58f2081c7bba0068d48b19a2786e07ec586e27f524b6f10cf21b6757fdc3e472

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29/09/2024, 19:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ff2e47d9be9370964640f7216418476b_JaffaCakes118.html
Size

228KB
MD5

ff2e47d9be9370964640f7216418476b
SHA1

fa881f28df9b194447e6bd5f829f33f1587b36fe
SHA256

58f2081c7bba0068d48b19a2786e07ec586e27f524b6f10cf21b6757fdc3e472
SHA512

209bb66544ff33994565b53c8957bb59760cbbbaec449c5df6c9ee7b1cf7853040d62f79972016bc2a47541b00ca7f65ebf4afacb8094d90157300220104ef98
SSDEEP

1536:Znw5pVJko7bwV47gsweP4c6KT+yE/G8oebZXkWh9eXkWh9mHq9hWjFA4vZ:ZnwTJk0wV4vyKAe8oebpAOHtjFA4vZ

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2508	msedge.exe
2508	msedge.exe
1180	msedge.exe
1180	msedge.exe
208	identity_helper.exe
208	identity_helper.exe
548	msedge.exe
548	msedge.exe
548	msedge.exe
548	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1180 wrote to memory of 2784	1180	msedge.exe	82
PID 1180 wrote to memory of 2784	1180	msedge.exe	82
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 3204	1180	msedge.exe	83
PID 1180 wrote to memory of 2508	1180	msedge.exe	84
PID 1180 wrote to memory of 2508	1180	msedge.exe	84
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85
PID 1180 wrote to memory of 2596	1180	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ff2e47d9be9370964640f7216418476b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd2e0146f8,0x7ffd2e014708,0x7ffd2e014718
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
  2⤵
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2704 /prefetch:8
  2⤵
  PID:2596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:3452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
  2⤵
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2624 /prefetch:8
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2624 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
  2⤵
  PID:984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:4448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:2436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
  2⤵
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,4132564767238531699,17718100672502917220,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3804 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:548

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1288

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:60

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
50719b90272f90c5c9a1838395797720

SHA1
bb274cc222ae8d0f07f8354038a44be32fcbc4bf

SHA256
5a3a30d66430929db0b6d89aa9906f6adec9b8aa25aa28b5bfbbaa05a713dcc2

SHA512
edaac98cd7e817f6db2f7776bdd0167a500ec2da02807683953bbfb40d3f667e13f097318a5a6709e1a8cadd5d0858b09a956f8bb31a14795e3e88f9dcff4c5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
1a165dd66215a3984f455a39b0108352

SHA1
832877a5dd1b187ad4664b3119fa97491893a471

SHA256
e14771bc2d8d4fdcf86cca6c7c70547847261e8879152a622facfda3424b8c99

SHA512
add64afe8f33730715c2b65a5a083969781825901a4842e3f91904bcc34db7474734aaf76807f8053f33e5094fe517b5baa8165641e4df98a034645b5efac1d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
69e1a1901a79a2846f1648281320de12

SHA1
f108a374351c57929bb5a73beaa609ae06ad52bb

SHA256
72c8967bd02e8db7ca6a04b87f3e75b89cd32f37332b4ebbe587a21925cbfcdc

SHA512
d20b98c4328f5275398a7de92b3f0f3c6e4eccaa153b657cec2473bb42e1768f44c968330ba3d3bf9413a660b14a11077a34092332ddd95c31618c7c5cd6f62b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
de75040aabeab693d87723ddf0820ee8

SHA1
5bbf549be7d12e786e3608dc57ed6328e4b28671

SHA256
d3f30ed5982acaca4cd65a95ca5bb5475c8e55ce86b064deaa8d0f4f7c2c16c0

SHA512
dfe0fdc8addf5840b609edce5cc958b315ea902cff541a141d6db04884b8274332a6941807cdef845e9c1505b42c20dd9d6405c95d3adbf54f34a1729b6a5afd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e3dea024b389386822b82f0d4dd2f31f

SHA1
1206054c1142c72311478a68ae82af09508c9dae

SHA256
210ab17d9dce07473dd6bdb0a0c1ce9292d54c7f7cae36b71f19c27ab2b26d69

SHA512
c499e22540237a25e99dc96969938021b017bdbec12ed0dd4227cb419a1e0fddb9f514a6c611db6843ceeb8519bce88e602b722e8963c0562f402d3b1265d491

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
768cf2438ce88f52d53c7d91cb35068e

SHA1
091b581ecfd0f5961014ae5b719da56daa20cc67

SHA256
4792d562fa8f294fa41fcd125482fb0e638850e055ebbb458f147c55038113ff

SHA512
0ba85506923cd288308c5ad150b3e60c0d38bd43b66660bcda3700b5bf7b3fd6555886b8dcec5f842fc976a1181efc830a085c3b8f3a84fd9a4e2b944e895d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2b13a21f0b76d82de469428e74497916

SHA1
6e0ba14f693a2cc1623d37764808eb186f512813

SHA256
e48cab0de43b9dc4dc4a3505fd85404ba81f99a9e081e58fb10f1e40ac591c08

SHA512
12ce0ce6556401b52fe84f9f8b6d2e87fffd5049d87fc19a70466de8f08ca0f91465bb336f4d2bf012e8cbd1d43c4c764387efbce7b62f92989c99fb15949035

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
3f3188f8faf514d186ef419cc7e3ca73

SHA1
10bfb5a7aed4e24b27262e0666873b69d09f0f35

SHA256
0cb35ec720ab7a3e91af72e2684700ccea50c098d6eabbb9497c7485b5c83df7

SHA512
180184d213c4969aa58a4d488d5a6686fc6743b7181e00fd544d22b6011a345fe51f3fe5406bb7b0515408ec541d6a5002b201ebe1c2775d943b7c6fe8f5f90a

Download Submit