bddd2f8dcf495c9d226c3f7b0020777ddb213d619a32e61994d7a7d5901ba40f

Analysis

max time kernel
145s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09-10-2024 04:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2b070406175e8a994152f09c62ba905d_JaffaCakes118.html
Size

57KB
MD5

2b070406175e8a994152f09c62ba905d
SHA1

c07d4a31c976aece72be854136db442a981b2ef3
SHA256

bddd2f8dcf495c9d226c3f7b0020777ddb213d619a32e61994d7a7d5901ba40f
SHA512

fa18ec57fbdd0898c908527ce383476c65f2690830894ede487923310fa912c0b436ddb55a8873c3d2a29047f8082c10bb2ab110e199feed14a898c88c4126fc
SSDEEP

1536:ijEQvK8OPHdFAMo2vgyHJv0owbd6zKD6CDK2RVro70wpDK2RVy:ijnOPHdFm2vgyHJutDK2RVro70wpDK2m

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2916	msedge.exe
2916	msedge.exe
2444	msedge.exe
2444	msedge.exe
436	identity_helper.exe
436	identity_helper.exe
4820	msedge.exe
4820	msedge.exe
4820	msedge.exe
4820	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe
2444	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2444 wrote to memory of 3496	2444	msedge.exe	83
PID 2444 wrote to memory of 3496	2444	msedge.exe	83
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2520	2444	msedge.exe	84
PID 2444 wrote to memory of 2916	2444	msedge.exe	85
PID 2444 wrote to memory of 2916	2444	msedge.exe	85
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86
PID 2444 wrote to memory of 2896	2444	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2b070406175e8a994152f09c62ba905d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffe9e246f8,0x7fffe9e24708,0x7fffe9e24718
  2⤵
  PID:3496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2192 /prefetch:2
  2⤵
  PID:2520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2948 /prefetch:8
  2⤵
  PID:2896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:2876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
  2⤵
  PID:3832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:1768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6192 /prefetch:8
  2⤵
  PID:3564
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6192 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6696 /prefetch:1
  2⤵
  PID:3928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6268 /prefetch:1
  2⤵
  PID:3772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
  2⤵
  PID:624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,3612687883936073680,17225637921306566409,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4820

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4608

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1556

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7cb450b1315c63b1d5d89d98ba22da5

SHA1
694005cd9e1a4c54e0b83d0598a8a0c089df1556

SHA256
38355fd694faf1223518e40bac1996bdceaf44191214b0a23c4334d5fb07d031

SHA512
df04d4f4b77bae447a940b28aeac345b21b299d8d26e28ecbb3c1c9e9a0e07c551e412d545c7dbb147a92c12bad7ae49ac35af021c34b88e2c6c5f7a0b65f6a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
37f660dd4b6ddf23bc37f5c823d1c33a

SHA1
1c35538aa307a3e09d15519df6ace99674ae428b

SHA256
4e2510a1d5a50a94fe4ce0f74932ab780758a8cbdc6d176a9ce8ab92309f26f8

SHA512
807b8b8dc9109b6f78fc63655450bf12b9a006ff63e8f29ade8899d45fdf4a6c068c5c46a3efbc4232b9e1e35d6494f00ded5cdb3e235c8a25023bfbd823992d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
792B

MD5
c023d9a5de416614568a81e15c0ae4e2

SHA1
ebae6462c16dec29b5293327267e7828dffed1e3

SHA256
ea4f5e74cb50ef72a738fee7372cbd8a1c7db21fba894c2ef958a1d825c0c33e

SHA512
3b9bbb327af2d2b34fbe96b0eae5cb3a2ed9f4fa37eeac19c0499fa54036a575bfc4124f27516c61fd407bddc07d54552df92ba6c26b9283671981b8968481be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
1d5bda7ad670990fe93259eaf42fc0e8

SHA1
749ce13774c5a3e843cede0eb27f1cbe0a76bd16

SHA256
eddf1a38536c25ab568d4ba23cdc9ec991494607928629ca2134f2ead42705e0

SHA512
6b72a7a358a16b26e97997d6db3c3eed64d032b575312ac96596db32faf7f17681bb3c6728539161f9927fa3d18a9b5de6aad54f176ee082111dafdfd25036df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
309ac3febbaa0896d4f89e79f9357a35

SHA1
b5865e910f96738c525445032e803669ce06661f

SHA256
96738e9b5a5f3956d9a2c9e49889aec84ec61c722e27cba16e262cd6cc31890f

SHA512
0717a1ef9a9d06a280714d59e14423b693f3180ddc622de91135b53f0b55b62801284ecc213fec61b763ecf40b948809749e338a928d0d8ba1fc3a492d679a54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7c5085b13541efa6ffa598345fe2acae

SHA1
701c38337d86b6ae445863279af32416e2cd4f7c

SHA256
280d23997b0198e20923a2de3f1c37a09e70abb1fb8605507ab000254400ec5b

SHA512
757a3e51d7d104fc1183b58c38b1a341a3b16cf0c126716a9e784d366f4ab133181f6b86489a4715ea7fa7cd587c6b94bb03bb4a4f9e89998286d2d1ecc5fa48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7c1ea9b40c736871ef37b88e4c983e91

SHA1
53ff9b01ea31b40c2685352b05cbaf7adde22b6e

SHA256
7e9f684e72ed0abea6d8e1cba1430aece4d14564e69321e32b9f0fab7850801a

SHA512
0d96d3459d36a3f8aa770cd39303bdd7bc0d89f1a97a4ca39aee85153fc98b803733f923e32c267c949748e7824df2543f5ffdf9dff5c16e61f0a01b840ac8b7

Download Submit