e0782678c3c3b2e5a72931fe861d6739af74d8beb04e221ca034eb113ec54993

Analysis

max time kernel
145s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
24-02-2024 05:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a117e17f044bd500f9b1b637b141b525.html
Size

16KB
MD5

a117e17f044bd500f9b1b637b141b525
SHA1

da1b06082ea4b9a06dae0f530858f21078d7d01b
SHA256

e0782678c3c3b2e5a72931fe861d6739af74d8beb04e221ca034eb113ec54993
SHA512

355a0a576c4a7284063cf13a7f9484128ff9ee47dca2f9cd5457267014a5ec234dce9b80537be44a434d435dc40e42ccb24d2b9182cb2ba54fd8a34923d4d885
SSDEEP

192:MLehT5jc20Sd0monJBjn3WQhIzR889o9ZhwbReJU4spPf0ckqDyDpMaFRTCFHoI9:ZnckdRmJBj3Wlt8oo9meSXPfwrCxM2V

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
224	msedge.exe
224	msedge.exe
5032	msedge.exe
5032	msedge.exe
3184	identity_helper.exe
3184	identity_helper.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe
5032	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5032 wrote to memory of 4964	5032	msedge.exe	56
PID 5032 wrote to memory of 4964	5032	msedge.exe	56
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 2492	5032	msedge.exe	90
PID 5032 wrote to memory of 224	5032	msedge.exe	89
PID 5032 wrote to memory of 224	5032	msedge.exe	89
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91
PID 5032 wrote to memory of 2596	5032	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a117e17f044bd500f9b1b637b141b525.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffefdde46f8,0x7ffefdde4708,0x7ffefdde4718
  2⤵
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2056 /prefetch:2
  2⤵
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
  2⤵
  PID:2596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
  2⤵
  PID:2044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:2712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2268 /prefetch:1
  2⤵
  PID:4320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5740 /prefetch:8
  2⤵
  PID:2724
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5740 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:1828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:1908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,8198293895633026226,12401903146320890879,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4196 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4336

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4328

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4664

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
343e73b39eb89ceab25618efc0cd8c8c

SHA1
6a5c7dcfd4cd4088793de6a3966aa914a07faf4c

SHA256
6ea83db86f592a3416738a1f1de5db00cd0408b0de820256d09d9bee9e291223

SHA512
54f321405b91fe397b50597b80564cff3a4b7ccb9aaf47cdf832a0932f30a82ed034ca75a422506c7b609a95b2ed97db58d517089cd85e38187112525ca499cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d4c957a0a66b47d997435ead0940becf

SHA1
1aed2765dd971764b96455003851f8965e3ae07d

SHA256
53fa86fbddf4cdddab1f884c7937ba334fce81ddc59e9b2522fec2d19c7fc163

SHA512
19cd43e9756829911685916ce9ac8f0375f2f686bfffdf95a6259d8ee767d487151fc938e88b8aada5777364a313ad6b2af8bc1aa601c59f0163cbca7c108fbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
195KB

MD5
873734b55d4c7d35a177c8318b0caec7

SHA1
469b913b09ea5b55e60098c95120cc9b935ddb28

SHA256
4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

SHA512
24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
4b8bb046f819d74938eedacda40e1f8f

SHA1
ddeb65e4699c07e350536fd3b56b565f7fab4f27

SHA256
450a602619a5e7531dcd48eb70193e2e2f89a798de9323bb246eb255f13fb21b

SHA512
243fa7fd42d449b8f48d1a79dcf3e60fefe1a95df0341df30a180c3ee492adf3f074d9181bb4a2be71ba3a1328d7aac20563a90d4c22aab8cee25b3932d4e014

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
b86e068f2224f8c9a746b754e92c2bf7

SHA1
c46725b629620ce9ad68cbb0bc65a468d2906cad

SHA256
4753664108e390ba2e1051c4ff2f360dbb4d679cdb896c545bc18c651eedb331

SHA512
421bc3259a1911a1d54f6bc33d7054e20bf2bd9d3887f52588401750f633f8ef4bf1cefe0a4e10bd496fae01477168de134ea4a3ac5f4efa7d021d736c0c85bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5011cc31c15a0f9a990604c73e75471e

SHA1
af83a2b57975bb5242efddb5dfa9623f23b3696d

SHA256
d001ffedcdd47882f69b9b35651a769862861dbdb51e9d989d73491b82826cb4

SHA512
1fd181c954c66e105e84e88071225ac871dfd6e9a6cd5d4f1efd8bbdf1eaa1dd56f3b5abe91b808b3b7dae04b8534a4ac450744e08aa1307377d87450950facc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3d9e83453c7d102bfbbd21271a487635

SHA1
355c37e263f0f7892d2d05c0a17c9a27a32b3479

SHA256
7d6782f797aeeb01ac37292524311c8ea9902a0cbb354fdeba4306bec654d61c

SHA512
4c791a21055511ae423457934c061699f74ffd1e3ff5329d65887d4c8c3afe6ed3170ab3bca598bc138966c052df1900d472d647d0902546dbdb2937ed9dfda2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
797367ec1b4213caed3897ff1668bf69

SHA1
6b9197b691d20aa4416292f27cc3d51ebc6e6faa

SHA256
353c4a71275664992379ade3ee2785718a8187d41ef3754dd90699fb8eef7075

SHA512
d47d32820e719707363a2e737a2e9b3251880409d6b3cc436dad864e8cefb30d03e010e40fac465ff806f9133c4e51091f254d6c801b8fe3396412fd1177f925

Download Submit