abba2f688ba0db60b4c290986fe9f409d98a33b2cc712215a77d83a9a4ef8be4

Analysis

max time kernel
150s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
05/03/2024, 15:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b4fd1638b938fb159a32e3da39d2d24a.html
Size

90KB
MD5

b4fd1638b938fb159a32e3da39d2d24a
SHA1

0bb9f331abfca6bc6feb0a471658eb60323fa253
SHA256

abba2f688ba0db60b4c290986fe9f409d98a33b2cc712215a77d83a9a4ef8be4
SHA512

eca4df7d859b7d04b71025f0e88c2f92857e3493ed4a0905a965e2c18105aa2c19f27ff3da12c7222736a23357437c9c3f2faf8a73754665ed3de16625a65ed8
SSDEEP

1536:t+ycJIRuXEjHInFz9tSLJ/DV1Vd31vFz9tpBBkCJXNcOIOII:X1osEFz98F/R1jlvFz9NOCJXNV

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4616	msedge.exe
4616	msedge.exe
4268	msedge.exe
4268	msedge.exe
5612	identity_helper.exe
5612	identity_helper.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe
4268	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4268 wrote to memory of 1192	4268	msedge.exe	88
PID 4268 wrote to memory of 1192	4268	msedge.exe	88
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4244	4268	msedge.exe	89
PID 4268 wrote to memory of 4616	4268	msedge.exe	90
PID 4268 wrote to memory of 4616	4268	msedge.exe	90
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91
PID 4268 wrote to memory of 624	4268	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b4fd1638b938fb159a32e3da39d2d24a.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa7fdc46f8,0x7ffa7fdc4708,0x7ffa7fdc4718
  2⤵
  PID:1192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
  2⤵
  PID:4244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
  2⤵
  PID:624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6004 /prefetch:8
  2⤵
  PID:5596
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6004 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
  2⤵
  PID:5644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:5660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1940 /prefetch:1
  2⤵
  PID:5892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:5900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,17645327708515896988,12144473613102591182,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4912 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4984

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4528

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2228

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3728

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7c6136bc98a5aedca2ea3004e9fbe67d

SHA1
74318d997f4c9c351eef86d040bc9b085ce1ad4f

SHA256
50c3bd40caf7e9a82496a710f58804aa3536b44d57e2ee5e2af028cbebc6c2f2

SHA512
2d2fb839321c56e4cb80562e9a1daa4baf48924d635729dc5504a26462796919906f0097dd1fc7fd053394c0eea13c25219dec54ffe6e9abb6e8cb9afa66bada

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5c6aef82e50d05ffc0cf52a6c6d69c91

SHA1
c203efe5b45b0630fee7bd364fe7d63b769e2351

SHA256
d9068cf3d04d62a9fb1cdd4c3cf7c263920159171d1b84cb49eff7cf4ed5bc32

SHA512
77ad48936e8c3ee107a121e0b2d1216723407f76872e85c36413237ca1c47b8c40038b8a6349b072bbcc6a29e27ddda77cf686fa97569f4d86531e6b2ac485ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
3abb85df75b6547fb8c334fce74558ef

SHA1
d21e312b2bcb0691a4c673ac7b04624ab6758142

SHA256
58aa6b50f4fb0fd632695246ce27f82d51dbe895bd9e5a757f1bec3ce8182c93

SHA512
578b83105948aa56ce38088b26f3112cfb1a350c7b3a5179e06358ee460f890e9523d7e754a7592870804671925e828b256fca9a0c36b7a657fca4f3e30f0fb5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
f861ecfedec599d5c9fdb910f3221f3e

SHA1
a42e32d796ae04e7b722246e662707ec7387b903

SHA256
7766e59d0b350bffda79a6c42e6ab6d7073d2516d494da84b77c57f7b608d59a

SHA512
74a2b025c91d72da2aeef18d28ff989103f8f213eaac77cd56af1694d86199dee93c6e1d8a2cb4d3788294539998d82fa2b93ecc2d269c6b1998a34562b21735

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
3547e1f30e8f157e24a2aceec2a26668

SHA1
80191e7c90ace65687062d3cf6b18d5b42a3ee80

SHA256
c6b7f45b112d3ad50f1707efb13f39dd89851ad5168d06d5b0c3b0bfc0d441eb

SHA512
fc0e4669a8b645e07094256d139124319a40ed2e22fd1809492f08111e2f38cd9ad38c16ddbc87e40d904978fa25dced3a2b62878898cdd2623aad192e30fbb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
24f8d468c79e775b1ca76ae273bb9a6d

SHA1
e181f596d201184491269585ec800adbbfbb34f0

SHA256
a4121f73b1431cfc2e210843ab713a53b430218243ab4f8c6096f2d55118a799

SHA512
7684d28946348fd96d0ff74dde66396f901004ec520186c058528b2ab874600d4818c3210eb3ab72259ef7f53709e24a583d543950ab2e2e352e807729430418

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
49db79f883fd3c89744f087a128819e7

SHA1
f8179ce33c49b17f4e27b88790b81ffb4a962391

SHA256
1970982f082f3fe9fc1729fbc8f6dea427823b31918df923e109f7e4c67676db

SHA512
e0f3e5d66dbd31d7429c57e0f45821e28c63e5d466aefe182dfdfd46435b57bea03a30bf0d23dbe1971b3241ac0a92212622c2e9a3aaf9d9d158d71d7860700a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ea6c61de215ec0d973ea0f1f22ee0dc4

SHA1
94f74a5005b5e7c1f0ce24afcf699c07a624eac4

SHA256
4193633f48b0fbdd13a858ed9d477d3909e7080b5289199904c5451bb2c08e3d

SHA512
f06f2393557c62f8020c853b5c7a293de794daeed27abfd2eaeeb735144ca41de80203a403b7fdd92c0907972ed8e0cb9d926ea93cbf7f3d24ea9cb9be4b3343

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
d83bf21410f77d8d89d567bb03939cd6

SHA1
26a75e28a41db12a043fe7f3e1d725f228076ec7

SHA256
f4034a05b28935ff046af234a0832656fbdf1c9c949c934b465f0942a2cbeb37

SHA512
0ee3fdb9d00af8a5d444548efe2545f28544420ea8b2954b5b841d1a398605e1e29f20bf5e7e7b04513627e26e60eb302ecc7487caf83dab31922db17f60ac72

Download Submit