e505a7412c9d88fb2078fe8ad80af58e3cb3466d2d732e74ff93327b2fbecead

Analysis

max time kernel
145s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
13-10-2024 06:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e57bd4be53e1511d8dd9be65323cfdf_JaffaCakes118.html
Size

19KB
MD5

3e57bd4be53e1511d8dd9be65323cfdf
SHA1

cdc212b44a66a9e9199f79d3325a9f31cdb0be14
SHA256

e505a7412c9d88fb2078fe8ad80af58e3cb3466d2d732e74ff93327b2fbecead
SHA512

477c867e86f3b14f19dbf6ea77cabc3438f7b91c7949d39320c3792a237a61bacef1a1747ceb1094097158800d9f2f2595e723969787c0a5c6e8964dbb5d24c5
SSDEEP

384:sd4/uKMfcx6Ul/l2FDkP7X4A+Qn2Z3Sln5eWSRz:uIBMfcxRpl2FDsT4A+QnAK51Sx

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3940	msedge.exe
3940	msedge.exe
1116	msedge.exe
1116	msedge.exe
3556	identity_helper.exe
3556	identity_helper.exe
3904	msedge.exe
3904	msedge.exe
3904	msedge.exe
3904	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe
1116	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1116 wrote to memory of 1036	1116	msedge.exe	83
PID 1116 wrote to memory of 1036	1116	msedge.exe	83
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 1324	1116	msedge.exe	85
PID 1116 wrote to memory of 3940	1116	msedge.exe	86
PID 1116 wrote to memory of 3940	1116	msedge.exe	86
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87
PID 1116 wrote to memory of 2120	1116	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3e57bd4be53e1511d8dd9be65323cfdf_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb78b346f8,0x7ffb78b34708,0x7ffb78b34718
  2⤵
  PID:1036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
  2⤵
  PID:1324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2808 /prefetch:8
  2⤵
  PID:2120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 /prefetch:8
  2⤵
  PID:4852
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
  2⤵
  PID:3688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4076 /prefetch:1
  2⤵
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,17089700624256077718,4413568621575633321,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1280 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3904

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2900

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3008

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4448

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dc058ebc0f8181946a312f0be99ed79c

SHA1
0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

SHA256
378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

SHA512
36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a0486d6f8406d852dd805b66ff467692

SHA1
77ba1f63142e86b21c951b808f4bc5d8ed89b571

SHA256
c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

SHA512
065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0ae1a78b-7861-490f-9574-691c5b691b1d.tmp

Filesize
1KB

MD5
437dc7c0fb335bfbd8c6026befb745b4

SHA1
246aa9142a4d31cfac44c4141ccac91ef31c3064

SHA256
e9e5f2a74c8e64a2db9842d8c750a7b89e2d767355f01cee9309d79f8914f545

SHA512
0c80ca0ff916eac44105c42d90bba813acf6906d5b090a9b4b8dbd9c6fcbe3af98ea3fff357e1f580d2a049604c8c15f8fbe5bb9292257d2ad2f7fd00ef303c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
d9b387dc6a9b716f30b98f3f33c89518

SHA1
f0c92bbe215aaa7cd77566f3341c40b3b433cc97

SHA256
4aa830eb0d51b260dd886ea61ccff3c476e4bab6fdb6e34a06a05969420db5a5

SHA512
c21f3b3d5ec53f7a3f9d2dd6f113f518bb16e33ff00bbf8b9e7297f265d7dbfe46d42a44cc9547b54618231cfe99a866a5cc7c314cdc97948b6f5a391b995d44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
f31bdfbaa6b3afc150677f3841ccb30c

SHA1
9c17312b4561c16b57184ec1f85fbc9e8cb79e4b

SHA256
f085f7315c148cc832e7f16a1ed69b2e5279852629195b61731546910f50f81d

SHA512
8ce92e1ee57955aa0fb2f30395cd537217af981a48d4b4b3faccafe18bdbfb0b485eb99657ca79b0249f1d4c2c26feb22eb99ba7b66b389f6e6258a49f08ef4b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b421ef1918ced34a8ac5fd66af496c86

SHA1
617c7b7e4714cee434ca1e19dd3ab90d4edd02f2

SHA256
c1f8e125d19a1fd076401ca13195f47791379eeb715c790d08d58c1f6fdf654a

SHA512
c3301ef30937faca328e04886a8e058a036a3e0b187098171bfd29b2a2eaa4b7fe92ab6410fbc16f2b3a498f5fe1582fbe0e8726b86c98a0f67e4a4b4f9a844a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d2d55bd62752e050e184d2e93ed563b7

SHA1
3437140ffad0ebf2a94689228aaf7e50f0fb0907

SHA256
0b246b25993a82b5781253326c30dd7aae643807b0ad2a9d3aa3881c8647a42e

SHA512
ece6ab610842c91dc679447a2ed6d97bbe2a3807cc1b41c051a69b74208fc4bb3093223eefe50cfdcb88db347d2c08d5baaee5d831681d35cb851307121a537f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
79be7754e8e5760b820a8c230b31c2f6

SHA1
707cc24afea65d27e29b18400d850f3b6c8de4f0

SHA256
58a4cace5fab0dcfd378f0255b78655d9ef24a14d3cd8dff87001d33c9f6f7a3

SHA512
ba072f71cbb4280031d000465276cffe89aea43e8c38987dd66aacfaaf918d1466337d16e9827905ae77c3dbaa909aa3bc03af018056cfe79296d6da9dab5106

Download Submit