32c4a0a12625cb03c7b2172a20b2bc53e844fbcef98279b2e2e4dbed310bc825

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
06-01-2025 14:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_2831232267832be99c60f2f04762d253.html
Size

128KB
MD5

2831232267832be99c60f2f04762d253
SHA1

bd01cce4b5cb697fdded5ee32baae22862b81eef
SHA256

32c4a0a12625cb03c7b2172a20b2bc53e844fbcef98279b2e2e4dbed310bc825
SHA512

cd3aab75b17ecdb277368573beed6061a796f358c2ad37ffd0ea2ea498cc085db3885b36580fe44475ecc90a1b9ff275e716c1ab768bc725b06ed4fcc5e8a7be
SSDEEP

1536:clCogTnEjfK6oJWeR5ZWXCLDDmcDOp6VA:cc9TnsqJFDWXC6c26VA

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1084	msedge.exe
1084	msedge.exe
1680	msedge.exe
1680	msedge.exe
4056	identity_helper.exe
4056	identity_helper.exe
396	msedge.exe
396	msedge.exe
396	msedge.exe
396	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1680 wrote to memory of 3640	1680	msedge.exe	82
PID 1680 wrote to memory of 3640	1680	msedge.exe	82
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 2484	1680	msedge.exe	83
PID 1680 wrote to memory of 1084	1680	msedge.exe	84
PID 1680 wrote to memory of 1084	1680	msedge.exe	84
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85
PID 1680 wrote to memory of 5084	1680	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_2831232267832be99c60f2f04762d253.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbbb3346f8,0x7ffbbb334708,0x7ffbbb334718
  2⤵
  PID:3640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
  2⤵
  PID:2484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:3632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4632 /prefetch:1
  2⤵
  PID:1376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
  2⤵
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5908 /prefetch:8
  2⤵
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5908 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:4300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
  2⤵
  PID:860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,697300869457208076,4014241325863003290,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5176 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:396

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1560

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4448

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fab8d8d865e33fe195732aa7dcb91c30

SHA1
2637e832f38acc70af3e511f5eba80fbd7461f2c

SHA256
1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea

SHA512
39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36988ca14952e1848e81a959880ea217

SHA1
a0482ef725657760502c2d1a5abe0bb37aebaadb

SHA256
d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6

SHA512
d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
dd7d0cecddf9acada1ddde787cabefd1

SHA1
18544920eec0e7b37845d82e53347ff18735cb27

SHA256
74307f02504b61862249b6a2dbda421b79f27184bb1f2409b5681e686b7c7af8

SHA512
180436ffd2099b0d7f33de9c14c1e751dbd370a73e0e429dc4bb6abff3274d172e105327f753eb471a4e2ccfc234bcc03921d6bb9dd35fc58142f627c6645d96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
619B

MD5
286ab7b47d9842ba1b64947802f3c3b4

SHA1
68fdebf061e58028de41e5888ff73ef7f3d7d510

SHA256
473e8e6d065bae10ab35d3dc66cbbbe80c28c06a4248ecfef4c1679bb4a2f8c4

SHA512
252c7277909b3ec018fa7f1a11944479ca1a5ae69d75c12dbfee363882b834c3e710141e9525e1dfb4a157a8a6ceb2c50239e26f3b05842810dc63278a7af163

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3bd8ba4e408a21d54fc8a1903bd8ba53

SHA1
4a1940d6f0d70c6285e1982fe95b057101fca57f

SHA256
1eb5d7b9f29e0099a79d498be8922ab155614f8734214bc8cb15e88c04972be2

SHA512
e13d566919aacd1e2d0fa7c7252f17ba63ffb23a5053524619edf5edbc1dd65bc685f1554b181b510ba84841c1c7f9d0a516a955aac7f6738d62b697f17c3fc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e375dc07b784f0f37a0e5cf7857ff327

SHA1
c3155a8c6332f57bfe92c5055a7468964881e743

SHA256
404fa263be501785a723bd218cc64414e427e2b273d92e87f7cc404448338ea7

SHA512
8bc503a8daffd5b1ba8f31049b58e894680e53065bf7e5264d01754e14365fd4da259b6e8d461dea926af6ec100c9643e9717b3dd6f729d8b1fb7fdbfcd2e32d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
053ece6d3d19f57a6a5791d4128c23e5

SHA1
35dd5440b47cc970ef0d3d007cf5e0e3dcffd51f

SHA256
4fdfe48f0286accba067c38d99391733e1fd1c834e90afc455f1e5e97cd6c903

SHA512
dae0e8caf6d0a498352196e32766c1f004b05162db4bc473952fd880a547942291f7bd1332363c078fba4d4fc7e1e34b8b84046e550996bc8e942c5ee23ba660

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cb069597efcc2dfcde8e5f84f1e89cb9

SHA1
101903f31a995d876bc7724c810654806027cf31

SHA256
2293b0deeb3940acc6836b546d5b3d35c3ade8f9c031663a9cdb54ce563b9dd9

SHA512
aa5c55189f7b3f1fd4a8f8084dc3b2aba384ed0d4b930098901c94847d2fd768b5c274de915df4bd6c4062543a8215e014adf83ef8ef38b0c8ed0288aa18de38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7144443301629b872015956a11a91df6

SHA1
8db7b3b900947ed04ad1d60ccfd52b71777e7b6f

SHA256
876889fa85201036cb8afc0c5459e67828e33977e9eb26c7f435086bb52b8f5d

SHA512
f4903c7171745a2a317c54eff0d0abf3b9a277271f42281f85540ba5189d31dcc8e644fff2b8d120cce8b1e94c8e2adfe6a06fbbd28322e804e0373e5aad0a63

Download Submit