749b0edb4ed10681982f96df8de038e51f558e4b9c75c1de7c7b2fc5eaf4efa3

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
08/10/2024, 21:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

25c6ad35862f69478ea8dade1df3e138_JaffaCakes118.html
Size

39KB
MD5

25c6ad35862f69478ea8dade1df3e138
SHA1

7badb26ce10e8a36991497a900fb44003b333b88
SHA256

749b0edb4ed10681982f96df8de038e51f558e4b9c75c1de7c7b2fc5eaf4efa3
SHA512

5ae4d59729c9b2194a90df86b73295b83c49a379d4ebd4b413c802fc1a1fe15669e3deaabcd5118dae806655083fa87498059d2c2bef757758671ca3c7a31f54
SSDEEP

768:Zcd9QZBC7mOdMAlpC5I9nC4Z5RlHw4wBwown4dnPd:gQZBCCOdx0IxCc5RlHw4wBwow4dnPd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3236	msedge.exe
3236	msedge.exe
3276	msedge.exe
3276	msedge.exe
3872	identity_helper.exe
3872	identity_helper.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe
3276	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3276 wrote to memory of 3424	3276	msedge.exe	83
PID 3276 wrote to memory of 3424	3276	msedge.exe	83
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3336	3276	msedge.exe	84
PID 3276 wrote to memory of 3236	3276	msedge.exe	85
PID 3276 wrote to memory of 3236	3276	msedge.exe	85
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86
PID 3276 wrote to memory of 4868	3276	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\25c6ad35862f69478ea8dade1df3e138_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d06b46f8,0x7ff9d06b4708,0x7ff9d06b4718
  2⤵
  PID:3424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2572 /prefetch:8
  2⤵
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:2632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
  2⤵
  PID:2936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:876
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6340 /prefetch:8
  2⤵
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6340 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
  2⤵
  PID:1380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
  2⤵
  PID:212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,11410182314573090065,11777072123055865045,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5604 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1344

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2076

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
85ba073d7015b6ce7da19235a275f6da

SHA1
a23c8c2125e45a0788bac14423ae1f3eab92cf00

SHA256
5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617

SHA512
eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7de1bbdc1f9cf1a58ae1de4951ce8cb9

SHA1
010da169e15457c25bd80ef02d76a940c1210301

SHA256
6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e

SHA512
e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
213KB

MD5
f942900ff0a10f251d338c612c456948

SHA1
4a283d3c8f3dc491e43c430d97c3489ee7a3d320

SHA256
38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6

SHA512
9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
985e810bad7c83860ad917d52d01f25e

SHA1
447fd2e0ee7da23bc8335edb283a83f66838deee

SHA256
8dcb656203ec252db8153b33b8cd1555efa7ebb727f19a53921827ba033acb2e

SHA512
3ad1682bd270d9edebb476ab9587c658a3ebfdff10756541a8e5c91c571c5be36f6dd46d358729b1f4c2d868dc3494f49d157b335c7632691f3a3d4a3b0077c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
b38108f1b37ca0f5bf4e45052ba3bff1

SHA1
d8de813e9fe859523790e94d658827e0d9372a32

SHA256
093631e946ab662f76b3b5c5460022e0b585d341ddcafda40f7c78022972db73

SHA512
d480631beb431c6ffaa0ccf9eb3f2b850c0ffce46e7d38f0e2b213fba415fed5623e70aa71db943d30858c88ff75b54a205be8a94c85fcda5265204ca64239ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6c160ed69ec74e14e51211a6b108ef39

SHA1
3e623642e6667ff7b16a8727801ad34b9f557a2f

SHA256
725cec7cb939273561705c2eae2bbf2af674c4ed20670fef8fe3f4534b1446a2

SHA512
9315d68e90cfa471dc8dacfa1960a65c3da8ccbf1d6045384eb1ea7f7e5ac4d6c037fe5d534cc3bcb92cea8e70144a1f1fd3140acb9592486137ebb3a30c8082

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e87c9828022efa4b784314687ca3c135

SHA1
ba85b06c46329b0df593fb355c108f4cb6b3291c

SHA256
b93b058b1bfbd07dc721f94250e3c0510a4f38fce96364df66e5efaa8ecd0eb7

SHA512
c286e4bd576ca01b25918d21323443bcefa3218937ede919fd57d5072b08acb193d413b735316d256b028babcb4b2f99a5de63c2137d7e355439e54ea0f48b70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a58790a60bf08499f618039e08db0c93

SHA1
319767e6497494e97389d35e023dcb4f2a3cacd6

SHA256
f6c77897b19f43857d932e6cf269cfe13535dbbb44a074c3812fd67351536599

SHA512
3b9fefd9016bfbf04c1c4702517259d621ac3a818d77197313710ba5807533e28059ea7def989a94d522a31b6f632a4eaf2303d825f141736046d291d37c973e

Download Submit