9d713e113a754fb5888706fe93c99ecf38adbc262e928c542ec3b53cb6642b7f

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
08/10/2024, 22:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

26be65fb07ac7dbf5a582ac34a007745_JaffaCakes118.html
Size

57KB
MD5

26be65fb07ac7dbf5a582ac34a007745
SHA1

371a0cb6e093b75450c3d0c936f04cf9af69a486
SHA256

9d713e113a754fb5888706fe93c99ecf38adbc262e928c542ec3b53cb6642b7f
SHA512

91b05c0c2d3198fc3a5aacc1f0647ecf89b0beceaa90baf440e1ab0580a783f106e51385775e3c1662d9e6366f2c33ee3ef8c88b4e798465aa464170c36e2ebb
SSDEEP

1536:ijEQvK8OPHdsg3o2vgyHJv0owbd6zKD6CDK2RVro7cwpDK2RVy:ijnOPHdsr2vgyHJutDK2RVro7cwpDK2m

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1224	msedge.exe
1224	msedge.exe
2704	msedge.exe
2704	msedge.exe
3324	identity_helper.exe
3324	identity_helper.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe
2704	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2704 wrote to memory of 4876	2704	msedge.exe	85
PID 2704 wrote to memory of 4876	2704	msedge.exe	85
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1552	2704	msedge.exe	86
PID 2704 wrote to memory of 1224	2704	msedge.exe	87
PID 2704 wrote to memory of 1224	2704	msedge.exe	87
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88
PID 2704 wrote to memory of 2824	2704	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\26be65fb07ac7dbf5a582ac34a007745_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff3ac246f8,0x7fff3ac24708,0x7fff3ac24718
  2⤵
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8
  2⤵
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:2264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:3140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3680 /prefetch:1
  2⤵
  PID:3924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4112 /prefetch:1
  2⤵
  PID:1748
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5756 /prefetch:8
  2⤵
  PID:748
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5756 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
  2⤵
  PID:4332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,6104021021672437907,482341172991735720,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6164 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3212

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2076

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1316

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bffcefacce25cd03f3d5c9446ddb903d

SHA1
8923f84aa86db316d2f5c122fe3874bbe26f3bab

SHA256
23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405

SHA512
761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d22073dea53e79d9b824f27ac5e9813e

SHA1
6d8a7281241248431a1571e6ddc55798b01fa961

SHA256
86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6

SHA512
97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
792B

MD5
f129c2158d981a88379f0d23ce265783

SHA1
06a635d3531b990da6605115d4cf0d5004671a77

SHA256
521c101b9fb8579a90e77f00e1e5d8a4abb7f054d32f4bd3e1d2d6cdfd9a005e

SHA512
422cde30e8869f6ac046f5bdf463aef0543b28b8a7a86f79c11976a3cda9ce630952a1d1e51facb4978eca625d179c816aa04120138c5f811ec4830e2e7d9d9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
ea806ac463f29d8f2b073e8e543399a9

SHA1
436433ef31a70a2e0f657238afe2dfe561968430

SHA256
aba4a266b777d9ca815c109baf57af4c5fcd2bb4ed7609e6ad8117341ed145aa

SHA512
4f7fd68942e2f1dbe37311dc25ca3ec7c9c334737bba06789b95e309279604cc0599161fcece4e00d0817d79e205356caf30b18678ff52cac0e2401bf1b60995

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d76d78764ca0349e4d6027882cff5a55

SHA1
32a49d319062a2ad3c3b24500fcf01d2e0256ad4

SHA256
12e1660d3863a0618a1eccde2fa5f8eec6339af3dd611e658de84a116d014a15

SHA512
f2e7b245fe7c5ce0f6e58c9d1a68331dd48d15b7ba775e583d8d6c4355739b7ca21d319b5b933bdd7799f03c27a4c02ae9ce87f534b50a70622cfbe2e4e62a8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1919f453f8b76455cc90e64457ad6d8b

SHA1
2cfb2daee255424f256e4baa46f67f4d68821fa9

SHA256
e7be5af17fb6e42a92d556e86c05467dbd286134c1f8f2f7660b5ba662e62c98

SHA512
b4b84b56d76213489eac2e8f72db7480cc5cfa79a0b33c8749493642c5ac937360322cd52498257ed17e0fb8dbfa0691ad0e8f46285a4f80703b59c3c54961bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
441c16f0d1b359de88d3de5927855bab

SHA1
b9e8a227d14cbaf167426f9b0e6fc8af46ebdb6a

SHA256
17441f4e1323ea1e71168a1eecb8501b4e4cfd42910c4bd56dfe55ecb807d3f8

SHA512
c0a3525c1924af8ce65eb3a650448d452625cc27cd195395e2be761d2c55f123cc6c116867ccd21e0a843f04e1d920323014753dee7d463e68c79edda6c418ee

Download Submit