dab1c6dd65c14c8c890a7a9e6baf3d540864eec70d4c96934c878511f63e0b5a

Analysis

max time kernel
146s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
29-10-2024 02:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7b7c3e5e782e24d942715c9ce407057d_JaffaCakes118.html
Size

110KB
MD5

7b7c3e5e782e24d942715c9ce407057d
SHA1

5205111c661d5dc2a1807d3b391cea5114a41e57
SHA256

dab1c6dd65c14c8c890a7a9e6baf3d540864eec70d4c96934c878511f63e0b5a
SHA512

800304c8fa85e604e98722c9f0886eadf5e4a6d61daeea83927a9955f7cd1b5366e243ac1b9cdb51342dfb5b6cc3181a99a19725a4d48b5f3fb962aab7a0512c
SSDEEP

768:NFNNYGZ0qB8qfKOiC/pl4arCNKfhEvC5U09/MJGt20vhpnehOH0L5oP+okGGNQps:PiOiC/plJWNK5tU5JG00v/VGNQDHpg

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
464	msedge.exe
464	msedge.exe
4008	msedge.exe
4008	msedge.exe
3500	identity_helper.exe
3500	identity_helper.exe
4540	msedge.exe
4540	msedge.exe
4540	msedge.exe
4540	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe
4008	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4008 wrote to memory of 4112	4008	msedge.exe	84
PID 4008 wrote to memory of 4112	4008	msedge.exe	84
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 1176	4008	msedge.exe	85
PID 4008 wrote to memory of 464	4008	msedge.exe	86
PID 4008 wrote to memory of 464	4008	msedge.exe	86
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87
PID 4008 wrote to memory of 2740	4008	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\7b7c3e5e782e24d942715c9ce407057d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffe9e246f8,0x7fffe9e24708,0x7fffe9e24718
  2⤵
  PID:4112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
  2⤵
  PID:1176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2644 /prefetch:8
  2⤵
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:3516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3864 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6000 /prefetch:8
  2⤵
  PID:1952
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6000 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
  2⤵
  PID:3768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:1456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
  2⤵
  PID:212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:4316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,15595913393763932341,16285563790804835377,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4896 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3592

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4348

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7cb450b1315c63b1d5d89d98ba22da5

SHA1
694005cd9e1a4c54e0b83d0598a8a0c089df1556

SHA256
38355fd694faf1223518e40bac1996bdceaf44191214b0a23c4334d5fb07d031

SHA512
df04d4f4b77bae447a940b28aeac345b21b299d8d26e28ecbb3c1c9e9a0e07c551e412d545c7dbb147a92c12bad7ae49ac35af021c34b88e2c6c5f7a0b65f6a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
37f660dd4b6ddf23bc37f5c823d1c33a

SHA1
1c35538aa307a3e09d15519df6ace99674ae428b

SHA256
4e2510a1d5a50a94fe4ce0f74932ab780758a8cbdc6d176a9ce8ab92309f26f8

SHA512
807b8b8dc9109b6f78fc63655450bf12b9a006ff63e8f29ade8899d45fdf4a6c068c5c46a3efbc4232b9e1e35d6494f00ded5cdb3e235c8a25023bfbd823992d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
8d88d1d673026b2ef70f13bee1b4fa8b

SHA1
fa6a487b2f9cb7b2cd6071ff852c90f336bd2b9b

SHA256
fc666f17280fc1db352120d4fcbbddbba2bcf2224fa96ff1867e991023673d9a

SHA512
212be2da91f03b220da6e3d69d5b85349b11ed4c4f757f609a43d41a733abe090ba52ead187731dc101d78a7aefcfeba0afd3161c2cdb766610bfd27ec9c8fae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
98edd2b6c0c4ebf14f4bcb4933af6020

SHA1
3d511b8122cbb4ff283240b63ffa02a123866102

SHA256
22db913ccc8c99a063360dbf715a27551038dc44dc45a1b0c2c72ed189db8af5

SHA512
6bf3d42d4bc9f1ccc1be015a134247ae0aa38924323c3878cfd9dfc84594fe2d8533aad99d2facda56a73b0239930eefea122c109873de43b45c0bae0dc11b3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
81105c23455ed86982ff027685e7123b

SHA1
7ba655852ecc263734694a9437210237b5aa4482

SHA256
fb2d03f7485b8407a040a97268e9cd5adb7042fa536961a2c0fe08fab10ece70

SHA512
bc821f62f177136ca035915673a52383e47e5bcc2ce80e0a28a4982b2bcac7d9081249282768d0e54b782235b2b173733e50e103de7a5e61e232c28a8f956b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2b3199681bd53b68df299506b77c946a

SHA1
44a9980023c8809a81a2543274b43f2340057b70

SHA256
3bb9847cd35d406024847a74b625ee658410de2d66066aff1bd22cfd61379b8b

SHA512
c753416b12902bbd33c8de425465db6bd065dff4753dfadf6b7795b10378ae0fecdc509f2a1576c8f709d86e569a7e919d6b0382348de8fb4602a3ffe25453b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e372234f6fe6f9437f298119f048fa6b

SHA1
b691b6966aa7a53bf96cbdaabc1b919f14b5735f

SHA256
5f1c60f3526fc066a849cd08a3cd72216914ef12e45fe3dcde4c3eb946e3c917

SHA512
b56a4c3de12117871f52dfafbe33d946c71cd4f557a18000dd93a0ee2a967dafcb75950d257de7f94c3d24c0429a27af39d4354bd8d04e950f69ed24ed903409

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e80699ea19ebfa8bd4c8de0808a67678

SHA1
ce6a2f7f9560fc7794cd7d6b81dbb558423f3d10

SHA256
cf9c9d9eade175713aa15d74c5a4617968dfbbc7311925cf6510d541fb63b02c

SHA512
7b17e67cf76ecbd078c9768823a462fe46677189c4ed16cd5a3523f867cf50ee84bad683859b8606e3f0fd3b2f5e09d38df8a79b1533697bcc3c8c46db06f56e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d7b3362435ded96959da8358aec94a55

SHA1
b4b37790158b29162f97bfe86651df103a56db7a

SHA256
2d3cb9e9182de40d63e2260d1186f85d10dd187969afe7863ad6925e07685bcd

SHA512
0b18e1b92cca5f7c978e9117bef021e09a2a4f8b42515ab0017e857cb0d0a86ff6146e87cd38a2f83850526d39791bcaaa56c3c2012210f3d6e771d3fe10679f

Download Submit