b20c125fb28957d3ccf506e5a700f9ec11d3b195777d5d763c6cb7f8a7f93bc5

Analysis

max time kernel
145s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
03/10/2024, 04:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0de1a18b9b1c08f2dbef56a91cf2804a_JaffaCakes118.html
Size

43KB
MD5

0de1a18b9b1c08f2dbef56a91cf2804a
SHA1

d733262fb953dc2174cfd530b3b55b3a05e02be2
SHA256

b20c125fb28957d3ccf506e5a700f9ec11d3b195777d5d763c6cb7f8a7f93bc5
SHA512

444f4a0d81f428ef985cec43654392177b2442024c2f4bbace72261e44e80b1dc0a3f01599dbea3a5f9368293c1ca263de92c06e31a399114ebda1b4198a024d
SSDEEP

768:Zcd9QZBC7mOdMdFpC5I9nC43+vbTkjH6QPd:gQZBCCOdy0IxCe+vbTlQPd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1652	msedge.exe
1652	msedge.exe
2276	msedge.exe
2276	msedge.exe
1452	identity_helper.exe
1452	identity_helper.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe
1388	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe
2276	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2276 wrote to memory of 1464	2276	msedge.exe	82
PID 2276 wrote to memory of 1464	2276	msedge.exe	82
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1988	2276	msedge.exe	83
PID 2276 wrote to memory of 1652	2276	msedge.exe	84
PID 2276 wrote to memory of 1652	2276	msedge.exe	84
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85
PID 2276 wrote to memory of 432	2276	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0de1a18b9b1c08f2dbef56a91cf2804a_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcc07546f8,0x7ffcc0754708,0x7ffcc0754718
  2⤵
  PID:1464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:1988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8
  2⤵
  PID:432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:3484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
  2⤵
  PID:2820
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6008 /prefetch:8
  2⤵
  PID:3760
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6008 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
  2⤵
  PID:2148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
  2⤵
  PID:2700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6324 /prefetch:1
  2⤵
  PID:1832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,11781281748723586250,2246141313114436392,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1388

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1676

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4600

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
111c361619c017b5d09a13a56938bd54

SHA1
e02b363a8ceb95751623f25025a9299a2c931e07

SHA256
d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc

SHA512
fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
983cbc1f706a155d63496ebc4d66515e

SHA1
223d0071718b80cad9239e58c5e8e64df6e2a2fe

SHA256
cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c

SHA512
d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
213KB

MD5
f942900ff0a10f251d338c612c456948

SHA1
4a283d3c8f3dc491e43c430d97c3489ee7a3d320

SHA256
38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6

SHA512
9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
d5b27f686cb76985a277de278d120f7d

SHA1
641b71402c23ddc68900ad44d974c17433d35147

SHA256
f2a7116475f57249025a93f2269b0d3d0a53f7e541eaddf6921f01b7ed5d2fa3

SHA512
2535d54b39d4531f06f907754928a61f3a79e41cad725f1dcb619c23441f971e95e708cb94e1581ac20c0a19489ab94fc05ff92bcef9786b16196ce66810c340

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
696164932abfcd9d018c911fe7ec60e7

SHA1
199b803207bff3316b14c5deaa09d687601f19ee

SHA256
f36c14efaa6ebd7d7cfba9f38b8481d25f80a4f05fb52d7d15199238e8d6d6dc

SHA512
f6cf27ce91ba89d7e4f1af1b4ee72bc98f31f7e757ea527235e3042f62872703bc1ba3a7717719e8fb8892f8f249a88107c25c9c4a567605176a2018372dc935

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ec4146dba993e3fd865f7680f0891e8a

SHA1
a5c3143e15d7bf5444a13a8e9bfd1e443aa7f8c7

SHA256
e4de43c022f407636d2574c74bb4e15570dacc682a03927277e5c7b0c7300f20

SHA512
07dd828433f705f3d92a1e9f2a58cf007b9a9e24e9c87809a80d98fab7fb6344156b47265d8f4c524113fb36362c830956ff67a1b1771768b5a585b7c89b190d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
19178f040e63294671304dc7239499ac

SHA1
5f13dc0cb7f09bbaa47b945add3e927a09fa0706

SHA256
b0c333df2c7a8880bc42678b6ff2cb9fb5930761438bc3fafad5cb557676c9e7

SHA512
9b78bac379b4330c7d826381040fde7a09f230cc79a25d63e9cdaa092282b20e22f00aed8a2b2d12772e158562d73b9b5ad29f55cf8f94179a86aa722d095a81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
96deef24bef85850769297c3184b4215

SHA1
986fc0f68f8af9ae4b771505dde0483da4bee9f9

SHA256
d392f17aa9e0f048f26b75dcf635a7f01c32a275f56e82ef4f542d0498170bc0

SHA512
722d3baa4e40b260911e0e5bfe513812e7942c26e8d74c6b3e3eb95520565e67f102afd634cc1ceda93b938aeddf8ead84a0de06ffaf4f0cb82406b937337de2

Download Submit