e6ca52522f5b6536341d83ea8f6f20e132bb4e18eb525a0ad42028aed4c9eff4

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
14/02/2024, 05:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9aea4139cc29e9044e470c71adacfb68.html
Size

57KB
MD5

9aea4139cc29e9044e470c71adacfb68
SHA1

24d5999eed22ca0e9f2788b2ad240f04e3558d89
SHA256

e6ca52522f5b6536341d83ea8f6f20e132bb4e18eb525a0ad42028aed4c9eff4
SHA512

e798dc8b4e75272f6337ec3dcd687fc151b725766a90249e3100d4a5ae9d882f96da8ab4a7470053954f6716f67b12d3f53e79874271b7dc38b4450f19288933
SSDEEP

1536:gQZBCCOd/0IxCuJwFfNfWfDfQfifPfbf0f1fzfCfofkfyfkfAfef+fafdf5fLfL7:gk290IxoVu7Yq3zMN7KQ8qMIm2iFxzz7

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1232	msedge.exe
1232	msedge.exe
3996	msedge.exe
3996	msedge.exe
1644	identity_helper.exe
1644	identity_helper.exe
772	msedge.exe
772	msedge.exe
772	msedge.exe
772	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3996 wrote to memory of 2200	3996	msedge.exe	84
PID 3996 wrote to memory of 2200	3996	msedge.exe	84
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1028	3996	msedge.exe	86
PID 3996 wrote to memory of 1232	3996	msedge.exe	85
PID 3996 wrote to memory of 1232	3996	msedge.exe	85
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87
PID 3996 wrote to memory of 2836	3996	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9aea4139cc29e9044e470c71adacfb68.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa1a4a46f8,0x7ffa1a4a4708,0x7ffa1a4a4718
  2⤵
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
  2⤵
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
  2⤵
  PID:2836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
  2⤵
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
  2⤵
  PID:4304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
  2⤵
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6432 /prefetch:8
  2⤵
  PID:2004
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6432 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:4112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6152 /prefetch:1
  2⤵
  PID:3400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
  2⤵
  PID:764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,2533410447761138014,2339995163234840324,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:772

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1180

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1676

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eb20b5930f48aa090358398afb25b683

SHA1
4892c8b72aa16c5b3f1b72811bf32b89f2d13392

SHA256
2695ab23c2b43aa257f44b6943b6a56b395ea77dc24e5a9bd16acc2578168a35

SHA512
d0c6012a0059bc1bb49b2f293e6c07019153e0faf833961f646a85b992b47896092f33fdccc893334c79f452218d1542e339ded3f1b69bd8e343d232e6c3d9e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
194KB

MD5
36104d04a9994182ba78be74c7ac3b0e

SHA1
0c049d44cd22468abb1d0711ec844e68297a7b3d

SHA256
ccde155056cdce86d7e51dfd4e8fb603e8d816224b1257adfcf9503139dd28f1

SHA512
8c115e3e5925fb01efd8dda889f4d5e890f6daaf40b10d5b8e3d9b19e15dadcb9dcf344f40c43f59a1f5428b3ee49e24e492cf0cb6826add1c03d21efdec52ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
a43e5f4b726ce211c3a7a2b6a057cd40

SHA1
bc6858ecef7fccd71e7902ac4874a95e3382a28a

SHA256
cbab3a153e18f3f77f304c443255aae48b7210d2559822ac588d5088ebded13b

SHA512
c8be56cae562f5da31e8fe6e66585a87ee8d0e56a30d483e66714b668c47f8951d6a6a91d5f43773a47a90ae074cfe5670e256292d6fe192685c6f64e2b038e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
29b0be011fe499c0d04bf87796a9f22e

SHA1
b8a4da9256337aa7f4c240d3ce6141883c3394dd

SHA256
5ddc7f10a277eeb11e268f3bc7f99d9078fd47c2925fd10c6a8af04932f02553

SHA512
9a7a2e718ab856e78fa8ba2d7ddd553cc75b836b3f2274bbeec1eca005f024a290131bed6555665b109e8f91e26313c26d44808e37fd17a970164ebac88367f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6009ac4fdafbcd1d79996fede806cc96

SHA1
f0bd9a40b6e9de29f9945586a8a14b4b5a9f4842

SHA256
a3aec10811e4fad928f371e3f0c80b4b0d3dbf6d1326cbc87a366f1cfd8636be

SHA512
15a38f2fe7ab77864ebbbfd3bdfea1cbea5dded4684cc99d18befc3dbaba572ad9ac31df47d7341d0f59f05407cdf94276443155d6f33175360c37fdde24b0bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
44661b22affd8eea43e0bed6715e1a6b

SHA1
ced07d298ad40bc6006e3396463940f8027053e7

SHA256
058a77f9ef8682fdf4c42069809d6a4699362773f2dcdecae583e7130f904231

SHA512
5453dd72021130dc6349385ed0da8110f501dbf7ea41b03666ea87edca867c63a6cbff473aceab1575fa09c0b2978b5e2f464207e136ffca60a5dd87745ba2d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
2bbbdb35220e81614659f8e50e6b8a44

SHA1
7729a18e075646fb77eb7319e30d346552a6c9de

SHA256
73f853ad74a9ac44bc4edf5a6499d237c940c905d3d62ea617fbb58d5e92a8dd

SHA512
59c5c7c0fbe53fa34299395db6e671acfc224dee54c7e1e00b1ce3c8e4dfb308bf2d170dfdbdda9ca32b4ad0281cde7bd6ae08ea87544ea5324bcb94a631f899

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
22accef55ea8cec6628c1ec4b823ece5

SHA1
938d821df666a483c4abb76e80fa08600a3b7404

SHA256
b645e26f41032366d463947f988413a33aeb996a3c40ced2542d2d9bb49d99d8

SHA512
fe405ce9eb17d6bc3d419b028bb76f582b9079ec80ea96c2b088b3c2989746afa5b8936538eb80ce9c096d94adb6d58f4a7102bdc97983aeb7859681e52be9f3

Download Submit