d1069b9af277fcc3defc382085e00e7a72e69a9038d3044bc0071a26e070d776

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
18-02-2025 19:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_0146cca244c2fdd6cec87e30231404ad.html
Size

107KB
MD5

0146cca244c2fdd6cec87e30231404ad
SHA1

62e305a2184831da00b5238ce54eea4f74da6453
SHA256

d1069b9af277fcc3defc382085e00e7a72e69a9038d3044bc0071a26e070d776
SHA512

63bd224805f40d7d8b5b5e2415d8f9656795827ca358ffe78cbc2ede7ca6907ded7c22210c641ecfd236bd60b3e637465858089ea0752d5646c8aa3354e0529f
SSDEEP

3072:GQ4DnfStDIoEVyrJlPIvJfn3UlHb7gRvRuMbX6tufKm2uf:GjDnfSeWYf0uf

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3260	msedge.exe
3260	msedge.exe
2680	msedge.exe
2680	msedge.exe
3828	identity_helper.exe
3828	identity_helper.exe
864	msedge.exe
864	msedge.exe
864	msedge.exe
864	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe
2680	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2680 wrote to memory of 3848	2680	msedge.exe	83
PID 2680 wrote to memory of 3848	2680	msedge.exe	83
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 2564	2680	msedge.exe	85
PID 2680 wrote to memory of 3260	2680	msedge.exe	86
PID 2680 wrote to memory of 3260	2680	msedge.exe	86
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87
PID 2680 wrote to memory of 2348	2680	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_0146cca244c2fdd6cec87e30231404ad.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0x10c,0x110,0xd8,0x114,0x7fffc83d46f8,0x7fffc83d4708,0x7fffc83d4718
  2⤵
  PID:3848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2644 /prefetch:8
  2⤵
  PID:2348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:2308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1
  2⤵
  PID:4060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1700 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5488 /prefetch:8
  2⤵
  PID:1944
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5488 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1708 /prefetch:1
  2⤵
  PID:4892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,5770382843517721768,9349678048155397258,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5900 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:864

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3080

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4496

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
010f6dd77f14afcb78185650052a120d

SHA1
76139f0141fa930b6460f3ca6f00671b4627dc98

SHA256
80321891fd7f7c02dd4be4e5be09f8e57d49e076c750f8deb300be8f600de2d7

SHA512
6e6c9e348e948b946cfb97478698423e1272c4417bc8540e5daa64858e28be8fda5baf28538aee849f8bb409c17a51c60e48a3f1793e3a86cb27edeb32aa30a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f09c5037ff47e75546f2997642cac037

SHA1
63d599921be61b598ef4605a837bb8422222bef2

SHA256
ba61197fff5ed487084790b869045ab41830bdf6db815503e8e064dd4e4df662

SHA512
280bff6eac4b2b4fe515696223f61531f6b507c4c863ad9eef5ab0b1d65d264eba74fb7c9314b6920922142b8ab7605792211fca11a9a9ef0fc2ae995bf4f473

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
934B

MD5
bcc2abc65b73712a3046a6b6ec639f6f

SHA1
8f6c2dbfcfe0e4b20c9c9d1171e4e2d77668bda0

SHA256
fca2cd242e6fa88d785a1c3819339f61a6b50da71b100bf05698ff2f344d8b7f

SHA512
fb52248adb1a3f8b815123345cdb60f14a410cc0b9353ead40dd8e4c67e900febc7a07c1b504dafbeb7ca449655a3d1ebc7446d13bc651db7ab27c20cb830a33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
08a29a3e75092fb0c2406fe171661d86

SHA1
5f201397be754e0448814f0fff9bb8879fde3082

SHA256
f5af2a4696d9c97146dbce198247a0172ff6c35914f41334189353e447bbcece

SHA512
f29bcdd8a64c8777b1c2676b4e167bbe2ffabedd7dee55471c3ac340973f1fec2d80ee41012111b09549422ebd8beb2b998aed90035379cf40f432bdb7e999eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5b28217a96b6420c261d572196153dab

SHA1
80ed4180f3e74b1c1cacc383a208d4fe39cc3c3a

SHA256
e35c97aaec1a82629189b4f1e09a139f454052c72b2d947a67ad51da979df152

SHA512
2d55e42d5d3b567de26bc5627273451c44f0e6bf65f9a25a811c09ca1ec8caad9e31473e4c2c09600e89e47e4574bdc93d14f0ad49b403cb3d66916bf0486941

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e3a2970e67f17ebb58d6ab89ff2dea0b

SHA1
d7a618e48c8a329c079f2065e2e046c8292b8c4d

SHA256
d2327b6b9b37142e8f5c032c44206e7697d909a9ba9b90ae8eab33e06d08593b

SHA512
0b94f8b26b9ee002192b82ebab66aa92a01423a29b7c9bb219d8d521e100b60e61794851c9898da3b16693269e9c9f21ca51f1559fa0602d1da5028da8793a52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7277e0b710bad47edcec696254d5fa06

SHA1
53da7f82c0b5e58bef92606ed49c9d955bced9c4

SHA256
474dcbba94b52cf2acf52a0ed0ce9d3511113710532d69211c811c33d659d0ef

SHA512
106d879c263155e63dca90bea1ebfb502f3d98dee90fa0210fb08cdcd7544156c4ee333c48eb973de5ae5c919d39fa65a6ebb541fdcb122a53f7b42d926a1485

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
153742a99ef98c9f2436e0737541d999

SHA1
cd2cbd596036e9beedd77fdd5e20b38ae212ed7d

SHA256
0a7451fd7b4c06172b538e50d602a413132ddea2ed04d995e1157f4f076dfa5e

SHA512
201039b40cbfb71e2ef12e8f8082a204387c89c4b85130d0a5266b269bdee9d864c1c0239ceda668a22f59a7b1751a35abe16587be28896447f51491b9e24db2

Download Submit