77cbb4c2ced46f1f4bb8f1a469db82caafcd012a0279968f9849fa556e7e997d

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
20-02-2024 12:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9800732090589271a1e0a7b6c53b05c9a366655e8ab4f9e3d7c5a838f943c376.html
Size

819KB
MD5

a4ec5c3ec1f4d7159a709e3989701320
SHA1

9aadafbfc5779477796d87252a458971870788b5
SHA256

9800732090589271a1e0a7b6c53b05c9a366655e8ab4f9e3d7c5a838f943c376
SHA512

1a1e3fc95e9ffb2939a764456f637235fe628dfb8157c89cfabe839a3932539a8fee84d87036a46823197a64cff507578cf27c9659df47f4ff06ea796115de53
SSDEEP

6144:aSrPGb6pFz+J6dCcfOMcXLtEGYKM29+9oPyv1LIpc1JRqSYL:0EGd79UoPyOL

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4952	msedge.exe
4952	msedge.exe
1848	msedge.exe
1848	msedge.exe
3948	identity_helper.exe
3948	identity_helper.exe
2964	msedge.exe
2964	msedge.exe
2964	msedge.exe
2964	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe
1848	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1848 wrote to memory of 4640	1848	msedge.exe	85
PID 1848 wrote to memory of 4640	1848	msedge.exe	85
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 2168	1848	msedge.exe	87
PID 1848 wrote to memory of 4952	1848	msedge.exe	86
PID 1848 wrote to memory of 4952	1848	msedge.exe	86
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88
PID 1848 wrote to memory of 3476	1848	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9800732090589271a1e0a7b6c53b05c9a366655e8ab4f9e3d7c5a838f943c376.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8449d46f8,0x7ff8449d4708,0x7ff8449d4718
  2⤵
  PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
  2⤵
  PID:2168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:3476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5996 /prefetch:8
  2⤵
  PID:2296
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5996 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
  2⤵
  PID:5048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2124 /prefetch:1
  2⤵
  PID:1056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,11393924013051627093,11428934283879948453,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2964

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:232

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5048

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f246cc2c0e84109806d24fcf52bd0672

SHA1
8725d2b2477efe4f66c60e0f2028bf79d8b88e4e

SHA256
0c1014ae07c2077dd55d7386cc9cf9e0551be1d67fe05a6006957427ae09fec5

SHA512
dcf31357eb39a05213550a879941e2c039ec0ba41e4867d5d630807420f070289552d56d9f16c6d11edcdb0f9448bf51e7d2e460e88aa9c55a5bfe5d8d331640

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
816B

MD5
2f95460f97a3754825c9b2c50e4be1e3

SHA1
1854e345bc12e6a1c9738db5c53f9e94122ccfe7

SHA256
a328f1055aee1534e56cd805e55f568a7811bede60b8a18f149925ca42ea9e8c

SHA512
a4bf8e0c0b82f074e9ac72d9186d6770fd8a5afc6655b0896a78b1cadedc2d6a8f37e2b16f11d8471e695e1b949f14cfa2823cc7f0e58c8514c683e66de61687

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4ce2b22057851eff92216f0125d2caf4

SHA1
96d900b8f748aa3e61274bb938f52e58a7a0b624

SHA256
7f64f8f3c57cbc603be0c589a4ce25a0bd0c4c6f1f24126e3b9b361936687071

SHA512
93dea9d3c05cb14c3660794304e13fedd79ca04fb9a5671fb3b6cdbca1655c83ddd89efa9e808a4918a3a13d0b8453577a809598a0bfcd6b3dccc96b735a8a35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
990e626a6d95eb933c6dae07d57437f7

SHA1
2e5497672f3a07986f44ba98a27abc7b1efa97a7

SHA256
5d2b2467091c16766d387c4206df3e2bedfe5cede0447edb7bc548e1b117f5ca

SHA512
f07be4e8535b6035ae985800c3daf13418182b45ca4842ea13f959c0fd946fb0e1dd4f982a21a2972f119509ea6b4427f7fdcd2268cc27e6e9812d815315c9d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
5e62a6848f50c5ca5f19380c1ea38156

SHA1
1f5e7db8c292a93ae4a94a912dd93fe899f1ea6a

SHA256
23b683118f90c909ce86f9be9123ff6ac1355adb098ffbb09b9e5ec18fc2b488

SHA512
ce00590890ed908c18c3ec56df5f79c6c800e3bea2ad4629b9788b19bd1d9e94215fb991275e6ec5a58ac31b193e1c0b9cbaa52ff534319a5e76ec4fc8d3ba54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
367B

MD5
222b1c51e1f8ddfc7922fe4040a679bc

SHA1
002d525aa446811fa8f7507fcb4a5b5bdf7d79c4

SHA256
e4c0ca5c75b2ffbc6049b903df001277fbf32abe543f09136c0d98404eaafb39

SHA512
4647ff83b31728b70e0a405b07d23a0ef175897efc39d4350f6b65b3c30029470c960122c26c217989acd2ef78ea0c4e220afaba9e8e68e6a6bf4f281bd08ac7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581066.TMP

Filesize
202B

MD5
e72f2260c7af137e77e1f374754f2d7b

SHA1
35fa7dc8b894254868cefa87d72c678a42c70893

SHA256
c1fb5c53ddea331caa5c31be2bc17400d9fc6593653e40a2c0d1bdfe712b091f

SHA512
7046c91c275089c87ac417e8dba1151c807c03c221f49fcab83ba1aafd8411fc138b91852a602f31422bae643596eaaae73b1f049dbecbffca7db571e8dfe770

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f518e64fef7ee899db0973bb25bc25a8

SHA1
9e980fedb6884f2ed909222a3312f938e3a45283

SHA256
67390c4729f475b13747e9dfbebe28087068b69508dd22b78a05a7a0a2d07a0c

SHA512
e208473c3c2fd94928c05039c4e7534ada5eaacbcc5425b8c0a07823f5d9bcc8cc58334f9f8dba3f170c258f3bd0075d952546587b3c3ca9b1d834e5bd9a58b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5d5c3f8cd4f909ce3305ef75b1aa7cf4

SHA1
772d26dadd56845b5aa49df7491d1993fa3a0705

SHA256
926ee344029feae04f2de9621271a075714abf37bf3eefc632d71f5717241c9d

SHA512
16bb1762d4c37e32e90565f395a545a516053908a0b3fae00204156ee5c371e20c4d60db8ac22a05da424dfe4d20dedd1c9c401e2346f044b24d90c8876855d2

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit