hxxps://www[.]mediafire[.]com/file/m933b779tt18l5k/PS2024%28v25[.]4[.]0[.]319%29[.]zip/file

Analysis

max time kernel
88s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
13-02-2024 14:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.mediafire.com/file/m933b779tt18l5k/PS2024%28v25.4.0.319%29.zip/file

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2936	msedge.exe
2936	msedge.exe
4044	msedge.exe
4044	msedge.exe
5280	identity_helper.exe
5280	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe

Suspicious use of FindShellTrayWindow 44 IoCs

pid	Process
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4044 wrote to memory of 3604	4044	msedge.exe	85
PID 4044 wrote to memory of 3604	4044	msedge.exe	85
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 1944	4044	msedge.exe	89
PID 4044 wrote to memory of 2936	4044	msedge.exe	87
PID 4044 wrote to memory of 2936	4044	msedge.exe	87
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88
PID 4044 wrote to memory of 4800	4044	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediafire.com/file/m933b779tt18l5k/PS2024%28v25.4.0.319%29.zip/file
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffac28c46f8,0x7ffac28c4708,0x7ffac28c4718
  2⤵
  PID:3604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
  2⤵
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
  2⤵
  PID:1944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
  2⤵
  PID:4048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
  2⤵
  PID:1644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5380 /prefetch:8
  2⤵
  PID:4628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
  2⤵
  PID:1868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
  2⤵
  PID:4852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7012 /prefetch:1
  2⤵
  PID:1336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7348 /prefetch:1
  2⤵
  PID:5232
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7656 /prefetch:8
  2⤵
  PID:5264
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1888,5726182311805361723,9916261519338367982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7656 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5280

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3996

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3e71d66ce903fcba6050e4b99b624fa7

SHA1
139d274762405b422eab698da8cc85f405922de5

SHA256
53b34e24e3fbb6a7f473192fc4dec2ae668974494f5636f0359b6ca27d7c65e3

SHA512
17e2f1400000dd6c54c8dc067b31bcb0a3111e44a9d2c5c779f484a51ada92d88f5b6e6847270faae8ff881117b7ceaaf8dfe9df427cbb8d9449ceacd0480388

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
05817f40e1ff75079a8c7d26103c048f

SHA1
b278acb5f48c41028b327a4a20a22d345f4b1e0e

SHA256
8f8625f02af7090f7e2b0acd9113d2b2359dce554017215255d281974428e2e3

SHA512
b7c29ca07ddf46df23a5a2fa0a37061170842f820f01a37a5a1425b5c2512376faf0316a99624e68a654b88250459d1c44adc08cf927b3ce5161e073cbe31eed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
8KB

MD5
a0a770acd63269ab0edd2b90de5946d0

SHA1
d224f7e339e6fead40f205b22e2f6ee520935a18

SHA256
84e20bb54d0e6bc3a6c11086bbf71f0d550e928053addeb66359480e5773c66a

SHA512
5425a8864af99b010c07abec24e5e2b6eef1a175fa88ae8bd9b2c9644e1c9c93460d21fd1aabf87286ce8491cbe73df97cd7c29825c864923be31353cb85d187

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
54b90cefe41d142c874586d0696f92e7

SHA1
99e62d5c8898500486b8cae61cee0457ce8b0422

SHA256
106e128ab3aadc5ee8f2c55ee51be0dfb91df4cdd1df3c57980fd6293c91ba1a

SHA512
2ffb6ac8833f9a733e2966141c05417b7298a56b6908ae78f647f4984c3a76fbd7b566f059820ae5ea304414618c961e8524d4fdf9a6a0c3f1ace93401d002ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a9a0a4fb02f705dabfd858b65339d107

SHA1
ec173c15cade83e563ae26095ce75ba8765ed0e6

SHA256
4fb37ba7cb6ff5b3ab8d3900a6e4560576b65861862f57b9ac9864f6e95c7fb8

SHA512
d40949ba3fd1adf5dbc97a01724ecc7beec8f84abd08e9a94f955847a80eb094209ad2286b0bea84962dedc5dc85500cd4cb602c681d6951b79b8916912b0fe4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
6bf4a311952cc19edc0a4d647800c852

SHA1
793a957b1be65005670dcb598172c26ca02e0e87

SHA256
274c6c019059a4ea81165245c0cb94b37277830cc4122a61929ffbf4c167790d

SHA512
7b40a9152384b2682b258158deb965130efa5a996d2173f007cc398d8baa6a6a5f2a04d3664f269ebb7ed743550b0bf92ea663b0e60fb3581bd34ccfc5e77dbf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
1b1b142e24215f033793d1311e24f6e6

SHA1
74e23cffbf03f3f0c430e6f4481e740c55a48587

SHA256
3dca3ec65d1f4109c6b66a1a47b2477afaf8d15306a523f297283da0eccbe8b1

SHA512
a569385710e3a0dc0d6366476c457927a847a2b2298c839e423c485f7dcce2468a58d20133f6dc81913056fb579957e67f63cf1e20b910d61816210447cd1f1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
8d2b2562e627500e9cbddd793ab58417

SHA1
fb626e4bb48c78e7893245250115f9abb5af0b37

SHA256
b3782242054acecf18c499e895ed8d911e3a6ae1ae190545edb2d7f66e4aba71

SHA512
0256324d09571094f162a0b84d21cc29a52b8bff0c98317f8c9d409ee91fdbcf73a6c6f0155f24448720f2cb7f01a0ef3bcfc4ff9350902b0512cd7028299a0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ec88a4e0c62b4c484557232ccd7240a6

SHA1
7208859a55ca6408d188ce9d3e81f7487e721f5a

SHA256
3d879397153b9ff777e30a3f9b17ac00732fd71116497d1ff8c161891ccdbe00

SHA512
e0f5053b8195835afcbcd914629bedbd1824c01123ff4fcdeb3bce10d88cfdef16b2b1f4c948edaf1e0edad8229bd0e298f37c0c5f688ede8be591686adb51d2

Download Submit