hxxps://website-standalone-product[.]uat-us[.]hashdex[.]io/defi-bitcoin-futures-etf

Analysis

max time kernel
146s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230824-en
resource tags

arch:x64arch:x86image:win10v2004-20230824-enlocale:en-usos:windows10-2004-x64system
submitted
31/08/2023, 16:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://website-standalone-product.uat-us.hashdex.io/defi-bitcoin-futures-etf

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1072	msedge.exe
1072	msedge.exe
4548	msedge.exe
4548	msedge.exe
2804	identity_helper.exe
2804	identity_helper.exe
2636	msedge.exe
2636	msedge.exe
2636	msedge.exe
2636	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1072 wrote to memory of 2868	1072	msedge.exe	84
PID 1072 wrote to memory of 2868	1072	msedge.exe	84
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 3576	1072	msedge.exe	86
PID 1072 wrote to memory of 4548	1072	msedge.exe	85
PID 1072 wrote to memory of 4548	1072	msedge.exe	85
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87
PID 1072 wrote to memory of 2420	1072	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://website-standalone-product.uat-us.hashdex.io/defi-bitcoin-futures-etf
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdec4246f8,0x7ffdec424708,0x7ffdec424718
  2⤵
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8
  2⤵
  PID:2420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:1076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:820
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:8
  2⤵
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:4472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
  2⤵
  PID:3868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
  2⤵
  PID:1132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,15371603869481523237,17469713283432138729,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4876 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2636

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:720

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3590c7788f1f36717cbd298007259a6f

SHA1
9e9a602016435a1d642e18a54d8d6589f938a5bb

SHA256
09a08de2fcd19e304c3b8f6e04f5e4da257a3f18759827be4e9c6af862412174

SHA512
07df3ee7e2d4a313c996c6b8451450556a75e5ac8e4d10595f255164fdd25d6bc596ad579d90f6496c78a15a3c6fc349d748dd7c5f4b2b51d330c52577e2988a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2713b3c9-7a45-4c58-a311-5e52d78f990f.tmp

Filesize
6KB

MD5
4fc697431f00ddb6d3c4600ff6762407

SHA1
44bddca72ab5fa4421beae0d00328b9906f01244

SHA256
687b5b208ca3ee2d74226800c2e71ad3bd2208e4985919dda2a45075e79f2766

SHA512
4cce6d2c500e339fbc282925586da2a31f20afe4a69134bf48441ea17b7a0088f4a07c1ffa0053b279c54ccb9daa95a941bbaa92484b43a1973f6f94526a1202

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
984B

MD5
f8c8e3121903fdd8221c8da3c99a8cfa

SHA1
c581170ffcafccc1b1ca3e5a15981206840459bf

SHA256
6a3310fe5d85bbb154a15aaceecadbd4ffa21dabe7194ccd95a4b2275954a4a1

SHA512
084e841543efe12f5257f7e890f476650c707e03034a94b0968ca38407dea9a998e12eae486032a2f0424814ffc88cde1d11b56ca7e0f7a1e0d76b1c033eb49a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
2790fdc22d4c57f6bcd1e41643e461b2

SHA1
0981807dbeb94f71cd908acf051b1a4e3e0ca8c1

SHA256
96e4732658c8e906f01ea4a763ac07ceef406e3a561232add548d1e77b1c5e16

SHA512
0af750a6a47cebcb326d0e692f556f65810faa679b3d5872f4af10535eb46cc1ef5ea6378b401e52eb84a0e485ba884bc8b5f328e787d78f03348aca99b3667c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
960B

MD5
d6132c328ec69da19e5736e2705e7217

SHA1
0d1310ea8d00655546d9fb7aa36a909da6c608ee

SHA256
6781aefca7adfe4f7b27cc0ec7406b96ebcfdd3ec4fdc7acee4c1776c4505fec

SHA512
b147cb83d7064dd602f30328a54517318141b1687de36d2330a4defec3fcabc65a85bdab302a6a41f6ed3bff88e9eb9f3aea16fab8336877d84ee9ccf176f6b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
212B

