6170301b4824f26460d342e2865b4c60442f3bced2ab12f9928f10ce340cdcd9

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
07-10-2024 12:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1d83d178982b9f23d6d8307bdd558673_JaffaCakes118.html
Size

36KB
MD5

1d83d178982b9f23d6d8307bdd558673
SHA1

301e1ae189f29277386348ca269f119bafe4cde4
SHA256

6170301b4824f26460d342e2865b4c60442f3bced2ab12f9928f10ce340cdcd9
SHA512

05af6df2ed0236cf4be2152e208e3b5704b28d4cd4296cb6c49442fcdb76fc51d4e103e14b69368f43574386d57e10e45b01e795cdf3d523df51afff9938f15a
SSDEEP

384:SwYP+LDxVk0Yq7OW2QZhigKnwSthDm6P9yNt/VL4BawoKoQcCFx0J49dkc:Sw+MS0YqupthS6PC/qBzR70J49dkc

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
408	msedge.exe
408	msedge.exe
2756	msedge.exe
2756	msedge.exe
1516	identity_helper.exe
1516	identity_helper.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe
1308	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe
2756	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2756 wrote to memory of 1396	2756	msedge.exe	81
PID 2756 wrote to memory of 1396	2756	msedge.exe	81
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 3308	2756	msedge.exe	82
PID 2756 wrote to memory of 408	2756	msedge.exe	83
PID 2756 wrote to memory of 408	2756	msedge.exe	83
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84
PID 2756 wrote to memory of 2408	2756	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\1d83d178982b9f23d6d8307bdd558673_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xe0,0x108,0x7ffa3ee546f8,0x7ffa3ee54708,0x7ffa3ee54718
  2⤵
  PID:1396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2268 /prefetch:2
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2740 /prefetch:8
  2⤵
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:1492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:3040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
  2⤵
  PID:2520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
  2⤵
  PID:4360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6332 /prefetch:8
  2⤵
  PID:1972
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6332 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:2700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:2512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:4752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,9361977628634847699,7167301981095763451,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4076 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1308

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3056

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1212

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b8880802fc2bb880a7a869faa01315b0

SHA1
51d1a3fa2c272f094515675d82150bfce08ee8d3

SHA256
467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812

SHA512
e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ba6ef346187b40694d493da98d5da979

SHA1
643c15bec043f8673943885199bb06cd1652ee37

SHA256
d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73

SHA512
2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
02afdaf8df638acee14cf24574bfad5c

SHA1
6d17d1e3fea514d6bf91953afe0ff7a98d8d3112

SHA256
cac3119b2180039f17e7f7969d932b7aaa0161f56b21edcdac13b5b99b328ae2

SHA512
1a1f56987a6d9e646617468987f2ca3170d25b62f655a024e26c2db7d6f57725f766b1e04a17030f6f0c245f144c50684934f7531ca3207deb8af3effb4e7308

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5e418bf744113cf2d9a6a623ae85a28a

SHA1
98595aaacfcbe93d70659136f6e2cd0042ab1ceb

SHA256
632e62f17af35ad99c91f916fc025a915f5c70aeb07672d002a68d8646d3b2d1

SHA512
770eaa51c3380722faa210aa393901f7d45ac110cabbb4f64617b27bcddde8c2068b4a170d4816287cd75f6075a4f07e9eefdee081ddcb3c50f5dee96eb437b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a72f6d6d5d0865bab31ed233c8c46b89

SHA1
dae6cee933d14ff77256198770d5eb16d5414e3b

SHA256
d2a82932a86e00f13ce48d985c3a33ddaec9e84098201d5993b375af4cd4ace2

SHA512
ffa549b85ee3416a1ff800ae2d1c71919256f8e30dabedbdfbb3af8f9b702cdb3a128f45ffd9caa8b957ae3ae854a5e40c974b7c63b2a9f96a565c276a64caf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
73083f2e96476c365e1ab8c1e9ae3a35

SHA1
584137ef99b6ecc24555825cab0f4f9edfd9a6c3

SHA256
479a3182c80a509e573421feafaa0350ceb2ae3048fa9db2d988d7e834322a9a

SHA512
79594fa1d8863b7a187658831e6ad8bc90137f241545d165a129d0004982fa146beefb0ee8cbe4946b989707dabe677bf07653e6bb07f2e9148f83cf23d64049

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
da497317a9489f94db08b54b89af65be

SHA1
2d404bdae2523bfd5c51c211efce8b3faad9da1e

SHA256
98d1459592500413f89dadbc1abb8c1ac1beec869464929984fe5911990d0ec0

SHA512
fdb96d271948f6b634b0b449500b3e7afe8645f5e57dbbe4e24231e2f0308619ebe58816e79e84835f8467f4177ca19ebaa3207b247e1db2f3d734a500ebead1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
e3be38d44d152bc71b70a9c31734fccb

SHA1
aa7f2983cfeecc703b0fc66e14322e08e1bcb4d7

SHA256
36d8f7c3321c773d1ba6a546b57f4d0ce8813b8c050bacfa35eb2e879d111a28

SHA512
966425d425e94eae82c091413e175e264aaa153603aab5a160b2b4e2bba9696ef24f18b5dbc1703319bdeb0c2be0cb4b529244f9e36dfab770890257e4df314a

Download Submit