753aa29b7a6e502ced0c428dfffd968fcb35f37804af6cb21c69ccd87696266f

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
04/10/2024, 10:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

12fdd67cc2f9c04e0576828f7947f091_JaffaCakes118.html
Size

80KB
MD5

12fdd67cc2f9c04e0576828f7947f091
SHA1

81c3d7da41b21209392fc9c4b3ea069e0c2b3797
SHA256

753aa29b7a6e502ced0c428dfffd968fcb35f37804af6cb21c69ccd87696266f
SHA512

6aa062546411df085090a322a8d02f4477a8baae4e53e68070e03edf91d837a5dd591cdd578a4558c84fa4f2abbe05a2e712121d7d1a6470193f70aa512b9a04
SSDEEP

1536:wWtcPHHGPgxTYJ/uuVxLk9/6P7pinn8VHd1:wWgHmYxMJ/p7pinn8VHd1

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4620	msedge.exe
4620	msedge.exe
2960	msedge.exe
2960	msedge.exe
2836	identity_helper.exe
2836	identity_helper.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe
2960	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2960 wrote to memory of 1184	2960	msedge.exe	83
PID 2960 wrote to memory of 1184	2960	msedge.exe	83
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 3828	2960	msedge.exe	84
PID 2960 wrote to memory of 4620	2960	msedge.exe	85
PID 2960 wrote to memory of 4620	2960	msedge.exe	85
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86
PID 2960 wrote to memory of 4884	2960	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\12fdd67cc2f9c04e0576828f7947f091_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffba9d046f8,0x7ffba9d04708,0x7ffba9d04718
  2⤵
  PID:1184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:3828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
  2⤵
  PID:4884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
  2⤵
  PID:2796
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5336 /prefetch:8
  2⤵
  PID:1156
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5336 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
  2⤵
  PID:4660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:1000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
  2⤵
  PID:3992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:64
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,14201322002128166491,12286333738717957806,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3100 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2420

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3672

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2104

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9b008261dda31857d68792b46af6dd6d

SHA1
e82dc88e2d1da2df7cb19d79a0346b9bb90d52b3

SHA256
9ac598d4f8170f7e475d84103aead9e3c23d5f2d292741a7f56a17bde8b6f7da

SHA512
78853091403a06beeec4998e2e3a4342111895ffd485f7f7cd367741a4883f7a25864cba00a6c86f27dc0c9ce9d04f08011ecc40c8ae9383d33274739ac39f10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0446fcdd21b016db1f468971fb82a488

SHA1
726b91562bb75f80981f381e3c69d7d832c87c9d

SHA256
62c5dc18b25e758f3508582a7c58bb46b734a774d97fc0e8a20614235caa8222

SHA512
1df7c085042266959f1fe0aedc5f6d40ceba485b54159f51f0c38f17bb250b79ea941b735e1b6faf219f23fe8ab65ac4557f545519d52d5416b89ad0f9047a31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
23KB

MD5
ba16446d3d17a4f4aa3c0880fc626139

SHA1
dc8508bb58c7fd75a075be5b1948f482691d25c0

SHA256
83c4e32b4545e45bd3e673698c9c905a7f9ce02ac5c08642e5ccdf2624c7a35a

SHA512
4f9025d959fe3dfb874baa5765d9b46d8b042b6772a4f79e5d56ba4226b872fbca5eeb60ab93c3c247445e879194cd787de7eeb4cef8654ba0452a8601e05711

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
45KB

MD5
ede70f717200a59b4cb831635de913a1

SHA1
d4d6e893ac192b5df087e924ab3356852f8a7bc0

SHA256
c63fbcc69de230e4844cf735ccf668eeaf30e42126eeb464da39c2de6b0b0051

SHA512
b621bde28b90ba97c122677989d994cb5e88fd0906366af1a23ad3f9d9f3b7f2bbef95873f29100433d4068fbbf7ab798505e68deefc118097fc5f76dfc4b672

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
5eafa452d08ff0252fb90c3465621236

SHA1
c6e8235a6388eebc3c413d99af24ac44115cf559

SHA256
18638f581d6bf98004b2969f8375421523d4089ee1d702e7bdae216784c4208d

SHA512
c89bbc2a85449085bab311fe72d443a11768157207b262cfcb98c3b058612ee9567fad27c02e57d29c9bd5427d0c7c92bea80932d9f414d11151332b0c07e143

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
7a73e93d32c8cf9209f1c8a96b1253b2

SHA1
3b16b1e411b572106567513d58f5043cebceb4f7

SHA256
03f7b3c9f3cfbfaad7541733c696a33a2f69e667d4d865361d9a5ae7a38c5062

SHA512
09efc2acbce36ce090d0a2db7f62894689edbf788fce4c3a717420aa4989f365caac1dc33f3f7f4ae8e2c5a5d0293993c3def54304afa25879175dff81b61a7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
14669f788480a8f328a17f483271d461

SHA1
003d88c8b34cdff648914e6bd283d50b3b0a70e2

SHA256
7aad26a61d629e4e1f315b905616f293da9c470337530e56cd6a8af8a169cbcb

SHA512
2279b391e95c4f1e00edc662b668a8a9444a200ec9c4a18947d47b1c22d6098abe7d8d96b631b985a2de4d8e501987a7d3f558c351b6315679b9ca8f05abc44f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3c0b495791ec0db08f45f7219cb9f34d

SHA1
1ef8b656955756f89997d9ffca965190bb65607f

SHA256
36a6bd9ecf1073598f90d2fc475a7c9f7477086f33e0efc412f62136e321811c

SHA512
67d3330d9f46190e8720a5fe8f19f3d0b69aa15ebdfcbdf302dcb71acae8999f29bc02b67f2f57e7c7b3034a7ead8bbb4178362f3082073c90631cf84457c837

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
39f55904f384cd95cddc0f16209274f9

SHA1
1765a6a7af3af9f2902de83503d0016eefd7b80e

SHA256
540246a103cc5cf29604f3988a23a51733864c5b92ca34b40ecead73d653df79

SHA512
531a77d564491455032a3c804a0967c6ac4e495a2894c7c23360656537479ff44193335267e3e93df8aac5eeb2963101db0b8af98a0e72dcf79e5010a565e554

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
455b5df57afd54725c4f092a0fd5c098

SHA1
69ef4b9b2c821dc23fb8a4030c1594f6eb1499bd

SHA256
b9d3c647fea5c6c3a136042de388cb82ba59decd86c6d825e2cdd7336222638c

SHA512
571d49796f3517f435baf1aa81ce85e67469b6c5cb4d6f2dc0e4ac9964307d5541638b4a3c28aebb9d82408f5c7b1a2117d44acf6f0ddd0fd23cb3ef08ebb1ee

Download Submit