hxxp://rum3[.]trendscoopr[.]info

Analysis

max time kernel
146s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20230824-en
resource tags

arch:x64arch:x86image:win10v2004-20230824-enlocale:en-usos:windows10-2004-x64system
submitted
24/08/2023, 20:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://rum3.trendscoopr.info

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4680	msedge.exe
4680	msedge.exe
1152	msedge.exe
1152	msedge.exe
4540	identity_helper.exe
4540	identity_helper.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe
3944	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe
1152	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1152 wrote to memory of 2480	1152	msedge.exe	82
PID 1152 wrote to memory of 2480	1152	msedge.exe	82
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 2068	1152	msedge.exe	86
PID 1152 wrote to memory of 4680	1152	msedge.exe	84
PID 1152 wrote to memory of 4680	1152	msedge.exe	84
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85
PID 1152 wrote to memory of 4736	1152	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://rum3.trendscoopr.info
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9887146f8,0x7ff988714708,0x7ff988714718
  2⤵
  PID:2480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2732 /prefetch:8
  2⤵
  PID:4736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2
  2⤵
  PID:2068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3372 /prefetch:8
  2⤵
  PID:3876
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3372 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:3752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:2724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
  2⤵
  PID:1476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
  2⤵
  PID:3504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:2136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2224,1314907319474220262,4097401053996850979,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4632 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3944

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:660

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3590c7788f1f36717cbd298007259a6f

SHA1
9e9a602016435a1d642e18a54d8d6589f938a5bb

SHA256
09a08de2fcd19e304c3b8f6e04f5e4da257a3f18759827be4e9c6af862412174

SHA512
07df3ee7e2d4a313c996c6b8451450556a75e5ac8e4d10595f255164fdd25d6bc596ad579d90f6496c78a15a3c6fc349d748dd7c5f4b2b51d330c52577e2988a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
c7935b10a7cf0057aa62c4880a1b1c29

SHA1
e86c0f8c46a7ead172d75778b1f2acaf73e003b1

SHA256
db68070b4a2f78222fd222b092a20caf8e7d2f3ea7dbbd347c599fa8de445d43

SHA512
4b8089d6cd8603a5624961380ab54887f41fee268dc379fc82ebf06f21acba64af935e9ecfda73c093b6562ed9e77b19b0ba21c291dca1063e4b5111465d1d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
790B

MD5
8fa8504a299daa8e3f39eb606808e0c5

SHA1
67e2a1cbeed9e9d228a72112fd199d5f6f4f6465

SHA256
ff134f1b9147c534388f82c2ea5f2e14696066d70aadc54a5fe0b2fdae1ec485

SHA512
bb0ce00016c7aa06e0b36527ea0ea6cdd54008be6b4edcb016660bdac00ff0262a16b4ebc353c4e243b88f833242b1f891f6c1f371aa99220ff413433d048955

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
173cfa823304bc45aba3de21168bd772

SHA1
753f7181ed6151857d1d56ea7d77f1a76fd01693

SHA256
8b1270dead8c0d863217c85f848a9d197e5584a252777d2e4709e317123790c9

SHA512
867f05ab264845c377f7178bfd26db13372b8aa7eb006942aa4c5d26eb6126276234c562e4b440ec4e3aff828617cbe4de1de7f94ffe75cd36fae7254fe84fc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9b15a2c49405bdcfa56731f52d6f098f

SHA1
2635d8ef6417e623b3ef23c360af7120df68146d

SHA256
357b39c43cfc4184547776db2b151b396e6f9dc8cb96e90f7f358ecc8b9c823b

SHA512
add6c007c1c162b312364cebfffa4d3e863d4bb555d4f4a4e60bfe112b3f6ed24d3da5eeef4526a0182d651ab42dced58c49c206b96cfacd3926ec7d90188bcd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
36f34668fef114dc4abe2374f82e5441

SHA1
004e539c0f95c8351d58eb5dfe041d3850ec1f34

SHA256
d242075ee0b2a6ccd5bd8a5a7033612ed22737154fefff787e50fc7b72cbf9ac

SHA512
1fc1e10d26af9654c7d12cc5a8c19a4ad6862fab4fe57c266057b545d6e0235553e80f282474256f3f8c1677aaccc6bb497eb040036a87bef506a32788066687

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
a128973ca2ca245299ef7e60156b4ef8

SHA1
d39a437204591bbff98d673e6d1c4f869683ebcc

SHA256
5c6e1f3c7213460c24dc670521adbe32ec76df5e3facc0a7b92a3fa9e340b302

SHA512
bbbdbe2fae61c2a27b4aadfbda2efae2675156dcea6edb8b45fbe83f397f8a1f50d694d8bcd1f53939a277722baf102f3f80caffadfcf0ca80d7408d77d8c490

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
cf3f0212f0d5774bdb5bc69b6ae5ec6b

SHA1
d53b7c2a531124a13900dd9cf11a3809b5d83ba3

SHA256
9b24b561616e56a7df9d3fdc412c02fae1a4fc36742a5b892572795e62093640

SHA512
d07868b5865c77bd68ce2dc58a49896bf11d3926967a8ae180e1e20ec31d8634bc73fc94ee91c2dd8debfb0d9f2a0e8e4418092d7cf32785fdd5ed17f085be0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1498de2df3da5868ed03dfb790be5f14

SHA1
66bef723f45941c2d5b2e110d9e92891427b45c7

SHA256
7fca6949fab46e775502d494a832c7da6fc48224176e48d3f02d5d3f98dc95f7

SHA512
a986e3b6535b698fe2069002631bc43d6dd423a0bcdaa47407bda0d4cfd1adf5974bceb73b48fe63106d3c5e4d6a9b1dfc32b24bc45ecda82b61a9be8ce2898c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c0d5a5a681969ea2915825f6f3a6b071

SHA1
e7dd0bd736ca157e87bad642c6e8497c277bb4af

SHA256
2b1b144785677c3811fa899f434b73ce1ce66c3028e47d1f6b4123d7a0f6571e

SHA512
c593697a6a43ee9b89a71bd9950fa5a6df72b7e2a2c48b17047c46bcc38f17896f3b18418fc7665b0fc1bb50deab4e4ba80051499d2ed2f2f71ca15ef65cf61a

Download Submit