4bb68ff72221f43ab57dc6357dbab8b34b35b65126ad8cf1702e1ef805fd95b6

Analysis

max time kernel
146s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28/02/2024, 18:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ac884b46fb2722aaf11ed97dc37e9b13.html
Size

202KB
MD5

ac884b46fb2722aaf11ed97dc37e9b13
SHA1

3d677123032a4bf7416f0c3d905ed32e6a7210ce
SHA256

4bb68ff72221f43ab57dc6357dbab8b34b35b65126ad8cf1702e1ef805fd95b6
SHA512

55e92684c16acc130d322ee318db86810ab49fcbb2b009f556026c1b74a83e4aa3d2d31447d5a85656fd6926a802ecbb9d0b88c78e5695c61023ba8136c2136c
SSDEEP

6144:E2qm1e7vFqFfQGC5D4LMFAfe8lBLw6qZLCt8gudNDLRm3GBlcoEHqxoS:E2qm1e7vEFfQGC5D4LMFAfe8lBLw6qZD

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1404	msedge.exe
1404	msedge.exe
4548	msedge.exe
4548	msedge.exe
4100	identity_helper.exe
4100	identity_helper.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4548 wrote to memory of 4288	4548	msedge.exe	22
PID 4548 wrote to memory of 4288	4548	msedge.exe	22
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 924	4548	msedge.exe	88
PID 4548 wrote to memory of 1404	4548	msedge.exe	87
PID 4548 wrote to memory of 1404	4548	msedge.exe	87
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89
PID 4548 wrote to memory of 4568	4548	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ac884b46fb2722aaf11ed97dc37e9b13.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8f71b46f8,0x7ff8f71b4708,0x7ff8f71b4718
  2⤵
  PID:4288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2224 /prefetch:2
  2⤵
  PID:924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
  2⤵
  PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4440 /prefetch:1
  2⤵
  PID:3356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3880 /prefetch:1
  2⤵
  PID:3876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
  2⤵
  PID:3108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4392 /prefetch:1
  2⤵
  PID:4360
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4128 /prefetch:8
  2⤵
  PID:3736
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4128 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
  2⤵
  PID:4628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
  2⤵
  PID:2620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4408 /prefetch:1
  2⤵
  PID:3112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,10228319554337009243,14902952136645189368,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4092

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4832

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3660

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
73c8d54f775a1b870efd00cb75baf547

SHA1
33024c5b7573c9079a3b2beba9d85e3ba35e6b0e

SHA256
1ce86be0476a2a9e409fcb817126285bc4ad83efd03ee06a2f86910fe18d4d94

SHA512
191344f5830cfea68499bd49073ffa7215a42265a9629d203d07849b2417c0ffdbdbf288bf2c669e91009a0d7e8bd6a6b378c92fc283049141231ca7bf4da3b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4b206e54d55dcb61072236144d1f90f8

SHA1
c2600831112447369e5b557e249f86611b05287d

SHA256
87bf9a4c3564eb3d8bef70450da843ae6003271222734c4d28d9961c52782e0b

SHA512
c9e8d2452368873e0622b002a0c2f8a2714b5897a09475738a9f9740122d716a9f0d3841725230d58e039564c820d32a6f3a675a7bb04bd163bab53dcb4e22f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
195KB

MD5
873734b55d4c7d35a177c8318b0caec7

SHA1
469b913b09ea5b55e60098c95120cc9b935ddb28

SHA256
4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

SHA512
24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
134ec1f06e908884d59698793959a3fa

SHA1
8d5ec5b31a4fd2ee1f6fe1b591e01a2162095a34

SHA256
62a06b9ba538c5df238b4a2195ddedc230e1d86d7454cd6ace21d5ed6e0b9bd8

SHA512
2a65e8000bf16dcb50d384e9b5bcf7fd13a64ea126f41c3bb71ff98b5f46068b8e57fd24ba3f3c6ca85220f089c5ed396c6a33769f84f99dce2ba40bd4b77807

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
985B

MD5
1423b78bd7eb9c05974d07ac59c1702b

SHA1
8561533fca160e7472975fea6e4790ccf7b077e9

SHA256
9b6fcf72231298192db4e2900c8d95c7e7b2a57c26cc3a9a901916fc872c8dc9

SHA512
7d65bb48d5420113b68a1c21a11e3366defb62e594a669e6b6523dac748c783252f4b87d90aef6c1ca1661e85003e3efdf731770399c2d7bccdd803037d72af4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1ba1b67665b1d598423741a4cbe7dd34

SHA1
917a109cf8b8e36da686204c804fd1efc965d85d

SHA256
ff52d741d562d3487626af5a584c90015ada956ec6be072305c8d38e4d56ca80

SHA512
53b50380f9c89ce428de47a56f07be0f8125a330e07bb9a570fef2cef9abbbdb936007cfbb54b62981148ff6d8e72712a168fe62f0201036c67eb62ca08aadf5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8f2cb0800f8bfb5b8c273e736b727bb5

SHA1
e94c1d93792d92d30fc97db0c3d906dae7224cb4

SHA256
6e7444c074f33e8fbd85fe3f028af9f86ba9e6fe737b1272c4dc493eba662354

SHA512
fe50a15dc03ddbe90ebf1fa145ab17fcc5c9274400ff389a3ab07e674c06e58fc8ef048e0b26f882b7ca18ca1449ad200a8dde81e5e26c957c91be914ad053fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
94a9cc44f9ac1e9247195a23893e3ada

SHA1
8318a05a6f307e2cacbde51e4341730f6dd87ef3

SHA256
a845177cb8e96e99b6512734081ab9465454f986a887ac5cee449875b1436404

SHA512
4c986cac54a0c56f20c976d0f713b1e0ef98c25e72a4e9369937ca32296f296a4b765368bb89408832b49e1922d8dc114ef1ea2e7e73cd792772fa66fc894c58

Download Submit