69d824bba03f36331e6a39cdb8e4cfd18046c022df1c9dcbadecdde08e1af353

Analysis

max time kernel
149s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
24/02/2024, 14:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a2121b90ded85ba9285b7a92f16fb7c8.html
Size

31KB
MD5

a2121b90ded85ba9285b7a92f16fb7c8
SHA1

43a797e153c107412eae39003f077b5db8f10425
SHA256

69d824bba03f36331e6a39cdb8e4cfd18046c022df1c9dcbadecdde08e1af353
SHA512

9949f398807fa4c04b08b48d53af014de22f50816441e63a46fb403ab3743b51cd49455ef649b8a3151a5deb2370eac1d77fc3a696ce68a2c238b38e5f74861a
SSDEEP

384:diY4OquLZbxnT0EipB0nHx4zhjodtPhh1rPJ6PMPIP2PxtNjiJf3YMbrmJxlbXir:di0T0EipBORwodphb40I2xtWleI

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
408	msedge.exe
408	msedge.exe
2300	msedge.exe
2300	msedge.exe
4644	identity_helper.exe
4644	identity_helper.exe
1852	msedge.exe
1852	msedge.exe
1852	msedge.exe
1852	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2300 wrote to memory of 1868	2300	msedge.exe	23
PID 2300 wrote to memory of 1868	2300	msedge.exe	23
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 4400	2300	msedge.exe	90
PID 2300 wrote to memory of 408	2300	msedge.exe	89
PID 2300 wrote to memory of 408	2300	msedge.exe	89
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88
PID 2300 wrote to memory of 3992	2300	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a2121b90ded85ba9285b7a92f16fb7c8.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffcd1446f8,0x7fffcd144708,0x7fffcd144718
  2⤵
  PID:1868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
  2⤵
  PID:3992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:4400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
  2⤵
  PID:880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1256 /prefetch:1
  2⤵
  PID:1836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1976 /prefetch:1
  2⤵
  PID:4288
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6268 /prefetch:8
  2⤵
  PID:1364
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6268 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
  2⤵
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,16350985516792829758,17245392124134933965,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4660 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1852

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3804

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4148

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
360dd5debf8bf7b89c4d88d29e38446c

SHA1
65afff8c78aeb12c577a523cb77cd58d401b0f82

SHA256
3d9debe659077c04b288107244a22f1b315bcf7495bee75151a9077e71b41eef

SHA512
0ee5b81f0acc82befa24a4438f2ca417ae6fac43fa8c7f264b83b4c792b1bb8d4cecb94c6cbd6facc120dc10d7e4d67e014cdb6b4db83b1a1b60144bb78f7542

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6fbbaffc5a50295d007ab405b0885ab5

SHA1
518e87df81db1dded184c3e4e3f129cca15baba1

SHA256
b9cde79357b550b171f70630fa94754ca2dcd6228b94f311aefe2a7f1ccfc7b6

SHA512
011c69bf56eb40e7ac5d201c1a0542878d9b32495e94d28c2f3b480772aa541bfd492a9959957d71e66f27b3e8b1a3c13b91f4a21756a9b8263281fd509c007b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
195KB

MD5
873734b55d4c7d35a177c8318b0caec7

SHA1
469b913b09ea5b55e60098c95120cc9b935ddb28

SHA256
4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

SHA512
24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
aad6dad7370d4a3ba1855d181a47b79a

SHA1
3417d77f6664312add3ef743e3045d772142f49d

SHA256
df6fcd8870955ffaf0bd2c9b68d1ebee1cd0825e9ba6eb0a80ec706f4e966f8b

SHA512
20f98065ebd5d1c766aa0f550f4997426d3392aa5e735889448ad961418e6e83cfc899833ffc6ae32fad63ea21fc55972679f69353a30863d2e211200a5faf4b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
b6eefe838576cf4ea036e89ef7f31241

SHA1
49c28db3b0d4932e1b4344aa988ad90c94224abb

SHA256
b62382bb8d01cb3ae34ddd1ad7593ecb27f565bc9687408751e85f99890aafa1

SHA512
82f18b02bab6334afcdc3deed2f9f9da25d8b11360b698d8651da14d46e6901ca19d683969a26f237b9d49056c890a411921cf3fc95b5f7687e53e42649c3bba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ec7396cc9c2d7b67eeb266ed58af844d

SHA1
02bec6e7d6414576b8d6d7f76727f482f171e217

SHA256
e3ddecf96b38bb0d0daabc102df7978638acaa8dc2465ca83620ecf7d5d28ade

SHA512
564498ea5853fa5260d508618867a0ae74472c49fdf101fdf72ed1572a4be7e83208c38501b1fe2d4cddc2181d349c92625d44f4f0769c10618fd557f46d6f67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9ad5bd39ea89486e98a930d9b78f9c89

SHA1
50d8b68f69a4734bb2684ce176092c85f7089ac8

SHA256
3de146e587654c44dc24bc2874ca558e8f720adea5b2cea639e395a97326a115

SHA512
3da775feadf5e5387fb71389710c834cdb4e4c14d375a6157d3054c00cae5cd2281902e50023eeb973cb5742cc069f66340b3f69953cdf30926c84016f450f30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
85b7bfd973c78e0b0443d6fd00d055ff

SHA1
44dc4d19256c58c3664fd435e86075a3838a01c0

SHA256
7dc0039b7f709bf2a46a1266c09f31ec74e14f1d97fcc936586455c86432c376

SHA512
686e4b559026c570bebfc5682b9b80773b36186f91fff6ca829faec0ab72ec6311f7bcdab4f4998f0879824dd407e8d133f467721526a7f960765bc5543cff3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e47e7ff8cf8ffcbfc666b656e29e9e9a

SHA1
f2015ea96b252e42ca78de2e7e301b0c31915849

SHA256
6cac29729f63df840291413d45fb9e1932fda3596ec70f6e509a72303ab022e0

SHA512
5ecdb5ac48baeef8480eb7dc57949c24728f1ecc521c58ab4689fc72a0be65185616afb5aa5a650c2cab0c152005cfdf7971c3658e2441e9358856a2050c6184

Download Submit