6b32c95a60c834aea8e788e0a376d00571ced70f4ed76944f32492a242c9f90c

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02-10-2024 01:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0848acdcd84794c177b66003e002000b_JaffaCakes118.html
Size

32KB
MD5

0848acdcd84794c177b66003e002000b
SHA1

3888d937e88b660dafb7b691de685b4824cdcd32
SHA256

6b32c95a60c834aea8e788e0a376d00571ced70f4ed76944f32492a242c9f90c
SHA512

a256507f359ecd94af4ec7892ca2fcae023cea28ba32d9912f5e7f67080fba9a0aabce36b4b358c18817ee9d0c0a3edb16dbc7abd0c90776415559cc09541d5b
SSDEEP

384:RtsWqDi0VuZZuDXRU3OahaOkIIf+6zlKR8axuSGlzj1ph5hjiL/DSFP92ki0LuZo:jzF02AmOahaZ+8aALlXL7ZiL/DSb00Eo

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3304	msedge.exe
3304	msedge.exe
3688	msedge.exe
3688	msedge.exe
3556	identity_helper.exe
3556	identity_helper.exe
4184	msedge.exe
4184	msedge.exe
4184	msedge.exe
4184	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe
3688	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3688 wrote to memory of 1492	3688	msedge.exe	82
PID 3688 wrote to memory of 1492	3688	msedge.exe	82
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 4712	3688	msedge.exe	83
PID 3688 wrote to memory of 3304	3688	msedge.exe	84
PID 3688 wrote to memory of 3304	3688	msedge.exe	84
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85
PID 3688 wrote to memory of 3732	3688	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0848acdcd84794c177b66003e002000b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff882f246f8,0x7ff882f24708,0x7ff882f24718
  2⤵
  PID:1492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
  2⤵
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
  2⤵
  PID:3732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:3948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
  2⤵
  PID:2816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 /prefetch:8
  2⤵
  PID:2620
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
  2⤵
  PID:3280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1
  2⤵
  PID:896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:2932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,16369590390743450121,12135426940997221005,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2736 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4184

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1432

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4520

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:788

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7114a6cd851f9bf56cf771c37d664a2

SHA1
769c5d04fd83e583f15ab1ef659de8f883ecab8a

SHA256
d2c75c7d68c474d4b8847b4ba6cfd09fe90717f46dd398c86483d825a66e977e

SHA512
33bdae2305ae98e7c0de576de5a6600bd70a425e7b891d745cba9de992036df1b3d1df9572edb0f89f320e50962d06532dae9491985b6b57fd37d5f46f7a2ff8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
719923124ee00fb57378e0ebcbe894f7

SHA1
cc356a7d27b8b27dc33f21bd4990f286ee13a9f9

SHA256
aa22ab845fa08c786bd3366ec39f733d5be80e9ac933ed115ff048ff30090808

SHA512
a207b6646500d0d504cf70ee10f57948e58dab7f214ad2e7c4af0e7ca23ce1d37c8c745873137e6c55bdcf0f527031a66d9cc54805a0eac3678be6dd497a5bbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
5ac368c4540cd9f69b09c711c89eabe8

SHA1
bbb03de52f0378ef42d51b3dcd564cbdc1328085

SHA256
53c4a62950f849a4bcd12091d7da80c91e3600ddabb6affaeae4277a8279d7af

SHA512
a9640a2afa6706978da938bb5492f70a87d60ebd8d7372ac98100383113764aee481de32915bfcd9ae7f3c58313bc8ce2b1b411bc6b3dc12bd51902c13a9788c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e6556de03d1651e34e04034205c8bcb0

SHA1
f51964e884c7516985a2a91ade48227ada05dd7b

SHA256
6a37b4c93a3378c57ac0723e5be02f029ef6e18c9f6e462fe877aec9c374c433

SHA512
dae97d6c5eded05ac4fefaf09bc2b271bc0c521963c98712435b206a5a9e7e9a421ee29185c42fe4547a2238a49b127dafcf93e2ccf0da8f0343f1e0dddeede7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
42d1f724ad5c7576da8b450d7fa4935a

SHA1
8ecf6387849aa1b164aba78dd7a657d26e95f5bb

SHA256
3433675cbad01b9bc6424ad1e5704b0c93404fe7cf499fbd9d7dfa210054a89c

SHA512
1dade5aac8f8a8e20e4bb52f20a10ae3d488173d53f1ba84b359209b38a0b0ad7698acc050dcd7e5f85bbb27d5469b9e30281ce0096fb80b2819bb125f252ab0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
704bd3f11e2cda02fd671d6369056a00

SHA1
610b388d069c0e7d169b2a19b218a27d042d0449

SHA256
8b2264f63db422c73f85c76827c2c055c6be20bbe1bfd868c589c531ed058d46

SHA512
bf5a8ad3199a9eb899ee69d7917cbc63077de060fd00d42da309f09f77c327184e2421650edc2129966cfb6f9c9445f45db94f2e3530d09da03d65f4cf235d9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
beb2edbbb2f4677c681cc47f97aa2a42

SHA1
e272a9daa975ecf42f6a316fe0fe0921e24f07b1

SHA256
404744180bcb86d11ce04621314cc501236568927346c4c6af878475dc4de40e

SHA512
cb17b25e8a2c6662c28cb569c5b3656b2386bceeafb488541aa6648733d87c2250f48716a017e2cfafa951d2b999a5c95c40e95f65032c0cbf7db99521368936

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7d942fd364255d219de43173f832c481

SHA1
59746cf74ff83dd3e53b5746dfbfd84e23754a1e

SHA256
f45d0e5eb7fa82b7e0c1eb43647f7c6f2e1c32e05eaa602557167db42ddf34e0

SHA512
72dee7d9b1f7cd6050c6ef33bb66b3746e99807dbe782e78e2ba9b9cd2db63fdfd4643be7388c333913d15f3b208a5624c687ceea4f82e66dabb5399b6eeeaff

Download Submit