b7b7da9272088efdd5cc9829bacc0f91e82b6a04c76a123d07a6d5eab37e688b

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20250207-en
resource tags

arch:x64arch:x86image:win10v2004-20250207-enlocale:en-usos:windows10-2004-x64system
submitted
11-02-2025 12:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_e67e4992c95656552d3b918eda3cc18d.html
Size

86KB
MD5

e67e4992c95656552d3b918eda3cc18d
SHA1

d951975992ba0a857b6077584f0f02e75ed9f1ef
SHA256

b7b7da9272088efdd5cc9829bacc0f91e82b6a04c76a123d07a6d5eab37e688b
SHA512

1173cee13385492e90a98494074bab665c0a584a62c10c3b396add2f846d92b41f3df9ac0e32e81df4530cfba20dd2f1c736b7eee38acce6957f4f962842ea5b
SSDEEP

1536:CJXAx8mRftlodih6vTNodihTPJluvexRhMCRtMitWycFd:C5AFlodih6vTNodihTPJluDCRtMitWyS

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file 1 IoCs

flow	pid	Process
125	2600	Process not Found

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 1 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
400	MicrosoftEdgeUpdate.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3936	msedge.exe
3936	msedge.exe
2068	msedge.exe
2068	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe
2068	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2068 wrote to memory of 4464	2068	msedge.exe	86
PID 2068 wrote to memory of 4464	2068	msedge.exe	86
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 4856	2068	msedge.exe	87
PID 2068 wrote to memory of 3936	2068	msedge.exe	88
PID 2068 wrote to memory of 3936	2068	msedge.exe	88
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89
PID 2068 wrote to memory of 2644	2068	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_e67e4992c95656552d3b918eda3cc18d.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff4dbc46f8,0x7fff4dbc4708,0x7fff4dbc4718
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,3815314062115798892,6026775781519084080,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:4856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,3815314062115798892,6026775781519084080,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,3815314062115798892,6026775781519084080,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
  2⤵
  PID:2644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3815314062115798892,6026775781519084080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3815314062115798892,6026775781519084080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3815314062115798892,6026775781519084080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1920 /prefetch:1
  2⤵
  PID:2568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3815314062115798892,6026775781519084080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
  2⤵
  PID:708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,3815314062115798892,6026775781519084080,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1296 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4588

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1748

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2676

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuNDMiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuNDMiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NjgxNkEyQkYtRTE4MC00MjFBLTg4NTQtREI2QTE1ODREREMzfSIgdXNlcmlkPSJ7NEVFQUI3MDEtMjA3NC00OEY4LUI1MDktNDc5MTdDNzE2RTFEfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7NEM2MjZDQzItRDVBOC00Qjk2LUE5RTEtNUNBMzkyNzZBMkI3fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjIiIHBoeXNtZW1vcnk9IjQiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0UreGJBejZZNnNVMTI4OWJTNnFsNFZSTGJramZCVUdUTUpzanJIcjQ0aUk9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIzIiBpbnN0YWxsZGF0ZXRpbWU9IjE3Mzg5NDU4NjAiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM4MzQxODIxNjMwOTAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTc5ODYyIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1MzE3NDEwNDg2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
1⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
PID:400

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f27aebac6cf2154266da570473c0bab7

SHA1
088feed439d7d1bf0962a0d7973a00808632d9b1

SHA256
d11ca93fd8845403bb3deeb8333637cde2f52ca868dc78d3e36a3bcd10ae6e40

SHA512
e56f8e3aefbaab4e792cd989f28b9e5ba069c432a98ab039829a278cd930dd550ee2f1e9d3f45307eeb67a56eb7858d1281afdafebcaf6833ba8bf1b3d6b0753

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ff4d54b3aadb5200432594708f095e82

SHA1
c30bc1677a50697ada032b1be526b0df6952daf1

SHA256
f63398b148e870edbfe75f8a7d717a64c87b8a05f35ae577d39d157744bfc78f

SHA512
bcb34a847f9b1c2c4347008a8208def98a07bf55d6c11cf6e0b237df1e5f7f5f3a7a58c3b7d0efb1c99ca8f2fc41c6fe776a8fe205840f9f212bfcde67e3f8d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
cfdb93a25a071aaabb430ccef4be386a

SHA1
05dea63257d5c4ecbe1b8b28aa9b43054a07adfe

SHA256
502b212e6291ec8d77455e7beb3143478c293465520c5938b62b61fd91fafa66

SHA512
dbd40dae6b678120b15a20307bd4036b11afcf0d1fca8bf650226f16192ca9bc1bd23e379f94fd09434d2e7af374eb018ea5e55420d9f0889d616ed97bdb1f94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
947B

MD5
2b2986bce192d1d8f288e3cbb5f41c13

SHA1
9f0c64cdc3e24aa3960da8bf8391ec188502a718

SHA256
5f7a93049fc4219e578bf51560fd5f686eafb6c4391614dd36a8ec7bdd06a8f6

SHA512
7200b3477a77f39fc1fb694f7273717d4a2b9e80ce47a09b62fc9f8b99b788722560561899a42f1828aad4bcda9599c6e5f95dd0ebc5911ddf974a5fdb055122

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
873b47108c940fc043a80fb055880905

SHA1
4d10c550e0171e2857370750c18237b444cfb284

SHA256
7166886f32db7ffaa1a11a032bc35762f18f93304b02b191fda8bb12fc2df8ab

SHA512
92e29a252e1654f724346f2d2830d69af7610f573d6eb00bdae562e9f4d83f7ccc57293e04da0d1df2a98fe4100bbe167f8bbf80aeb19c4aaf853620e6245910

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
2695901edd40e13123541438b5fe01b0

SHA1
da70d724b600a6f4a71d2cd0a03cf4dcf32ea3aa

SHA256
84fd906046efe113eb9e20c7ef0b56b51b0a7bb5697e11c9faf8ff53b9847413

SHA512
fb585285a0e15ea99058b88baf10324bdf9eff67ffe45ef4cdd3558077a99adec6037324631cf7ca85dc2b6e7569573c951dada9d801cf52c0557023d78949aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
167218dba1d9a1d00b00e4e8679d59e3

SHA1
da5569f836924a9dd60df7234df94653e167b4ee

SHA256
8238f5ba01060af3367792cd6cf5974704264de32552bdff319481dc9be729d5

SHA512
4e5dd74c48e45144c7ffb219a0fdc853b2dbbecff48d486994a1439419d3d28ab3b81c87014f18450df88912385313c49603345d045387b2e299cab51e02ff6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
15ea40a0d2f49e8daa458ec9db758024

SHA1
4414f5a7c514f150f0e3945b50b0f12f3c28af96

SHA256
39a0a86145356b97644220c0bdebc16bbb087cd643d2d8d432f3b29842982218

SHA512
23b56cff26dd4f7f7d720ee4eab3826aed1ddb67dc5375d104b0266b2eb16d28d01c6b9553ab04c724861d7fb04e5f6bb41bddbba7ea43cd50b4bc41cc333b57

Download Submit