a4155673c900e7fdce5476f3e729f24bc6a30c5f914c7f44e686f6fb1a4d6382

Analysis

max time kernel
145s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
04/11/2024, 04:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8f2b47e39dc448937230c2357b659925_JaffaCakes118.html
Size

36KB
MD5

8f2b47e39dc448937230c2357b659925
SHA1

73f84c116d96521870f188db196808a4bc1750b5
SHA256

a4155673c900e7fdce5476f3e729f24bc6a30c5f914c7f44e686f6fb1a4d6382
SHA512

7a6db65f2756b28fbb3cd773ba2e1515e06a19917b715f59a273d929842c6871fcea2e2acd9d032211a50f960792d23f557c6123b469ca922735d04eb94088c3
SSDEEP

384:SE7+6DxVkAYqaq+GOW2QZhX68SloGhDm6PR4z/VLqBawoKoQcCFx0Jg9dkc:SE7JSAYqUnLaGhS6Py/UBzR70Jg9dkc

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3428	msedge.exe
3428	msedge.exe
1572	msedge.exe
1572	msedge.exe
4372	identity_helper.exe
4372	identity_helper.exe
5804	msedge.exe
5804	msedge.exe
5804	msedge.exe
5804	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe
1572	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1572 wrote to memory of 4180	1572	msedge.exe	84
PID 1572 wrote to memory of 4180	1572	msedge.exe	84
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 4308	1572	msedge.exe	85
PID 1572 wrote to memory of 3428	1572	msedge.exe	86
PID 1572 wrote to memory of 3428	1572	msedge.exe	86
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87
PID 1572 wrote to memory of 1324	1572	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\8f2b47e39dc448937230c2357b659925_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xfc,0xd8,0x7ff83b1346f8,0x7ff83b134708,0x7ff83b134718
  2⤵
  PID:4180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
  2⤵
  PID:1324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:4808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1
  2⤵
  PID:3020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
  2⤵
  PID:4388
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7108 /prefetch:8
  2⤵
  PID:1260
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7108 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
  2⤵
  PID:2556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
  2⤵
  PID:1132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
  2⤵
  PID:5144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
  2⤵
  PID:5152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,3338852927360575298,3454465164457450648,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3120 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5804

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:628

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2636

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6960857d16aadfa79d36df8ebbf0e423

SHA1
e1db43bd478274366621a8c6497e270d46c6ed4f

SHA256
f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

SHA512
6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f426165d1e5f7df1b7a3758c306cd4ae

SHA1
59ef728fbbb5c4197600f61daec48556fec651c1

SHA256
b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

SHA512
8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
b80fd05ad23d11b1dae6135431e5a4cc

SHA1
63ac2dbd93c94002e740116fba5d11ac0a73e177

SHA256
77c43a3713f32dee298ddeebe11df5a2f9dafddac3fa10a906d4da566f293ed6

SHA512
3a8d37527aa74a23f968c98d2d14627cabb15de57525848f90922ed9a6cf2394688a0e6549e8609e2c28f1ffef2ed18f46783b3db019b67153d0928eeb355faa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
c4a300dccaf49ee18349f6dbdc45c09e

SHA1
cc15cb813e02f7da1d3b4b2b2759b04ef4563e9b

SHA256
5ef46036548572875c02ec01410196fd5bc5c325caaf96e0993be341e64d44d0

SHA512
f2148d8614be36fc198c22f216ed0053bc86471020fecb8da31853ca09a76a5f2822388213b489eef299efbb8e8280a9937d5bec79d9a5217add2df7d6693a9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e5b266a528aae9b86bb40466f489c6bb

SHA1
692a2df963b5363280a79007262a8d9f7833558d

SHA256
747aeb399dbb5a4bf0615697c24d47cac94179336792c2c569f91cfb660db432

SHA512
0f1bdc70c6276528f564ca5af8158d7bb89b72418538d8c9c7d9efcd11731e81564f3f586b1a3df7b847547a89463169be41ef6fc3cb95de47e04685241e13a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b0b2ac7fb6e7755de9ef305a4db16588

SHA1
e74ebe6ded688d6f2b8d76f1a939791342334768

SHA256
6f6600c1ac4ea10741c4ca1f8ac4b69241466af7ca293c5e4d59dfeab1dcf584

SHA512
8ef5ce5f97b7667512a997b0081a871b797e242e0b804385cbfe5c98ca77805b79184a1f219ad146340bef52848cab23eb4b374e6821f71d2f9ae457a7b175f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b8f04bdab54b0a29952a03eedf157e9d

SHA1
b2ff80b1cceba40a402957eee2e9774fbdcab139

SHA256
cd72693251cf6c2ad6ff012b6aad29a6ee7a0186617d0a922f1edc2bf9c43747

SHA512
0206c2b4797b44f61c9c2960dc0c1c2346890a80b34c16017c7917a09cd09e4757150fd6494544ebd202a88a5cbde4c8d89b7dd12d0187bb32a77ad3876617f7

Download Submit