hxxps://manuelfrancodonations[.]org

Analysis

max time kernel
83s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
11/10/2023, 01:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://manuelfrancodonations.org

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
940	msedge.exe
940	msedge.exe
960	msedge.exe
960	msedge.exe
1972	identity_helper.exe
1972	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe
960	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 960 wrote to memory of 2588	960	msedge.exe	88
PID 960 wrote to memory of 2588	960	msedge.exe	88
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 1556	960	msedge.exe	90
PID 960 wrote to memory of 940	960	msedge.exe	89
PID 960 wrote to memory of 940	960	msedge.exe	89
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91
PID 960 wrote to memory of 4728	960	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://manuelfrancodonations.org
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8dc0646f8,0x7ff8dc064708,0x7ff8dc064718
  2⤵
  PID:2588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
  2⤵
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
  2⤵
  PID:3608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:1792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2644 /prefetch:1
  2⤵
  PID:1140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6028 /prefetch:8
  2⤵
  PID:3136
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6028 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17844830807617982039,6998743626820792335,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:4960

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3628

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1372

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2852

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bf009481892dd0d1c49db97428428ede

SHA1
aee4e7e213f6332c1629a701b42335eb1a035c66

SHA256
18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

SHA512
d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3902a09a-18f4-47a3-89b9-48fd03286c92.tmp

Filesize
637B

MD5
10a46f22c29ce2ec35056b0b28f592eb

SHA1
d8dbf2ae2b76d03c93508f416218f86e9ac2d516

SHA256
d03a58d76b403f6ed82a2207a23dee38ae4f0ec9765978ac2b84e4bc48cccec6

SHA512
7841ffcd5003ae102cf17ae0fd118c1eb9b1e110ffd3fd94c602fc423de22c46226b318d8c7a3fc6e68918addb32c70361fb381db8978b59f1c5f95306c70a9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
a9c005b88b67bbe62f296cb7c9f87b0e

SHA1
493bbd76f4e5621e20d8157416f72defb2f46756

SHA256
b584d8ab5d9c7ec7f5be63018eb6fd93018d5f94653a79c25622772d934826d5

SHA512
402b6168ebc87d76032b2636795b3ad3aaa499a4eb7a12f46dc5472f0ac2d1f5df9bab5484da8282caf5c111f8cab628b87652513f810791c3e6d61648dbca63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
37b2309b704268dd692624d2cadb3617

SHA1
675cc57510774659a6449badc297aa61dbebebdf

SHA256
8f0b049190432b479781eccbc7c31b46108773288b05639bcdf4bfc96c0defd5

SHA512
978b1549ade6196db555ad1555f128c2aee2215edef648c5f4b970b27ad2deb6782c2a760247eef4a44a126b5b60928185476ee5f537755454bcc7483380ecd0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
5f9f889dc6cb0ae82dec5050da875734

SHA1
4e154267cf349ba0294b7867f7fc31ac3877d4cc

SHA256
d0cd640cdf0f1ecc6d5326416ea2aa8b529356cba95fd600cf8fc317bfa330be

SHA512
f245c59b2663b40daf926bf70547dd7b4e74062b0db2fa3b2587bc0a110f8fe048f69253c1eea19aa94c5969801975c0bae6bee9ea15a1eb3521bc9bfc195580

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
d6ca658a8e4343c870d4f8d9e7c25472

SHA1
d0a45aa26a21a9c94ebb38fd6391b1b6425b3fc6

SHA256
a23ff587661ca8259774980736aa232ce72fcb32ed16fb2d2a928b8961ce400b

SHA512
f9efb9d0f28200c3bef41bde22d889c6949597c34fcf0b8b6761e8df4a7cfbc547e3c5e287aba7db7ba7e24e50ece05da24523d9129dd99c2db1582f7182a2cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ef85502b69ce598846131adc67a7d137

SHA1
2166614058db0ead288e5533e92b0a8960d74eae

SHA256
c249165588ff802832ea0e37be00259728f4c810bdf792f6e1dcfc35bd7327b4

SHA512
9173993ad7f56d69c37fe364b566702c0d175f41b271302dec1fc37fd50b459ba79a9aac723093c9d052da1095d80b943b9495459ef27fcd579303a7059fb07b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
01d2d8f8f2bd3f17e5e318ddd2103280

SHA1
7c78923f3c691bb47646c95f650126662f40dabc

SHA256
8d3a256d9faf3b14311b04c6174135cc2affc5363fcf003dd4803eda2a216484

SHA512
d03a3775d16d4246fac5d686a5ba3e68a06ceddc7f70748a52f5015682dbed89f4581ccd2c8873a6510bcd755175b518fe11a11465cc0ae5184824ebec4c0729

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
95ecd201deca038dd232353190829e8a

SHA1
1f5d1ac358fd837c162f9268e1b48ea2392132de

SHA256
231e0af2f86f773a7eebfe3b179c4ad9388807a0f8e62df38f1e3123276fe76d

SHA512
1321161e7108ae123c001590ab9cad2ef9094aef2dd50ffd749b8ec6f0220c79d938192d4e6ec1662a04c3949d29c0471eceada0b5d19edeb85deb0388546f45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
25ac77f8c7c7b76b93c8346e41b89a95

SHA1
5a8f769162bab0a75b1014fb8b94f9bb1fb7970a

SHA256
8ad26364375358eac8238a730ef826749677c62d709003d84e758f0e7478cc4b

SHA512
df64a3593882972f3b10c997b118087c97a7fa684cd722624d7f5fb41d645c605d59a89eccf7518570ff9e73b4310432c4bb5864ee58e78c0743c0c1606853a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
aee01ff777c06a445b7a6b6afe921f7e

SHA1
21b1cc94d8848b40aa2fff165241b87c01a47174

SHA256
e8066b0b8473e86c217a1d3a57cc0d52462ac8df9882c30615ecab4582612c79

SHA512
36ec734e951e77f0671ad97f57e2424f8d2ff39e72d08d4b7535904a25fc674badb805feaeb63ae36b6df8bda0d1a238eba86887a339ecadfe0d52461e7ba392

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
afebd4daadca1d49c18b6c64d7939410

SHA1
a67b3ff33d888c5d9db1291bf241d14b5ee2e4c2

SHA256
ba44c67f872bbacf595136d972c24dbc0ef61912a2fa651ff490adc240b9b9d8

SHA512
0c23ac9fee906549164a832f989cf9bc0d448b05081bfcb4e4ecec024b7786bf94995966a30fb603101c0148b7383d9cfe28280338b8a0767142243985045faa

Download Submit