hxxps://sennama[.]com/f10/723111

Analysis

max time kernel
150s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
12-01-2024 13:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://sennama.com/f10/723111

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2852	msedge.exe
2852	msedge.exe
528	msedge.exe
528	msedge.exe
392	identity_helper.exe
392	identity_helper.exe
4480	msedge.exe
4480	msedge.exe
4480	msedge.exe
4480	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe
528	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 528 wrote to memory of 4316	528	msedge.exe	16
PID 528 wrote to memory of 4316	528	msedge.exe	16
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 3452	528	msedge.exe	77
PID 528 wrote to memory of 2852	528	msedge.exe	76
PID 528 wrote to memory of 2852	528	msedge.exe	76
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75
PID 528 wrote to memory of 544	528	msedge.exe	75

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff90b6746f8,0x7ff90b674708,0x7ff90b674718
1⤵
PID:4316

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://sennama.com/f10/723111
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2960 /prefetch:8
  2⤵
  PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
  2⤵
  PID:3452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
  2⤵
  PID:2448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:4492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:4664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
  2⤵
  PID:4060
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5984 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:392
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5984 /prefetch:8
  2⤵
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
  2⤵
  PID:5232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,8411356826707786190,16403964683361148843,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4480

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:980

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4896

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
84381d71cf667d9a138ea03b3283aea5

SHA1
33dfc8a32806beaaafaec25850b217c856ce6c7b

SHA256
32dd52cc3142b6e758bd60adead81925515b31581437472d1f61bdeda24d5424

SHA512
469bfac06152c8b0a82de28e01f7ed36dc27427205830100b1416b7cd8d481f5c4369e2ba89ef1fdd932aaf17289a8e4ede303393feab25afc1158cb931d23a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
5892303fd890584a05ddb2e3ac6016cc

SHA1
5c2b14e86d15da35da0f77d2ce32043bdf82665a

SHA256
780fa17b5a588def0b4adeef3fc867411058f21b87e0ebcc18440d01bcfbec9d

SHA512
eac0a7207b680b7fa8b01bf5f3b233aaa0c5277e63f3ef294e8b7e6a0bf33b4b051a3ddd713b5d5d1adbf0c514c46d3ecd2a1f2059480abece991d2c684a0cc9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
57fa7021329d1e4344c6c00021e641ab

SHA1
e26779a5e987865bbae68dba7ede55d52a5d1bc8

SHA256
be9aa23ff6f6523a9dd8b9293565047c3b74975c4b527f8778ec28f6569ce8db

SHA512
fb0e5eb71464b0b2de8e0a6aa1ed40d48624b3ca152c52a35823e29bf61efa985674f1110066c0e0a2370e0095631321b45b5356a93e6aedf30a5dfb77e8518e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
183B

MD5
9e1275231d0007b3a42906cdadb34ea6

SHA1
de552221fd88afa25f6cdeceed2c825d4b40e41e

SHA256
3ac46af51f438f21927049f96db54e3060b81606bc3c1acfae0e125ac5c530e8

SHA512
5db406df1b09a4bc46c299deb653b949ab1dc6701977c5d964d1969333ea620585a5773ab3557ca87d19d18727e040a38285aca132828ff3491bb40a1dbee521

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7ba2bd8c1708f693f68214ea90cb1615

SHA1
7c0e3c869908c0246c48da5004eb93d2f5cb0b89

SHA256
4a05a33106ffeef40a2e5200f80e461a5835d7ae1e70c1d5443daf38f694c84b

SHA512
8f6ba45184159fd8024f9ecf2c4503e4258894169de2e933b6cddac31339b745e82497899c2bb713669d21f9f5ca2db36f9c967a119ead29acd98308099a54ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
5f7365b8353c6033a1635ac01f4412cb

SHA1
137a963c82cdf33e7be5bcca8d420e77989be762

SHA256
8eb42de3b0886ccc7684ee768310d260d5503de3ac9df7bbdfa36452990ffa2c

SHA512
817418f098e76f2b50890fec6565d6cba26c2b4dbd55c2282e814dc6d5e1064891eb0fc4ac6b66beb260924fb5cf48669152cd2705fd2c2860414c630727344e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
2869486992cb19e1de7b1380684319e8

SHA1
9309bb2afb79b73fab9da3049d5971ea0d83f411

SHA256
a1ccbab0be256515276c24b2a5bb8a90a0a0c698a6f3042121edeade6cc5fc16

SHA512
3fc8a1adc665bcce5d82c6c06c568b2f910599c0406eb0e32b93f4c6dcce6de0a182963c8b6797dcc076a0fb0d2af328c88401fa7eef89a960927199a287defa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
93a84251d37368b9673f5391b78f78a6

SHA1
4b539ffbb5e3be0de9ad95d59d7047268eb6c71f

SHA256
44a0ce58defa6c2199388f16b9a96d61a7926df4415d6222fca76e64e9598aa6

SHA512
b47ca6a601c430767918604e1c8c438e639e6b4dbfc8d704c9756df0b60eabb6c037f678e54d50a1ddd4b8426e0542896959fd2e82f1f459449387362b545c2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
35f77ec6332f541cd8469e0d77af0959

SHA1
abaec73284cee460025c6fcbe3b4d9b6c00f628c

SHA256
f0be4c5c99b216083bd9ee878f355e1aa508f94feb14aeebcfba4648d85563a7

SHA512
e0497dbe48503ebbf6a3c9d188b9637f80bccf9611a9e663d9e4493912d398c6b2a9eab3f506e5b524b3dabbca7bb5a88f882a117b03a3b39f43f291b59870c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
47c21ebf203b6a2486963dca50e710a0

SHA1
bd9d9c894c538756f198dafb7a7f006a51235a5a

SHA256
663de172bc8feeec5a72cebabde14a6166a48b1014cc42b5fc5777175a0a2491

SHA512
0d2a8032c7fc80bfbdfc0b6bea8b66c2666b8568926f3ca8140e175f91b67655122dec5e8c661af29f90e96b3d247d142f4aa149bb8a96a698dae34394856853

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
e60ab173bec3bba9130632135c0d9a1a

SHA1
4267bb2996fcaff5b85230b10cbf3fd7dad96bec

SHA256
cccc5d9fbc1d5c46b2e248a7d0c08ffbc32b2094d48e45aba51cdc0380bce00c

SHA512
5a11cbd9314231b26be001a48a56dbfc8d61841c3c98e0283d70af14a53ae7854b9e0fbc6f735a2ca29605117d56a2e8e41e1e672633430d658515cf154e0cbd

Download Submit