cf6a2ff7d515ec1ac9e51094a9561215485ecb16c663eb41cf4a782673132af9

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
08-01-2025 03:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_8992dc04e8bd145350e2b1afbfb00f9b.html
Size

71KB
MD5

8992dc04e8bd145350e2b1afbfb00f9b
SHA1

d589195fc265f32560d06b85d40c5fa69f5b69f0
SHA256

cf6a2ff7d515ec1ac9e51094a9561215485ecb16c663eb41cf4a782673132af9
SHA512

1609bd9f5797027df5b7b9ace255dd6583d4d6e2760e6cd7b8b70d295d319802ae5812eb811ead490d141717fc14cecfcb1382af11909a57ec3f5e69855dde60
SSDEEP

768:phgKyyfI+tdlPKQt24sNeDSnHaeEousG5RDgmyMfGlZdr92m6:QnyfNdlPcrNe+nHaxoudxgmVfGlZdg

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5032	msedge.exe
5032	msedge.exe
1612	msedge.exe
1612	msedge.exe
3576	identity_helper.exe
3576	identity_helper.exe
1052	msedge.exe
1052	msedge.exe
1052	msedge.exe
1052	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1612 wrote to memory of 4744	1612	msedge.exe	82
PID 1612 wrote to memory of 4744	1612	msedge.exe	82
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 3132	1612	msedge.exe	83
PID 1612 wrote to memory of 5032	1612	msedge.exe	84
PID 1612 wrote to memory of 5032	1612	msedge.exe	84
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85
PID 1612 wrote to memory of 4584	1612	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_8992dc04e8bd145350e2b1afbfb00f9b.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd8ec646f8,0x7ffd8ec64708,0x7ffd8ec64718
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
  2⤵
  PID:4584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:5048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,8966612609819360961,13427194643568945305,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1844 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1052

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2684

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4064

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fab8d8d865e33fe195732aa7dcb91c30

SHA1
2637e832f38acc70af3e511f5eba80fbd7461f2c

SHA256
1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea

SHA512
39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36988ca14952e1848e81a959880ea217

SHA1
a0482ef725657760502c2d1a5abe0bb37aebaadb

SHA256
d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6

SHA512
d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e68f17268530568a6c6077306267f869

SHA1
13e6a4e90af1064eddb3c237e923002fc21ac759

SHA256
03dd96c32524c9fc3c1a2758e9a46abd79a860731d3cee8d34965768d8de4d3c

SHA512
dedb1ececf293e615d28bf0a633d2c4359f11ce2e00cc7796c2ce0fbbf92c9dc24d0b3371d7efd1645c303968c6a29461349630876478b636717e634671413f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
235609a262c207ba4a1a13e0b144e8f1

SHA1
16745638ae5d9e0dc314af32ec97e14852c1423f

SHA256
8892c2cb994915af7ca7ec7282bbdcda45030f7075ece23cac53144be7053f13

SHA512
f0829472bf7e1636fbc4dda06217bc504fe9c296af08c3d9c9acbc5b4272bf233019fd82eb12f4e482e80cf8eea7131e07306c4373d911f10c4708e6e7b8afcd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
8adef7ce3a006184506b29891a5922fe

SHA1
17140d8580844ecbde4db05c2b678731dc433dad

SHA256
15737ddc6f7c00f92758452465b2e126a7a35ae650fd73fbc0efde7f063f7bec

SHA512
5c5e7fbe5d7a2a48bc47f64b6c8b6489e57b9c9c39acee298e13f80e18b814d4151a5de6ba173841d90de915e2f93a2246bb06d672c3b03b2d55cd2279474f89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8776eb611d3808a9dc1a5fea03f946d2

SHA1
3a44060850333e356b878d341dfc1b9b51eae1c2

SHA256
835cd5f5cd85d2955159f4ec7d51208753cc76a6aeb7ac951b2c4909008238bc

SHA512
d90780fb583162a08bfa56023ba74a8751ee86a367a8f781c9baf43bac099ebd4f6c6fa6415706ce9faa8903d54a626c369df585a974a145dbdcde566ef9111d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f130da3db3eca4be7403c391b3761c52

SHA1
149617a4c4999b373b135303809401d5f9e59c91

SHA256
2759f139b207e7627ca854d689f9673f5557d1766f5f31d6a515606a24c95b8b

SHA512
5b0aa45d52e94833f39b0d25849f8ccc17dac67edb4d435f05369f1760a2e7e9e534b4a4f9e34c9c850945dfd0a7aa0e1dd3d0d82c2da1da907e3f9aba87f8a8

Download Submit