hxxps://steamcommujity[.]com/gift/765614019083521115

Analysis

max time kernel
328s
max time network
330s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
03-03-2024 08:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcommujity.com/gift/765614019083521115

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

Processes:

msedge.exemsedge.exeidentity_helper.exemsedge.exe

pid	process
5112	msedge.exe
5112	msedge.exe
4548	msedge.exe
4548	msedge.exe
212	identity_helper.exe
212	identity_helper.exe
3544	msedge.exe
3544	msedge.exe
3544	msedge.exe
3544	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

Processes:

msedge.exe

pid process

4548 msedge.exe
4548 msedge.exe
4548 msedge.exe
4548 msedge.exe
4548 msedge.exe
4548 msedge.exe

Suspicious use of FindShellTrayWindow 28 IoCs

Processes:

msedge.exe

pid	process
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

msedge.exe

pid	process
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe
4548	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 4548 wrote to memory of 3240	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 3240	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4280	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 5112	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 5112	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe
PID 4548 wrote to memory of 4032	4548	msedge.exe	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommujity.com/gift/765614019083521115
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4548

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff997af46f8,0x7ff997af4708,0x7ff997af4718
2⤵
PID:3240

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
2⤵
PID:4280

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:5112

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2800 /prefetch:8
2⤵
PID:4032

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
2⤵
PID:2812

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
2⤵
PID:2752

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 /prefetch:8
2⤵
PID:4612

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:212

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
2⤵
PID:4340

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
2⤵
PID:4356

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
2⤵
PID:2456

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
2⤵
PID:3164

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,11342511789189584423,12475662983431358771,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5400 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3544

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4980

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3068

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
f35bb0615bb9816f562b83304e456294

SHA1
1049e2bd3e1bbb4cea572467d7c4a96648659cb4

SHA256
05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

SHA512
db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
1eb86108cb8f5a956fdf48efbd5d06fe

SHA1
7b2b299f753798e4891df2d9cbf30f94b39ef924

SHA256
1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

SHA512
e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
192B

MD5
707a4c872b88eec3e98b106eadef564a

SHA1
2981a5a19408756934e50b1a7aad43b401f1f246

SHA256
3480bd4a47bd16d783068246ca8bb071e9373fedee7788ddae40dce0c3874f9d

SHA512
a9f70b7103d752092f32fdb6e11b905ba48e929b6d9c87eb33ae31bc1e78e9a7c05a2c14de744287667ffc3eb790512be090a4e99108039504f50fcd7759a250

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
168B

MD5
b34ec7c4654a1465e565123042919aaa

SHA1
1533085448625c0c95299d6388428e64815c5933

SHA256
3908f0466437e1c937cbc69f02ca5ac37e27ca6880fd261d627bd25be99383cb

SHA512
f908628fef23f9efd3d1f7a431f89ac07943853b50a9a7ddf4e5174bea2bf886ebc7ecb83d8b172f1bb46f21ecbe00df00367e626921a2a3e17f50200a3fa28e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
807B

MD5
68e9ff83c57ceb64e08532be42a2ce86

SHA1
60dfd869beb7a0c81727ab211988bc96f31e5290

SHA256
d24d712854781fa7dc45d7b3e2dbacb97cc4941d45b10eaa5987093094bbda55

SHA512
b12b06e4f4d251b067bc289c5acdd97a9e760f551a7075d466e53738186a5b8b89e507f20d8b3b72011a387af0d45dec75b87a46381317794fa334050b3886c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
807B

MD5
d45718251c1e55f6b97107134c2a7c66

SHA1
ade7057df07e41dffb9aaf111770191cd57e618c

SHA256
3b1d3184424a652a29e5767870115974fc7f8849a0d42bcbc9ceaae8e78b5de8

SHA512
df18058cfba8b1683b98482a95321245a91fcc69de959abeca5ea9e475371753dff2ea695dec65b55388d76fbb108f95693dcf72e2d90fe7e55dc416ab79eee0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
3977fec55cb65da1860e864c0484730d

SHA1
50bdf48cad84ed12a708683e0d8f3e1732a688e8

SHA256
0eacf91135a4749d6cf45ab947951df75bee9d60730b6aac3061e9678ed1ba14

SHA512
1c6e68fa4d6d5f522d7fd6544034f6eb38471e4f43882014968113900fc10c750142d037b882559a55cf67412345d9127f1248080d424fcaa8dc3af269e056f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
a9c0e236b0b4e03080e1616883ee9c38

SHA1
fcb9a1e2b45cc7b6aff4fb623041c1a9b60cc1d2

SHA256
e903e4580a30095318cd87c46dd66ffe4e04084b605f49bdcd8c47cf838a067c

SHA512
46ccacf83a2ba9b88bb0e56bb5a638991bd5bcc84fb09f4f24ac5a51c979c71c149d055ee95bf373d1a8d2895f5284ac77bbaf3176110568cc88d91a32fa8613

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
31b26eb3eb7a2dce7b1434a66e41c96b

SHA1
f651baa6ecd0c0e245305f2632a588803e2e2c38

SHA256
d40a33fc178bcef31eb8a1e0a4573acf916cbe46b8602f19f67ef48ee62e8933

SHA512
e7dfe5d1d49e03cddc7897871d1705eacc35ad55804813456e69eb8c58406dba6e3db17ff0be619431fe7819d487cf87cafa44b453623cf0595ee5d029fd0c01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
13b880d4866527410bad2ab401a61d16

SHA1
4ef802beb29297bba6de592dd7dd6c7f54b1b841

SHA256
e4b8ee5d152d28af7cc7953a077a235ebe82410b5695ed66d2058348debc2ba6

SHA512
c825ab3838fcab8a4a443feac744af7a28ed894a745dff439d4793ead3ea9a6d4a297c4c7d46962370f822adf331a561579bf1ff46c1d45015c2c77b20783aae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
11KB

MD5
5d33ffaf2ce73081089359559b848614

SHA1
d6fe27448f78eafc45516f5881da344c7374bdd0

SHA256
2c40daefd0eaf119a8c58d3e1349804823764aae0aff85f4658633f72bdbb0bc

SHA512
a34c0d0113d9e77d4e1d59a2fc70ec21cef1ab988d374c841e50c8e62a132f782dc6a456b38b251595131ca4e7347387fa9d36c488a10fd43cfa8670591d8eea

Download Submit
\??\pipe\LOCAL\crashpad_4548_OMTPLLQWZLBMSPXV
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit