1c0f3e84d231e149577a50ad59c909de6cd11f08daf16b65be83980c108d06b2

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28/02/2024, 06:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ab356567bc6dbf5603b770374935aa25.html
Size

39KB
MD5

ab356567bc6dbf5603b770374935aa25
SHA1

610ba96cb302f65b30b843fdc0aef4e68f4b7d26
SHA256

1c0f3e84d231e149577a50ad59c909de6cd11f08daf16b65be83980c108d06b2
SHA512

959a67913f450d84409ec9164af429c56111c50fe8223afc7ecb0cba14fa8534df7a0cde204b30c26f37e54dcd6bae2deb78ae1aebcaa66bdedb083a695c7e73
SSDEEP

768:HzAqIRIOITIwIgIiKZgNDfIwIGI5IVJ7SqIRIOITIwIgIiKZgNDfIwIGI5IVJ7S7:TJIRIOITIwIgIiKZgNDfIwIGI5IVJ7Sr

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
844	msedge.exe
844	msedge.exe
4800	msedge.exe
4800	msedge.exe
1864	identity_helper.exe
1864	identity_helper.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4800 wrote to memory of 2664	4800	msedge.exe	25
PID 4800 wrote to memory of 2664	4800	msedge.exe	25
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 3064	4800	msedge.exe	89
PID 4800 wrote to memory of 844	4800	msedge.exe	88
PID 4800 wrote to memory of 844	4800	msedge.exe	88
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90
PID 4800 wrote to memory of 2036	4800	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ab356567bc6dbf5603b770374935aa25.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffac76446f8,0x7ffac7644708,0x7ffac7644718
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:3064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
  2⤵
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:3532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:2452
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3136 /prefetch:8
  2⤵
  PID:1820
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3136 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3040 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3940 /prefetch:1
  2⤵
  PID:3808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
  2⤵
  PID:3924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,14670689728323275150,15239563888769835856,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3132 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4616

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3660

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3384

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2476

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9ffb5f81e8eccd0963c46cbfea1abc20

SHA1
a02a610afd3543de215565bc488a4343bb5c1a59

SHA256
3a654b499247e59e34040f3b192a0069e8f3904e2398cbed90e86d981378e8bc

SHA512
2d21e18ef3f800e6e43b8cf03639d04510433c04215923f5a96432a8aa361fdda282cd444210150d9dbf8f028825d5bc8a451fd53bd3e0c9528eeb80d6e86597

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e1b45169ebca0dceadb0f45697799d62

SHA1
803604277318898e6f5c6fb92270ca83b5609cd5

SHA256
4c0224fb7cc26ccf74f5be586f18401db57cce935c767a446659b828a7b5ee60

SHA512
357965b8d5cfaf773dbd9b371d7e308d1c86a6c428e542adbfe6bac34a7d2061d0a2f59e84e5b42768930e9b109e9e9f2a87e95cf26b3a69cbff05654ee42b4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
11495d133f674b1ff6d4299f6ef71ec7

SHA1
be6df47f6e0b9720acb4d2c9b8679ba145b30de0

SHA256
5f5fb17d307bd221fb4bdddda6737d3a132269fc78cf0d2d6dd51c56789d8763

SHA512
5ba7afbdfdc6b703a19bce5624e9e0e864a5e8243edd5ab3542f82dd83aeb3e7aaf127ca21d8b3e073cd2111de3c480d31b7adcff4ba66a850dc67786630c193

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
4dc2a83674a7d166333105d44c310fdf

SHA1
6af791b1b9fbb06b09cc24764d6d061502799273

SHA256
afee6ba34b5e877a1fd61e0b35a10e2b55b805dcd5d8425f5bd33821106cf6c4

SHA512
7b9e9ea66ae04caf6c19a8992bf692923ff2794c6fb9c260f6426145efb22aed5db45bc984f5935b60ea5fe3617f52593b138360a482d4e0d208fcbd817e65e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
ec6562318a57892811c8e7ab2325202d

SHA1
ad7e431d85666c570426aa23a3832e7e6ca22f3e

SHA256
b20ca1e92c507676fba5ab9fe16b52facf76694927f4497e12ebe66a46fb1b4f

SHA512
6362ff9803993fb4e111d57f9b55975cac6103f0e06eee1dee853924800fe625153e6e2fb0ce2dd6195a3f2ebfedca0a9811316ab806f9ee835a60aba201c9be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0294042ff4fe3eb0cb31e9dfcd55a598

SHA1
f8d08faab165ea84bab8b1afc33ec6238d7f49f7

SHA256
7078e92d10b889e13dca40072a14dcd32a49bcd6168eccec827577d66be4da54

SHA512
7fce7d31a3ad9d3995010acbd356d26663d2443931cbb1615aef62b7ac3e70bc5eb75c81b682ce2e931c829d550edc880b1fb0c04b3b002aa8a006a865c1d8a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d5b6d0310f065cee25231efc9bec6c4f

SHA1
61e51466c0c576344e759ef3e2bdb51c716da6fc

SHA256
d1944e6c276ba1a9666f3a32b3497c189cb559e844b97d6d8ce2728811d8ba48

SHA512
f5458447d03af12d30c84c6e7c2e92be261b7338633f9179e6c3e4162b1e2b84be732b52937a960cf7e5dbee8dd684a02ff5265e056686d440ea48db378d08dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
7a411e6234bb39148a626bf768822816

SHA1
9050dadf77f0b6bea8938d10462f2657f6d434b9

SHA256
7c0e825c4bd2c0c1f6d659906f0b09289db7d61e22a0d610a345d76377c2ecc2

SHA512
24e83174f584bfa2dbc402d62627dd89a8d5b6ecebfaa5c3d2f1c19b4a2438862bd112dab38efbc0b8ce8f62221ff80f20bf81ae31d693862c5bbfe55dd9ed36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580a7b.TMP

Filesize
371B

MD5
cc9ad3824170b565891f4de124ed506e

SHA1
bad34358f73916932497808018b893c7583f332b

SHA256
702482b948e41383c3680450494f97388cf14a1c91a134d6d1368ca92e1bd3a7

SHA512
4def063cb57fa3cc3193d2949887f2c0b40d58f5ee6c45b1eab09e8060d57adec91b5aab37960f2371688208ef234eb511e880383bd51bedf6e0b4a23bf8fdf6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
74260cf25c247962f610d80fcd5331dc

SHA1
dc8b8c85f5fabef449ea1038b5b497371156ca10

SHA256
e7b2638497579cd70dc4dec64f0654e1b5f3ca08717b416d54c9048c793d8777

SHA512
972924b60d939765f74c5bd95fba6aebf752e15c8f8485a1152c7ab51ad62eed8b52603de2dfeb233129305f9fc47b6a274462f238d3ccdef4972b46295393a7

Download Submit