6665a66534e4577565689d1777588152c23ef71b63294999a97daa7c07644a3e

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20250207-en
resource tags

arch:x64arch:x86image:win10v2004-20250207-enlocale:en-usos:windows10-2004-x64system
submitted
10-02-2025 00:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_d54c2a34efde5ea0bf5a8651ef9534c8.html
Size

127KB
MD5

d54c2a34efde5ea0bf5a8651ef9534c8
SHA1

1041c19cc1c23f3f59af474f4da7a5e9476d6a39
SHA256

6665a66534e4577565689d1777588152c23ef71b63294999a97daa7c07644a3e
SHA512

61069d220a4746429156cd9a7a20112e68ff2c1c14811034121b4599aa01447994afe878cdfc29b195a9e6b3941da148b3915e1696baddfe55240286c81b72ae
SSDEEP

3072:Cwmlodbh+vq2odbhZtTYMFKdQVXNtfwajW94L+TKHQydC6tMzKc+d:CIFYMsdQVXDfwajW94L+TKHQyHF

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file 1 IoCs

flow	pid	Process
101	3496	Process not Found

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 1 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
5088	MicrosoftEdgeUpdate.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
2352	msedge.exe
2352	msedge.exe
1272	msedge.exe
1272	msedge.exe
4308	msedge.exe
4308	msedge.exe
4308	msedge.exe
4308	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe
1272	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1272 wrote to memory of 3708	1272	msedge.exe	86
PID 1272 wrote to memory of 3708	1272	msedge.exe	86
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 1092	1272	msedge.exe	87
PID 1272 wrote to memory of 2352	1272	msedge.exe	88
PID 1272 wrote to memory of 2352	1272	msedge.exe	88
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89
PID 1272 wrote to memory of 3348	1272	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_d54c2a34efde5ea0bf5a8651ef9534c8.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc00a146f8,0x7ffc00a14708,0x7ffc00a14718
  2⤵
  PID:3708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13870166292789706202,12443178069931909890,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:1092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,13870166292789706202,12443178069931909890,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,13870166292789706202,12443178069931909890,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2612 /prefetch:8
  2⤵
  PID:3348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13870166292789706202,12443178069931909890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13870166292789706202,12443178069931909890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13870166292789706202,12443178069931909890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3708 /prefetch:1
  2⤵
  PID:4320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13870166292789706202,12443178069931909890,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3932 /prefetch:1
  2⤵
  PID:5108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13870166292789706202,12443178069931909890,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1008 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4308

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2548

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4712

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuNDMiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuNDMiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7ODA2QTBCMjAtMUFBRi00NUIyLUIyRTctN0IxM0NEMzA1RkUzfSIgdXNlcmlkPSJ7MERFQkVEQjgtODZBRC00M0E0LTg5RDYtMkFGRTc4MzQyNjIzfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7N0JDOURBNDYtRTAyNS00MEEzLUI1RkQtQUEyNDNCOTlBQkJBfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjIiIHBoeXNtZW1vcnk9IjQiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0UreGJBejZZNnNVMTI4OWJTNnFsNFZSTGJramZCVUdUTUpzanJIcjQ0aUk9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIyIiBpbnN0YWxsZGF0ZXRpbWU9IjE3Mzg5NDQ5MjgiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM4MzQxNzQzMjM4OTAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTc5ODYyIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0ODE3MDg0MzkxIi8-PC9hcHA-PC9yZXF1ZXN0Pg
1⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
PID:5088

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2ead70a280cd4aec1e24cfe04df29829

SHA1
ef230ea7095f9b22df171356ea4ffdb68b1f8b43

SHA256
d766ab618981d2070b1265b32f402563c88ca5e68bdd2e5e164323f5520af020

SHA512
4ae4894a40d4608cd9e62262c575e07b2cfe48a3d0a984580e8c9ce5e2085719f6c167dc0e5edbc087b7ccfc894ccfa8dc3a847da8faa7007a4cd252be32be85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9bafb0d3a1696932066ae7d4a377d44e

SHA1
b806888e572d4ffb5d03b0cefb13ab1542b3be17

SHA256
9102ad8bdd9057acdf96f81aee73f00296194718730f2cb6b95cfbea9447ea66

SHA512
dd3bea301dd70c6ddf4bb43d51f39cb2da48359f24e449db21c97b73a818885a68a3f7aa7a9568443b819746d78986d25f6e1da4d4832f11fee63842d5f5c0ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
d25621fd0842e4a005482ba3ca30c157

SHA1
c2d2074f29cff6a8c5ce7dfaf358a490ecddde4d

SHA256
5b3d9c278c2952243e9acf69d6fc1707c0f0db94ed261c46e0ff4ff19d0f1ec2

SHA512
bd20955d78224f1404273167234934acfd759a87ebe6882f02fe722535dab0ce1c72f7be89a7e05c26aae8caad9ed7ad7ca93f9736ed372ed548af8ef0ea6c22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
94cb74bae87d230269979b924ec8c180

SHA1
e5a413bae7cd81604952d47f6db18a5c21aed7a7

SHA256
ed663a76ed9ceb184ce226d9e43345c1a3cc258c8d6e646ff492e3b89c5b641e

SHA512
5d208f8eae3eb5ceb6f1fa50b00c716eedcab8fd4912f9635dae1713e16b19b7efe5f881e1d460a908a5391cd4358427add5d3f9f04fcc859430b2beddbb354b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
efc9d30951c35e201b9c1eeb7dd0717e

SHA1
d308473b528bf645e07985d118ce5af94c98d821

SHA256
5d1f2fc3fa629816ba8eb19a9df4c7b41c8e8e7b73a989001922e93eed02498a

SHA512
f7c4f8fd1d2d546709ab0a32cafb0421a360c7626674167f6debc074cc05d3e603a9dee74b13c9070717de96b048177fe4773cbadcf3400e201ec8847a96a27e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0a288eac0588f37e812b9fc23689d89f

SHA1
7ff5336c8c3678b6465d58822e4174a3402ccce8

SHA256
3435f2e24bc5e9c62cc663490e77ba08740190828f61e754380c7e8706142eed

SHA512
d1b3bc78480d5f28e7e7838b45ce383e8336557f5810b00f6fb4ffd8b14dd412f181b4cb0efdf2cf8541a577794aa0e0a474060741039755acbb407444622f1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7b0e5e9482a144a8cda9f0e79ffbdbdd

SHA1
92fb4e8cab7ca9d77ba9fc73b888c0b4d8aaa52f

SHA256
285b9d39163ad8df7b9b127898e6b4a904da27417cb79a9fc5da64aee044fde7

SHA512
db6e1d6197a45d9ed1497e3e2aff01a330d34e798b556cd8438ec4b9170e7e85941e995934d4a9fc5c714539aa61518009a20ad28ced9b1397d6f45fe80a4c4a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
65824564273a25d8b83daea564e94770

SHA1
33f2f58f63c45a789497f3e33184d4101d6c7fb2

SHA256
0ae6adcbbbd52ab0faac757252767d72a6d19b33b5c3d43a2bf9e874dc903e16

SHA512
b798a892ba4b9fef9906f5784f437e10c9a94237d301a128a18767a6a3f11065f6d7491dacab929c121e1eaeb74e5212435ab9b33f0d6a695ac8fed056f05ee3

Download Submit