e5749025a38cb3baabe31239dcbf754306bf22b78ae2b949952b9b60c9144e33

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
07/03/2024, 17:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b94e58efb64aae184d6fecea9d49b460.html
Size

48KB
MD5

b94e58efb64aae184d6fecea9d49b460
SHA1

85fe7bcc618c0c9587595289585bc6aa5c383c4e
SHA256

e5749025a38cb3baabe31239dcbf754306bf22b78ae2b949952b9b60c9144e33
SHA512

810637d1f24f8008d73ad36273374ebcb3150548d673059f9e51ed3b72d3c1d149ff3b1bd88652236957ac4a307b968fc9fff12c1343fbeb9e3ae8db31732aa8
SSDEEP

1536:gQZBCCOdP0IxCkOOnlSIZn6+Jz+suGjh4//WC:gk2t0IxS

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
232	msedge.exe
232	msedge.exe
2300	msedge.exe
2300	msedge.exe
5032	identity_helper.exe
5032	identity_helper.exe
5924	msedge.exe
5924	msedge.exe
5924	msedge.exe
5924	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe
2300	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2300 wrote to memory of 1968	2300	msedge.exe	88
PID 2300 wrote to memory of 1968	2300	msedge.exe	88
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 4516	2300	msedge.exe	89
PID 2300 wrote to memory of 232	2300	msedge.exe	90
PID 2300 wrote to memory of 232	2300	msedge.exe	90
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91
PID 2300 wrote to memory of 1524	2300	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\b94e58efb64aae184d6fecea9d49b460.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x9c,0x108,0x7ff8633946f8,0x7ff863394708,0x7ff863394718
  2⤵
  PID:1968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
  2⤵
  PID:1524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
  2⤵
  PID:3108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4192 /prefetch:1
  2⤵
  PID:4164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6304 /prefetch:8
  2⤵
  PID:2484
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6304 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
  2⤵
  PID:684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6268 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,2921720633270773573,13277702442637759067,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5616 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5924

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4364

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1984

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
47b2c6613360b818825d076d14c051f7

SHA1
7df7304568313a06540f490bf3305cb89bc03e5c

SHA256
47a22bea2e7d0154c59bf5d8790ec68274eb05e9fa6cf0eab0d648121f1a02ac

SHA512
08d2366fc1ce87dbe96b9bf997e4c59c9206fcfea47c1f17b01e79aeb0580f25cac5c7349bb453a50775b2743053446653f4129f835f81f4a8547ca392557aac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e0811105475d528ab174dfdb69f935f3

SHA1
dd9689f0f70a07b4e6fb29607e42d2d5faf1f516

SHA256
c91388c87878a9e2c530c6096dbdd993b0a26fefe8ad797e0133547225032d6c

SHA512
8374a721ea3ff3a1ea70d8a074e5c193dbba27ba7e301f19cea89d648b2378c376e48310c33fe81078cd40b1863daec935e8ac22e8e3878dc3a5bb529d028852

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
194KB

MD5
f5b4137b040ec6bd884feee514f7c176

SHA1
7897677377a9ced759be35a66fdee34b391ab0ff

SHA256
845aa24ba38524f33f097b0d9bae7d9112b01fa35c443be5ec1f7b0da23513e6

SHA512
813b764a5650e4e3d1574172dd5d6a26f72c0ba5c8af7b0d676c62bc1b245e4563952bf33663bffc02089127b76a67f9977b0a8f18eaef22d9b4aa3abaaa7c40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
2bc9958c6b1754276c2e2c4cd6632358

SHA1
31d5e4ef5b63b6167926e1f1bb7955bb50f38255

SHA256
0917ce93cbf3a1cf67bc07c2eef806c7ecfc1523998c7d15e19d479a4bf3083f

SHA512
d548e86eff3e61d938d71a823d3c43045f1fbe010b69d24316b54cc713ca6cd60c9c0142b02a23f21691d53562b6ee19de2a880509aabd02339392c85c363c54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5108ef346a2f0e71687f443b1c304e3e

SHA1
fbf261dcd856b63bc76e9bd0c4ba55d7341b99c3

SHA256
209f6659dac147681968a5828bdca86c4f9dc9b03e2fd0a2a09f939f04abb1a2

SHA512
fa77d8f9f87ed48b70cae92f4b23b866bf0868cb04d7ba1260da8b232448be5d217ca941be5e22bd790f1091386aaa921e1ee7ae70ec45f8b890c8ee8cd21432

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6837480b5237917d4da7371a6a0ab6f0

SHA1
06ca7afaafc388447180cdbe3dc5a19d66a41991

SHA256
aa8992cce2d4791cb6d6dc4feabcb4bb3300b81fce97319ec43c4fa8b5e62393

SHA512
83208973dd08b5700356fe8d42c13ee949012ef6c8f3ffef5effa1397ac3b2e6c97b8bd99ed3f5197e505a45c50255eb38dfe8832b841e7439eb1e2a471b075e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cfdef97b4ab8648f86bc9c1c9c5b2896

SHA1
43d4c1ed4b9f360c80e2d199aac1dda1bfed7ac9

SHA256
c3b5cfd8504073eafccdb884563bf6ad32b662eb32c488da5729e5d11619e483

SHA512
3e1234218df048d72a184e6440a324d1128cf03432bc4a8ecc34197c475ba7289a37c63b52eac1bc13d72a2465c50d4996f501023d8efd9f509686387087f5ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
5f39b802bcce6bcd12bf74b86c19deb5

SHA1
6c6eac3088d8ea028f8af37e28a0eebe71abb02c

SHA256
0d985f38eb989e9d609d02377b85b4dba6a32710b30f0194295a89980b759325

SHA512
3028acf30afa1c6fb0aba7bd454d38570f2fe8ef6cd8db82a582c489ccc50bf098515841371fa13c44039f674851e256fa9795a85163886717cac0ef3ebbd9c8

Download Submit