d4f1cbebaf9ac4350eff736c7d7d85d145e12c37ee091378b1b4a059e86ebe63

Analysis

max time kernel
147s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
08/10/2024, 20:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

253fc2d02da0357a3b30e985a0e6062b_JaffaCakes118.html
Size

220KB
MD5

253fc2d02da0357a3b30e985a0e6062b
SHA1

b80758795ccb5fb2961bb2d2e51c8939b70e75c8
SHA256

d4f1cbebaf9ac4350eff736c7d7d85d145e12c37ee091378b1b4a059e86ebe63
SHA512

96516e9b766c99f44053656736d1ba6d7089eaf1b4724dc0cb9a1fdb37547d47d55a323787417047844b465efce022e53cf5834d133190ef2352fab2d8bbf1f4
SSDEEP

3072:KXy3IQzzuQ7IS8sS/jSlvO4ebDoRCXr9+Uo4kDjX7hHDS43s4wxFR0TTTTTp2hif:0O6DoRCXr9aDR

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4636	msedge.exe
4636	msedge.exe
2244	msedge.exe
2244	msedge.exe
2968	identity_helper.exe
2968	identity_helper.exe
4496	msedge.exe
4496	msedge.exe
4496	msedge.exe
4496	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe
2244	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2244 wrote to memory of 2176	2244	msedge.exe	83
PID 2244 wrote to memory of 2176	2244	msedge.exe	83
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 3180	2244	msedge.exe	84
PID 2244 wrote to memory of 4636	2244	msedge.exe	85
PID 2244 wrote to memory of 4636	2244	msedge.exe	85
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86
PID 2244 wrote to memory of 2196	2244	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\253fc2d02da0357a3b30e985a0e6062b_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe76ef46f8,0x7ffe76ef4708,0x7ffe76ef4718
  2⤵
  PID:2176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
  2⤵
  PID:2196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:2888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
  2⤵
  PID:3192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4472 /prefetch:1
  2⤵
  PID:1812
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4460 /prefetch:8
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4460 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4404 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:4148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:4496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2452 /prefetch:1
  2⤵
  PID:3472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:4316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,15766170030515537635,13738677245748723122,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5484 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4496

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3104

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2260

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7cb450b1315c63b1d5d89d98ba22da5

SHA1
694005cd9e1a4c54e0b83d0598a8a0c089df1556

SHA256
38355fd694faf1223518e40bac1996bdceaf44191214b0a23c4334d5fb07d031

SHA512
df04d4f4b77bae447a940b28aeac345b21b299d8d26e28ecbb3c1c9e9a0e07c551e412d545c7dbb147a92c12bad7ae49ac35af021c34b88e2c6c5f7a0b65f6a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
37f660dd4b6ddf23bc37f5c823d1c33a

SHA1
1c35538aa307a3e09d15519df6ace99674ae428b

SHA256
4e2510a1d5a50a94fe4ce0f74932ab780758a8cbdc6d176a9ce8ab92309f26f8

SHA512
807b8b8dc9109b6f78fc63655450bf12b9a006ff63e8f29ade8899d45fdf4a6c068c5c46a3efbc4232b9e1e35d6494f00ded5cdb3e235c8a25023bfbd823992d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\003042e1-f1fd-406e-a0cc-c3d930b9446a.tmp

Filesize
6KB

MD5
5dd2233992c9d1509773357a2ba4d34a

SHA1
800c3b6eb5e27379a3c2ddf31a8869ee01b3a702

SHA256
c1844dbbd73f420a4f41f271f96d772d5dccae7c967cf1290840e13b4e710537

SHA512
e8d96ea9497ae611005d855bad7c7b01e5c68e2a0889a27fc5524b2f3a9cb84573a8177fa14d5d0b252f0b6fa6edaa72d8e72b7e2af943a1047c147b21b5ba3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
304B

MD5
54235256826e25b68b2f2f88111e2461

SHA1
2deb58fd72f0befe78a55eab271d389e00a76b84

SHA256
9a907cc1620468270ce5815403b2916481ed69195e3cb83ac0a7787b91138b59

SHA512
15c45e76ec43aca267ec9b19e85adcc135ed723f918f2565e6ac95b7a0c444294ff05355869a29415776f79a5d56310b2221a4e8c4c8411173c325f3b44eebbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4c8c70b1a0de23284991f562892309f7

SHA1
cf6405e2b87e3d042c0c6d414f7a17b213e4b08f

SHA256
c0344139e2951f04030a80931d497877ea11d708b1b65cce9c1f15916b90c2be

SHA512
e97f077bb93637dfea7ee4f5da7fafb38fad8497c0d4a81aa555b68e1c355924c7d8401b383df209c8d26c359bce145755d9a3cfcab0db1160ee2f61fced4f1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
223ac19be74a0c71f1a8ee283a377060

SHA1
904c1c94b346776215ebd3029302022a73125577

SHA256
d84631ca6936908d3b880ca817cf29a611a06302989d818fe7cd96cd84370775

SHA512
571c076377b5c1245b208b9f245ef1854d40003511ae0b2eacee437a2a331829ad63b5fdb38ae2752aed3ca34a38070ffc4b1615d5aa3734b4fe8cd385e272b8

Download Submit