dc6cb19b0e5b8d4659cb2864e09b03d2c5e2cd72263c97357c91650775ddb4fc

Analysis

max time kernel
147s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28/02/2024, 09:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ab946c277fc396645e198f62a018483a.html
Size

14KB
MD5

ab946c277fc396645e198f62a018483a
SHA1

86c4bb868f5b363f563e7fe4decff34aa6c49143
SHA256

dc6cb19b0e5b8d4659cb2864e09b03d2c5e2cd72263c97357c91650775ddb4fc
SHA512

798b668f14142568c95fd521106ebcde9ce680cbc9d322c81cffbe721319d015631de857cb95dd1f9f0dc941514d8c18cd32d17d486a7dd633a4203e98f84b02
SSDEEP

192:spyhl5jcJ7J7dTajPjYNJZd1jzQxdowB/dvXKe6CfTxBXGpsFl6KlmP3KTAL3E2:5tcJPTE7ohjzgmwXPKe6JezJ2

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4920	msedge.exe
4920	msedge.exe
2792	msedge.exe
2792	msedge.exe
4536	identity_helper.exe
4536	identity_helper.exe
4612	msedge.exe
4612	msedge.exe
4612	msedge.exe
4612	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe
2792	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2792 wrote to memory of 2692	2792	msedge.exe	25
PID 2792 wrote to memory of 2692	2792	msedge.exe	25
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 3884	2792	msedge.exe	91
PID 2792 wrote to memory of 4920	2792	msedge.exe	90
PID 2792 wrote to memory of 4920	2792	msedge.exe	90
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94
PID 2792 wrote to memory of 2588	2792	msedge.exe	94

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ab946c277fc396645e198f62a018483a.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc2d6246f8,0x7ffc2d624708,0x7ffc2d624718
  2⤵
  PID:2692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:3884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:1456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3048 /prefetch:8
  2⤵
  PID:2588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4244 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
  2⤵
  PID:860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8
  2⤵
  PID:1964
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
  2⤵
  PID:4196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1
  2⤵
  PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,12392848325255463255,8416609749863884617,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5048 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4612

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:448

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1136

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7740a919423ddc469647f8fdd981324d

SHA1
c1bc3f834507e4940a0b7594e34c4b83bbea7cda

SHA256
bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221

SHA512
7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9f44d6f922f830d04d7463189045a5a3

SHA1
2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c

SHA256
0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a

SHA512
7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
195KB

MD5
873734b55d4c7d35a177c8318b0caec7

SHA1
469b913b09ea5b55e60098c95120cc9b935ddb28

SHA256
4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

SHA512
24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
e7f1921806b46d0c4ab5c4038c1e3388

SHA1
62736c36630c7af76d1855e0c317a7fedc83e398

SHA256
5a157b5b4c1f2c8ab17129debbaec4e275630c92b0cf514e76ffddf5ee19cf46

SHA512
af1a80f8aef12ebe9ea3e5d2c478c8258bcf1c0d1bc4d0e694cfaa9f041d6f05ffad44b8499371b04feb9016f1da38ec8ef3095ea85c2956ce71c23a680094cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
32c33ee8fddc5d7ba0f516a11935cb35

SHA1
95536c3daa465905c82f1fe08c3031585b1dca1d

SHA256
65c86b89a8133da1f5063c09b824c201554a0af3abde769214ef705d16085052

SHA512
8f2ce4819b846b12f9ae6311c4a82a4ee7ebee1e33245ef751476c1d7d5217bfa709d40d58774ff4ebea05afaa74b290ed2ce9f83f22f453c6b930517427afa2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f7c0b4dc7c77be743b86cbd52883885b

SHA1
780a9b9075c1f88ac111c03e259c670a0f3964d0

SHA256
d6b0065cc71985378c26f0314806d82a4e2ba8b65b9732a3a0ba897225b65826

SHA512
2cf9699bb28d6b452aaa4cdfeac8719380dbc30570d529ff1e12aab4ffb26c63dc407358561c6c98c6a1335c63b3c9cef47676e8b5c760d16482f300d0b68c9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c0aafa1355dcb093ed8489608005f316

SHA1
eaf3d955da3d22dcbba7d4fa4c55480f4bbde040

SHA256
b978707cfe36661f4fe79869cf22de9a2464a684993f0ffa8df1b115f98f9afa

SHA512
0908dbfc70f2c7ec2710d178ed7b201cb729d6a12acd51cfffd88dc962f056c9a976a94d89aec207e71fb35ebcb0b86a7e073af12d8a4aca5e2a8014997e7349

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
2916cdba5d17dd76a8db55626e48e699

SHA1
c7252b0def0ed4490aa667ade44ef7f5aebfc695

SHA256
c355ba6085eedc8d03eed20a5bfd6b20f421891d30f8931b828b63063c65de0d

SHA512
c19320418026a867d422108c530c1cf28faeb989ba13901ba36b05ef213911dd48815aca9e84122e99d14aa6a3446b9a2cb7e28537a915f52e7e8a0473f9f587

Download Submit