edc3bd5a28763fc6ce96df98fd1164c16ea815996e27bbd3e5bcc62bb1ffe78f

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28-02-2024 05:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ab230b778a850e26a5a4b4824b010d59.html
Size

172KB
MD5

ab230b778a850e26a5a4b4824b010d59
SHA1

cea43dfc5c170b6d8ad6dd1104a56be34d2938f5
SHA256

edc3bd5a28763fc6ce96df98fd1164c16ea815996e27bbd3e5bcc62bb1ffe78f
SHA512

b18cdcfebb6ebdeb28f936d8290539924593a843401ab825fec97d59e7c6b4d99491bda89cc2ccdd8f0187d9f7b9af757a76ad6b585fbfb967090b6ef7091afd
SSDEEP

1536:EndKsqky7IJvETP1Ooj3ZFN9AwhTGS+GZJyHTN95yZzA/XG3QykW8+2GLNMZjx3z:cPbJvEJOoj/bAwqGnekNMZj5nwoqi7pL

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3920	msedge.exe
3920	msedge.exe
2748	msedge.exe
2748	msedge.exe
4620	identity_helper.exe
4620	identity_helper.exe
3084	msedge.exe
3084	msedge.exe
3084	msedge.exe
3084	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe
2748	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2748 wrote to memory of 380	2748	msedge.exe	39
PID 2748 wrote to memory of 380	2748	msedge.exe	39
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 1864	2748	msedge.exe	89
PID 2748 wrote to memory of 3920	2748	msedge.exe	91
PID 2748 wrote to memory of 3920	2748	msedge.exe	91
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90
PID 2748 wrote to memory of 2356	2748	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ab230b778a850e26a5a4b4824b010d59.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa8d6c46f8,0x7ffa8d6c4708,0x7ffa8d6c4718
  2⤵
  PID:380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2264 /prefetch:2
  2⤵
  PID:1864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
  2⤵
  PID:2356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2856 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:3972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4172 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:2684
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6008 /prefetch:8
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6008 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2372 /prefetch:1
  2⤵
  PID:404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2252,3893944657120143214,8696484586262309617,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=212 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3084

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4556

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4932

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cbec32729772aa6c576e97df4fef48f5

SHA1
6ec173d5313f27ba1e46ad66c7bbe7c0a9767dba

SHA256
d34331aa91a21e127bbe68f55c4c1898c429d9d43545c3253d317ffb105aa24e

SHA512
425b3638fed70da3bc16bba8b9878de528aca98669203f39473b931f487a614d3f66073b8c3d9bc2211e152b4bbdeceb2777001467954eec491f862912f3c7a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
279e783b0129b64a8529800a88fbf1ee

SHA1
204c62ec8cef8467e5729cad52adae293178744f

SHA256
3619c3b82a8cbdce37bfd88b66d4fdfcd728a1112b05eb26998bea527d187932

SHA512
32730d9124dd28c196bd4abcfd6a283a04553f3f6b050c057264bc883783d30d6602781137762e66e1f90847724d0e994bddf6e729de11a809f263f139023d3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
cf7e9e63af66debcf13341bfd19ca4bf

SHA1
c1aeefbb824153ac3e8ff0aec25c9f899e3b8efe

SHA256
3567d517b598350af21c68ba3e35ee833e6dc9ee23f60a48a402c4dbade16884

SHA512
c93fd6e3f9a6440e71742759cbaee4934d8a380abb7091536c9bfb129cc91991d5be40830f19f4b3cb75966c6cdc093d64f00c6e3646d0601356bcd16d1bb29f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
891B

MD5
0b33dbda0f25be70430fc44d3ae9857b

SHA1
d184783f60a092eb1f8dfe0c96bc78c1af4e1ef9

SHA256
ea0a4681641a004886d2ae885b8bda127fb51a85f43e0046a25ae3d6f0390465

SHA512
5131d135ce70cd9c89a9b46552dab434ca71a8204b0ef1aad3e8cdb9b47c16e3b5f6d731f63942d9df062d95e5a6e4e454512e3210360ba097302d6a342e123b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
230441193bef2796ed36df4642206f54

SHA1
20ff62c11d6ee16925485786a8adcac1ab46bd7a

SHA256
087b14da14cbc9abfaa6d57074fed9dc732ef38d4d151baa712dcf930ed628b6

SHA512
c6bdc546d7738d7cff2b3a2c518e1f7f7b0a99de8dac6c841a25853cabe8719dd6a0b5852ed5f0dee30622eb37e8b903f28f51b0a135cb877a4620399df6c4fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d5061b29df0c3b098be0176cbe123cc2

SHA1
92832d9c8accb093fa3fc9ca450f07290b546e4a

SHA256
2d50f8c03d88ba0b2ae7bd3a35934df16938b3fe0e3fa7eb2bd36e34d293b889

SHA512
8b5c53c24f26382a3ff3f03d71fc89f393873a60d11d0c34707065361af5ac0e4114a19a476865635bea9a6bf5c3981691b64a28dafebe49c6630bb75136b993

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
69cf06e933cbcf2e94d07e58ee2da30e

SHA1
ee143530107ad5e8b4ba688061c4e177fa4e02ca

SHA256
84dc86745be48947f5b39aca2fcac670ff5ac90e58fdd69917d0396ed112a8b6

SHA512
7e8ba70190f1c5c4524751bced85a6ac57df6e9005b24e77a166969447becbcf03f16d13a63f068edfd1f005afd13efd9d60692835f0d18622131a3c173ba49d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
39159c8c2717ecd2d0c8bc19ce062b99

SHA1
3ebb1441f2aba7a7a16fd2f65b57406d3b26ec0d

SHA256
952dbdfe24d0d4e71677636e5218b1a6effd6ed02479a5d7181221dec7e152db

SHA512
d2830f563e9a15e26e6fcc2548d01bface03c17a2611a5e5fdabb2f11da4a3d0b8fe04c338327f4c48677f032aa318fffb919e8baa5987c86a2c369acfd1e283

Download Submit