705026c8fe866976f10a3929bcf01d6416242a1cbb48604424aa8295cadf2998

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02-10-2024 01:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0843612c010f9f7358387caead2eb8be_JaffaCakes118.html
Size

89KB
MD5

0843612c010f9f7358387caead2eb8be
SHA1

41395449917142a54d4b1898a7269960a69d6872
SHA256

705026c8fe866976f10a3929bcf01d6416242a1cbb48604424aa8295cadf2998
SHA512

602506c403c94f35b3d82905bbbae20f85ffcac7fab763aea888ff1e0c378c50be693820b0bb8de8fde6d1962a26eadcb15c6f1a9b7a35a04f5889b78d328e19
SSDEEP

1536:gQZBCCOdk0IxCfrXX3BsBabDpBRXvIt1b6+3Xk43d/cinVGJhXwK7Pq6lgk3BKzr:gk2C0IxBPd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3220	msedge.exe
3220	msedge.exe
2204	msedge.exe
2204	msedge.exe
4808	identity_helper.exe
4808	identity_helper.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe
2204	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2204 wrote to memory of 3616	2204	msedge.exe	82
PID 2204 wrote to memory of 3616	2204	msedge.exe	82
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 2596	2204	msedge.exe	83
PID 2204 wrote to memory of 3220	2204	msedge.exe	84
PID 2204 wrote to memory of 3220	2204	msedge.exe	84
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85
PID 2204 wrote to memory of 1800	2204	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0843612c010f9f7358387caead2eb8be_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffebc3c46f8,0x7ffebc3c4708,0x7ffebc3c4718
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:2596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
  2⤵
  PID:1800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
  2⤵
  PID:3648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:1136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:920
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5848 /prefetch:8
  2⤵
  PID:4560
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5848 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
  2⤵
  PID:2264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
  2⤵
  PID:2608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,14582468560668778673,3450519101379290062,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5952 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1000

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2656

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:700

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecf7ca53c80b5245e35839009d12f866

SHA1
a7af77cf31d410708ebd35a232a80bddfb0615bb

SHA256
882a513b71b26210ff251769b82b2c5d59a932f96d9ce606ca2fab6530a13687

SHA512
706722bd22ce27d854036b1b16e6a3cdb36284b66edc76238a79c2e11cee7d1307b121c898ad832eb1af73e4f08d991d64dc0bff529896ffb4ebe9b3dc381696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dd2754d1bea40445984d65abee82b21

SHA1
4b6a5658bae9a784a370a115fbb4a12e92bd3390

SHA256
183b8e82a0deaa83d04736553671cedb738adc909f483b3c5f822a0e6be7477d

SHA512
92d44ee372ad33f892b921efa6cabc78e91025e89f05a22830763217826fa98d51d55711f85c8970ac58abf9adc6c85cc40878032cd6d2589ab226cd099f99e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
213KB

MD5
f942900ff0a10f251d338c612c456948

SHA1
4a283d3c8f3dc491e43c430d97c3489ee7a3d320

SHA256
38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6

SHA512
9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
ca6c86418b78f7ced4018f329385ebfe

SHA1
1e7a382b3b8f529ce52a21409a7bb4b2a0df0240

SHA256
c5adfa66c935171d28a75687117bccefd022455cac6647911ae453d2fd8c4f87

SHA512
921d32a952eea3bf055c5fc51323ea0d34530bf861d4b29beeb88c7a169697fdc0b1fde63e15aa167a43022ea2decc5a6ce6ced655a90cc6e6a902d42b4ec56f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
6f19df0947cee0339ae0389b49ce7c0d

SHA1
dd0f09450776f23f711417c13be6106a8b46e79d

SHA256
453ae168d3c96aca288108a6c85c22752babc232b8b44a11a741862c2b41db71

SHA512
3c8ef6be9ffd1f94733d31f0cf9d982443c78771e29655d8cb9e6465bc41eec8bf336637c1030f7860c4f94a94b79c88027b2862d47acfa640966a1bc3145ec8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
dedf5b2788c5d7106762c04e32869570

SHA1
2e9f60d92b716dd1a7e22ce31349bf4ad837faca

SHA256
8cc374871fd7f81e5dada1a2ee9d3dc838c2c4da2b8c0d59941786f3acc54d40

SHA512
b048744c8105891a3493ae1f408a2a9aaf0017910442ba9eb44266f33daafe8c3d55e324f76ec3e3a1c4e7b82455e385fe2c6dfc12c69dc1649886e367260130

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8bc57cb7dbd96f658691afe4cfd401ee

SHA1
f03aeb58801876ea410cb51a643e30780ce6fde7

SHA256
c1f9c9e47f7fcfe3f79ba8397402bd876c7c57ec046de9e216ab5be8cd9bb8b9

SHA512
1e149626ad63e855d54cf60e688579d5a2ffd882d52fe0983a4a730573af43b0e1610db2c73600776a6fee7754fafbf027398e9fd7b954a18a3d9b5bfd6aad52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b2bcac9c5ca4acd4013376bdb595ad38

SHA1
011c0395b3a5c79f09bb4add509a80a30d7cfa41

SHA256
4667109baa30076d190513cf3a6f1c38906f6196e7eb8a6ea5da2cc5f13f39ff

SHA512
130affc8732a459072cbdb6ce05bd63b4d79cb062de49259e2872c81e21183c742413437151d7128f620a6c1c183c896cf087a8cb528e8a205c2e249aabc0ebf

Download Submit