6fc674d4bd8f65f3730ea3f2afeaca75b3eb64d1048b0e3bf523fba0e3bc6aa2

Analysis

max time kernel
145s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
20-01-2025 09:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_e26859d140e027ce54826f7def1b7c7b.html
Size

93KB
MD5

e26859d140e027ce54826f7def1b7c7b
SHA1

d7b66abb6bbe8a914cc4fd3add3ccba816358f3f
SHA256

6fc674d4bd8f65f3730ea3f2afeaca75b3eb64d1048b0e3bf523fba0e3bc6aa2
SHA512

47d8447d8ab6c598a8026d4ce360f3c86673766f2f49a87b5c6c169c7e585f4c06a0a646f69b3376fa8bc2c0cce3edfb416d19639ebd7c2d3ad63a68eb099929
SSDEEP

1536:gQZBCCOdDBiyzE0IxCMyXFwkNIrsVRcv08Lj+hovQPeHOu6OneVs0MPRZsNo3pKs:gk2NBiyzE0IxdyXFwkNIrsVRcv08Lj+c

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4128	msedge.exe
4128	msedge.exe
4780	msedge.exe
4780	msedge.exe
320	identity_helper.exe
320	identity_helper.exe
3472	msedge.exe
3472	msedge.exe
3472	msedge.exe
3472	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe
4780	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4780 wrote to memory of 1780	4780	msedge.exe	82
PID 4780 wrote to memory of 1780	4780	msedge.exe	82
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 2060	4780	msedge.exe	83
PID 4780 wrote to memory of 4128	4780	msedge.exe	84
PID 4780 wrote to memory of 4128	4780	msedge.exe	84
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85
PID 4780 wrote to memory of 376	4780	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_e26859d140e027ce54826f7def1b7c7b.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff874cb46f8,0x7ff874cb4708,0x7ff874cb4718
  2⤵
  PID:1780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2208 /prefetch:2
  2⤵
  PID:2060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2340 /prefetch:8
  2⤵
  PID:376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4256 /prefetch:1
  2⤵
  PID:2748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1
  2⤵
  PID:1060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
  2⤵
  PID:4660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
  2⤵
  PID:1596
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 /prefetch:8
  2⤵
  PID:316
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6208 /prefetch:1
  2⤵
  PID:4980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
  2⤵
  PID:708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,17890178514466509221,470695486628073168,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3176 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3472

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2960

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3884

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b8880802fc2bb880a7a869faa01315b0

SHA1
51d1a3fa2c272f094515675d82150bfce08ee8d3

SHA256
467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812

SHA512
e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ba6ef346187b40694d493da98d5da979

SHA1
643c15bec043f8673943885199bb06cd1652ee37

SHA256
d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73

SHA512
2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
215KB

MD5
d474ec7f8d58a66420b6daa0893a4874

SHA1
4314642571493ba983748556d0e76ec6704da211

SHA256
553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69

SHA512
344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
ae885526666bdd592a7fc291a036f69c

SHA1
9aea5f12527b023d601cefba23ae3bb29c25151c

SHA256
42df61ac6a260de46597fda6ec13edc19836c089a57f39e9196de02507128a1d

SHA512
a794f9465a54e37ddd71a9b1547e2a0a5f4396b69c64389fc1b1fff12596ccef1d2fdd4d689e80b5ace8e7d8758dea12c73d12a34fc11bbf416ba0b355f7d777

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
3e2822d7a2bead362b80ca04f21157b4

SHA1
b9327562d22c1fde04889660ed14cddb9e1393bf

SHA256
845eb9cca1457e2245fe207b49ac5ce640453140319874424311175c7a866aae

SHA512
569fa5bf4993e5f8d77132d98c2662b3aed42825acbae820f64addd16b6d89918bc6b57499f6fc6797c758c29911241fa2cabe66ca6b1ea7033453580cbeae28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a8250bc2ac5f3b52538dcc1c93d99629

SHA1
7c5211ff424db605337998788764c583a8673550

SHA256
dc6a75ec3f4683bbd4f9a631eb5a59236093738a1c4431b9aa1b2a997eb860b1

SHA512
a2ea563646ef083fdc0a8ca57419a1d36300ffc6cfa9a1257501c09b048eb057ef0fa134be8d21718e6c6bbe5aab19bd105e8f5891644620ed2dbcdbd66fa470

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
071ababc0b3a8ab785ad63e068e99573

SHA1
1f0f667ba1ac15f902ec918646433b22845d4ebc

SHA256
51a28c1b8a15a8aa630a41b1f3c576025fda46939f90a8aab9ee01c5fc1ea6d8

SHA512
6c989ba313be4e85e9446c80813f4c28531ee838a8f0b5ed4500acada04bea012dfebb146c2f1b37dd58f7d7dcc72e74d8b55facebcffcf59e697a85510607c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ad617c974cef8ad64ba99a77859b8025

SHA1
0230f55e54f81d389a0199ee8e06f544809648fd

SHA256
e9e0c20d524eee89e6e6db8378d94518e7de4f9d52ab86cfed2a288d19cd724f

SHA512
a3f0f4ad70f5b71b2a5e67f73609af941059f591c4d11dee459cacac80d77176d633528ce2297db41d66a8326dc653b10d160cf54f7dbf1b73a2bdbd57a62e64

Download Submit