ac4f309438548cc4a02d6ac773383a3837ee1c1af53a541521c93673d262c5ec

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
31-10-2024 08:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

826b4fc07df722a0a801aec33f09c303_JaffaCakes118.html
Size

26KB
MD5

826b4fc07df722a0a801aec33f09c303
SHA1

461bc21687799c125a033dca86cb24a6cd79d27e
SHA256

ac4f309438548cc4a02d6ac773383a3837ee1c1af53a541521c93673d262c5ec
SHA512

5a380dd0f2035ba96a67b8c816e93a4619e6b95a981eb60fac246714cdbfc2ac964c69d42b5f6ef5f49fbd782d9d5dc2409b527baf17e26ed64a0caf8f9ec88a
SSDEEP

384:4+QfPFd9QZBC7mOdMI6BKfpC5IgSnbmFe7AcmH6NqkJvAgo0i3A0Pd:Zcd9QZBC7mOdMInpC5I9nC4DIP0i3PPd

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2008	msedge.exe
2008	msedge.exe
1692	msedge.exe
1692	msedge.exe
2704	identity_helper.exe
2704	identity_helper.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe
1692	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1692 wrote to memory of 2152	1692	msedge.exe	85
PID 1692 wrote to memory of 2152	1692	msedge.exe	85
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 1084	1692	msedge.exe	86
PID 1692 wrote to memory of 2008	1692	msedge.exe	87
PID 1692 wrote to memory of 2008	1692	msedge.exe	87
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88
PID 1692 wrote to memory of 1380	1692	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\826b4fc07df722a0a801aec33f09c303_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9189546f8,0x7ff918954708,0x7ff918954718
  2⤵
  PID:2152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
  2⤵
  PID:1084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
  2⤵
  PID:1380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
  2⤵
  PID:1112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4128 /prefetch:1
  2⤵
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6220 /prefetch:8
  2⤵
  PID:2756
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6220 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
  2⤵
  PID:2748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
  2⤵
  PID:368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,11068140129468290227,849779679547828932,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4548

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3024

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bffcefacce25cd03f3d5c9446ddb903d

SHA1
8923f84aa86db316d2f5c122fe3874bbe26f3bab

SHA256
23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405

SHA512
761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d22073dea53e79d9b824f27ac5e9813e

SHA1
6d8a7281241248431a1571e6ddc55798b01fa961

SHA256
86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6

SHA512
97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
215KB

MD5
e579aca9a74ae76669750d8879e16bf3

SHA1
0b8f462b46ec2b2dbaa728bea79d611411bae752

SHA256
6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf

SHA512
df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
468d9ed378c2aebbbac0738781c89e6d

SHA1
27299bdb33beab01f2e7579d7aa23bbce155df9f

SHA256
8b91855104265990c03d55f2d9617a9d2fd0b95cb5edcbcef6b1138d5fd7f176

SHA512
e9fa6d4b1c13e2500a3b9c9b11a32b56d2de26af2e1efd365744d3d383f1396fe5e28c1c745474839ea59bbaeb77f469d68cabe6366e87eea00ba4b2248c02b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
264448a2a3cb10be0b9cc4265a870daa

SHA1
62fab5e5cc0ccdc6eef97d63f28fec333451da1b

SHA256
67c68df8054839587182672f22796b1b1de800c8c952755960084eacba135249

SHA512
415a5276a83f0b4657850f860a695aab6614b6156abf53932f8186647baa7c49f46b4b8e678e8de303c85e392b81697a5330be79f3cad0a9bea423bd6ccc8401

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4629bfd566bf0899fd4789b77a0697da

SHA1
5d320cc5eb7c1f712373dcb695e504abe8b5707f

SHA256
cb4a39cc284067de53ee2e7796b9d39f23e405855e425191d4b603d5647dcef8

SHA512
f350ff334d199510626d27bc64f22f95744c9912df2a04e15d8bd98dda512aecfee53f7e9bde2e71515a15f0e09648a8cc0c28e869b62b387eb5c15cd603debe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3d0262df19de5c374b8c3c97258b7d88

SHA1
f3c4ea9e4c4dc80b5355e04ad8356de691b01466

SHA256
a5d2acc77e89f866a868a056488c90344d28975d0258c9993b6a3e414d658bc5

SHA512
0603e756b529dba3fa6c90b753251a8f76fe3ad2666c042a523255e352086ec2103692b8040e344ce7459d8b3b14041c07813789251ca14d10dd90e9eae3f9ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
09d270da53bceba3155cfec7a6c54cf7

SHA1
48ddc46eb856f122caec8659e35e5adc4828c72a

SHA256
310d685bc5b20122b342b2b795bb3ce0e76b994466d444084fa38dee3e83123a

SHA512
cacf1ec692232aad523beb7b2b30986c658de5b2807b6095173fc870fcc443ee9199d41e2e69667169f31fe3e806d3953d483d46c8f500a2edbf10cfe1fd14cb

Download Submit