b331deb6ba853648c8cd44b9867897b0c3a536d96a2080c142b3c4833f9b00dd

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
01-10-2024 01:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

03df47718390750b19c0198c85845419_JaffaCakes118.html
Size

44KB
MD5

03df47718390750b19c0198c85845419
SHA1

e92d342fb7ad3a59d84442d2a4e808313ba64856
SHA256

b331deb6ba853648c8cd44b9867897b0c3a536d96a2080c142b3c4833f9b00dd
SHA512

70ad2a19fc350ae2417a4c9f25a209b39a2ac68ec2d068c51e3d302d06d8d7d1eb11685ec3807a41cb756279425b43b4a63542ceaf2c07c28040108c96daa45a
SSDEEP

768:NEnHvvCIhhogGHLFtTrFUljTWlJ2Sx7fO:NGHvFhqRLFtXil/Wl0

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4612	msedge.exe
4612	msedge.exe
2988	msedge.exe
2988	msedge.exe
3268	identity_helper.exe
3268	identity_helper.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe
5080	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe
2988	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2988 wrote to memory of 4984	2988	msedge.exe	81
PID 2988 wrote to memory of 4984	2988	msedge.exe	81
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 2476	2988	msedge.exe	82
PID 2988 wrote to memory of 4612	2988	msedge.exe	83
PID 2988 wrote to memory of 4612	2988	msedge.exe	83
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84
PID 2988 wrote to memory of 3584	2988	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\03df47718390750b19c0198c85845419_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffae86e46f8,0x7ffae86e4708,0x7ffae86e4718
  2⤵
  PID:4984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2016 /prefetch:2
  2⤵
  PID:2476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2636 /prefetch:8
  2⤵
  PID:3584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:2732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:3332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
  2⤵
  PID:3216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 /prefetch:8
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
  2⤵
  PID:372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,2105986135154714847,18374469886903637032,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5080

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1092

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3076

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e4f80e7950cbd3bb11257d2000cb885e

SHA1
10ac643904d539042d8f7aa4a312b13ec2106035

SHA256
1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

SHA512
2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2dc1a9f2f3f8c3cfe51bb29b078166c5

SHA1
eaf3c3dad3c8dc6f18dc3e055b415da78b704402

SHA256
dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

SHA512
682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
23KB

MD5
ba16446d3d17a4f4aa3c0880fc626139

SHA1
dc8508bb58c7fd75a075be5b1948f482691d25c0

SHA256
83c4e32b4545e45bd3e673698c9c905a7f9ce02ac5c08642e5ccdf2624c7a35a

SHA512
4f9025d959fe3dfb874baa5765d9b46d8b042b6772a4f79e5d56ba4226b872fbca5eeb60ab93c3c247445e879194cd787de7eeb4cef8654ba0452a8601e05711

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
45KB

MD5
ede70f717200a59b4cb831635de913a1

SHA1
d4d6e893ac192b5df087e924ab3356852f8a7bc0

SHA256
c63fbcc69de230e4844cf735ccf668eeaf30e42126eeb464da39c2de6b0b0051

SHA512
b621bde28b90ba97c122677989d994cb5e88fd0906366af1a23ad3f9d9f3b7f2bbef95873f29100433d4068fbbf7ab798505e68deefc118097fc5f76dfc4b672

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
ad14978864428941203fab0ceade48ed

SHA1
8fb2e7be9e7697b0b54e2c8c382bd080dae391ab

SHA256
c982dfd0813a03c110dd794d40655bb523a1b606d13e1a621d5ce98d1fcdc9b9

SHA512
ac5c6df7391e3b4281bad91c9413477e7e2363e3fbf13636689ea66e4528a73045285a5d08753b6c6eee44d4bbd2b97c468c3cb06d24fc112384379b14b70977

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
ec8854e8b23fce41b8e16278598f310a

SHA1
7234229704b61e1436bcf33b0d760e50994a48fb

SHA256
9709a02fca8f01b2f847726c1d00d783f2b52b4b2aa675f1d2ad6ab98fbb7822

SHA512
bbdf0278fd5fdc6d3382264c2c0c3104f6298ef190ef44ff5cce2cea6f7f1ae780074bbe847aa23b2f72e8d298ffa96fed3fb6d0cfae934c41f0626d7c70aee1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ecb88804f49bd54839243f51f2bdd6e2

SHA1
98e73dc60509ab0f16d482e7cbf36bc1b5d62353

SHA256
e460ac1daa5bf0fa374ccc7aa35ca9861d13122166ea543beceb4be6f19dad05

SHA512
69c2710a9ec6b7b5d0cd8357a0bb3ca76cffde92595be3d3073106a70b37f758c2b91bae3cc81581cefdbd25cc5db933bf94b13a9c8026a0618db2f8a44777aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
47c9ad2e024c2eebb8b1489e49603185

SHA1
d6a33375d63d467b12cedc42c19b7490912364e8

SHA256
3fe781913776287e1634e5ca798cef14c9b02af0a2617952cf297666072ad92f

SHA512
3e90e14b23cbe14c15a99ad6fc8d028dc9ff80bfc369541303bed151c653205c3da64d11e7da2359cca2ee27b70b5876f5ed2944e3f47e3d3e6c1acbe285fdf7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3753daf5db61d11eccc80ca7cb56d8d2

SHA1
89dd6e6847ca7427d7b7fa8eb9cdd9430e08486c

SHA256
a75b7477f2242af2f4bc724dd0b9039a4096033c796dd408a7fa69d276458ae5

SHA512
1efe35cb4087ce91f5e3a5bede530ffc86533bc1caccfef544107aedc1cf6378d91a7b85fef6f0650584d975ba70a809d0c683f91591967edf2ed893fc04a7e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d52970688cc904c886e34749de5ac8c7

SHA1
01e59f90ed1ceae462eb0d88a4c2afc066fcaef4

SHA256
66053888340ea29b8b025f303f3dfb7d01de3f71f59b27b8fa98fd88fbd2b38f

SHA512
089c417f3f8b4334a54864bb023e110d3550895b3aead24d1c894165e770b913021a14e55efe129dc276f5b811a36d14e9db5b8695dc14da6092f8d51e753ed9

Download Submit