MD5
b9a957a27ce201e944e72dafc74ebf2a

SHA1
e42eaa47f4f36724bcc84ef835f17c28366b5845

SHA256
f9a8956d2837a0b271459a452176ef25b23c9411050b87a3267950fce2900b22

SHA512
ef237bc9dacf4ea3c9cf8bc366e7ac37ca01d92b2eea54b9907b847ed9e35f6a7ebb4ed73d8769d196863497b5c6c584c84ed568b32c95022a39397ff2283b8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
371B

MD5
3408ef11573767c5d08669a274cecd2e

SHA1
0738a70ac370c573821b0d5d1480b28f49d9a8e1

SHA256
b38590f7066e64c3a541f3c1720cdbd0182e40cb84b51585daa919112aaf96fd

SHA512
7fedfdde3e3a1d12c26b1b7ef330c68479eb417bd33e1edf0d62b4e661e8af75ac6672fa4074a37412f3f22953196ba4d6a1ab1b8686d9ddedbc1d9dcf5cce54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
557c7332ef5016de4abbce7639936339

SHA1
c98621d9d80fd741bea915b0d10ddc569e8df5e2

SHA256
ef6a9bc1b29f87cf6eeabe4897ed719f9b98a20b038e8df2c8ffc2810ecb4f7d

SHA512
28284e26af86ea7ee8b99e632f5811c6d779deb3081741674a9a9b8e532cade8a3b6da88fdbbe58d7dd38efb148ee524ce0c46072c43b2b9dfa0677560c9fd3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6ff723382e50838201bc68900923e8a7

SHA1
219c6588c163c890054212d7ad56dad98a50d537

SHA256
b929bc8eeca236943cd226ea0dff2ad98837ec4656c1114cacc646dc90199b59

SHA512
18e8b342e7eead79f93d236aac7f7280d31a0f233f427cbd16f8602054732b40e898c27ba79425888ecf93bd727c0a0920d240b9ba22b98204a6db4e03ebf64b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
39e10f76d97049e6ade05c7c103dc81d

SHA1
fe31d0293dd7594383e3987d3b0803262ae61c3b

SHA256
4e479cfca08f4c46a1bb440930bc4de22f5ae8bf0181688603fe573f540a7025

SHA512
fb947d52679134602557cb515026355550dc0790f9c6b870cb6061e1394f6987588447cae9fdca4722db2f77096248a8abc367d69fed9f08e6ac6c25d29d5cb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ac79bd73c535dadd3ebe10915410ae78

SHA1
9a466c827475fc158eb66866818d13fdc48cc5ff

SHA256
8770af4ecf6e20b7942101871ec8eef6b6b18d59933dc444707851e94fae1da0

SHA512
a5f5e54e8e72549fe33dcaf3c4f617fde78d972db2172cea9cb2fdd489d5cc9bbddd85fdf215580c7901989e2c6d88ae8a8af2572cc740f999a0c8de5b41e54e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
a128973ca2ca245299ef7e60156b4ef8

SHA1
d39a437204591bbff98d673e6d1c4f869683ebcc

SHA256
5c6e1f3c7213460c24dc670521adbe32ec76df5e3facc0a7b92a3fa9e340b302

SHA512
bbbdbe2fae61c2a27b4aadfbda2efae2675156dcea6edb8b45fbe83f397f8a1f50d694d8bcd1f53939a277722baf102f3f80caffadfcf0ca80d7408d77d8c490

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f7d21921da6ecfa6ef63fc32bf1b3d9a

SHA1
0c43553b51c911eb55227609e27076973d6fc668

SHA256
e0510b7173d30459d4905097ea16cddb1bf393dc077321a2611250b1b91ab419

SHA512
92ebe6c6259feb23c8dcb80d0738c64d77eef05f2b03b6bcf15c6f23073a7ecfa4a8c65cabb7a26bb99654442508ad5c01d0a4753c3e8017c8c9c954ad003e5f

Download Submit