2252ce3a5747398f46c71889e9e9137f89e0906b34d9810749a7105dc632ef5734174dcebcdc597dddd61915f7aa30676bda9b231ec31b6b4b95c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
30KB

MD5
8acb681c41f89303fe6af755469c5702

SHA1
50dd084200f60cb026af4652b28a2eea32e00b6f

SHA256
64a715d84e57b33bebab907401afba18945b347c73a749beb194a1fc34269411

SHA512
60de6eebda1ad1ff27921e727fb6559493ba65eff18400c46da4d17ca72150c76254e654a1c2859dafd0ddf28419c23733a5a9bc6150404c2b11adf6a9ea2bb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
83KB

MD5
bde820a01d490e276171ce160b9b6db0

SHA1
99d4183d35b44f4d18034dcf5b7bf5ad9bb57e05

SHA256
c620c0c12438474e4b87c6ebde606c11ecbda71e773c07fedd8669d5ef5a9488

SHA512
03e75e8db16f7a1fb3f04fd14cf021bc24a636cc76fa835607defdfa6493f75cdef6b23fdf19597c62e00c30f0c95147f15741709d88fb9bff53934394488a94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
109KB

MD5
6d74fbdeb5cb9762f91bbae0d0339399

SHA1
b021c99bbeab53dbc7f8ba8f7f87026e68b7a8bc

SHA256
9ba8221145c7ba3300a496c15f3b4432cb589ab7d071924a8786a6914ecdb2f1

SHA512
6c596435c8b1b764e45b5bfa762e75e98c66ec686186a4c3e2532a82a029a4bba95d587cd6ec2e40568ff49a16cf054be6a94eca5b2073c4070f56067b18cc8d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
96KB

MD5
e6264a316d1e472174a361652a59d9bf

SHA1
484066bcb5b145ee94d9cfc074b099842c61b670

SHA256
443607770d13c9279e0f2c2eb8c0d0b90b6dc257376ed272c190362b9d69d8e9

SHA512
b2a464485a80361c1d429c0c806188ed3ca58bea494204f0f4387540bcde5bb9bc46724e74bcd219a10e51fe4542f9d6f6425d51e4caf9b470b3dd2fd0eaefc8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
20KB

MD5
24eda2b98ccfd749534b23321fe8dcb0

SHA1
45e0b9b405311e9910a99c9f97d38074219a2956

SHA256
07987e0c24f3fc4374119ecf41b93e55eca4f8ac3007ffbc566dc1f6cbe0e2db

SHA512
1b2c901930c77821d52acc7b29eba1919d706da2746a82b87310f201946d474e1ef7b8948ab74139c2ae2af6bb54d5b4706f5413df40e2816b497112e7feba0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
276KB

MD5
e36144b4dddbbbd029652d7a634b5707

SHA1
146a6503d3a7b60502f30e91d150d5bce1eab8e5

SHA256
be3fbecd2a6c687047df0293591e85b6759b0edd524b24388f9ffee9497cc03c

SHA512
196e70544eb889b8cd6dd61d1afd64095414b17928738d15e71cd48014b154b14306dc5b8c3ba30630faac2ed182b3dadb01a06eae3ddf26ceebc90832137637

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
75KB

MD5
fbeb072cc9798040e0ae22870b7d5fa8

SHA1
83c87f9be50936a9a295ee15fbd62d65d0585ed6

SHA256
48fed38c3a8f2732719af62b60370610bfc6dfd97b0c28b677a17620e510b36b

SHA512
78bb8bcd77a57acade57e7773220481ac2e4a01d313715e8d666a13dde643fd6985e802430ce224fe3a1f69d0029230dc4dcd4bc151e69ad5234fcce5b92f66e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
77KB

MD5
c81ec684edee8e714e20fd1adc8751ba

SHA1
c8cd499fe96c131795deb0765ec539e0a8677522

SHA256
9c72468daedc6cfc75830641262d174506475b16bd908cefdbf84513e62c785e

SHA512
2b853caff29c87bedcb28b199849d49ec7b22da959ec50e9a9a074c5fffef19e9cad99a7462e2bb8415dc297577105a617ca935e3849d99d71348b79c1a7bf0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
85KB

MD5
e3caca8ac3b29b1f374e332dcaa65955

SHA1
0c2aefc842755a1f9fff41b17f48673d59eb6fb8

SHA256
de26eff1bf59923fd4464b839d5845fb238fc6677c1571b211b3d0989fe85d39

SHA512
32d6001cccccaa637231ab73e7035835fafc94031ea838106b0ce67a123b95166edbf8e40fc2b5ee9f1969414abb9787dd567fb7523cb0f5bf61caa2e1998e14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
200KB

MD5
e1b22c111d517f749046bbdb20613ff7

SHA1
92e7ff849ddd33a7e2605a81c3a653c3e8418a53

SHA256
7ca9c59884597892926345883f552f0283eeaf338d85bc2882bed5a15a27829b

SHA512
82e3e02fc2d1f7aec9e832e069c99c991db34367b5762547ac264655686fcfedddd5728d7d16a4dc38060d881d7541a7591f8553e3c44401095beb36668fee26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
374B

MD5
83bced6bd712caf76b4540f79a5f51f5

SHA1
87a0536ed0a25e4a4336fcdbd96a39d54f4df4a5

SHA256
260f3fa2e29a2b8f091226bba53ef4371da01b71b54bc7fdcd3ded1959f8e232

SHA512
9c763a49a8b638e2c84c6de1d738e34b9f9c937c9a16806f4b3e6e2a39cab61ada0a73af4a0173b60301e76925da793c473f802f88f726485923bb1e0f26cef4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
3b1081af394c3ebbd3c50c25152a80b8

SHA1
662ecc1793a82982409d6cedd07a46750cec7d36

SHA256
28510480216d3579a034c6071096e23716f6201b8ba566759d017af93c68c4c3

SHA512
3ddced7158ca6cab95034f923f9759ccb94741538c172c282df8908c445466228a78f00e4eeb55805c0d487e9d7c99e98f8d3b8424187ec375f9b8d70674961b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
872a700acd83665b9352b3dbdeb27dcd

SHA1
d4da05a317d6f408fd8dcf3443f0457858e0596c

SHA256
9296af06e76b3b4cc0994518c51e9b6923812dca113b44b694aa8fe40eb26380

SHA512
c3ccf9b0b1a25a9abbd556a5a8d4b69376e47a4afcf4751d2d369be9a5e55b293941e2d7c169f7c0ebf40fdc2b0cee11d73dcaa4a968fff27ef4b5bf91a3ab68

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5a2e86640ed4116f857fabdeefb9bfbe

SHA1
b5c46e7c875d6930c10af86e8a6fa082f4fef490

SHA256
2c21204759e108eaa613c26202d9cf362a949f6dc15254f90bbff50120012312

SHA512
686bbb7e846a9c739dd93c49bc9b8ec4b4dca119f9013a95e1f64c8d228008fd65d00afc94a9d662630b952c3db9294317b15b7123b56ce8030c8956d3a320ed

Download Submit