08620e8d67f48f0599598a5d0232b8099ce7b956816e3a8074046fd254f091fd

Analysis

max time kernel
149s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08/03/2024, 14:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bb77aa21bdf236d0baec486452e302e4.html
Size

62KB
MD5

bb77aa21bdf236d0baec486452e302e4
SHA1

949148cbbc7f412b868923015a3dcb63fee77a91
SHA256

08620e8d67f48f0599598a5d0232b8099ce7b956816e3a8074046fd254f091fd
SHA512

592075aba3511be43e072172e341018b43fd9a416a7553283339c6d83cf05732d72025e2a1dc2bae681f940f2a95f0f1e632dfdbf90e9224365ebcf3025af1d4
SSDEEP

1536:4IRIOITIwIgIiKZgNDfIwIGI5IVJ7SqIRIOITIwIgIiKZgNDfIwIGI5IVJ7SZZZB:7ZZF1J9F1hXFt

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2044	msedge.exe
2044	msedge.exe
4264	msedge.exe
4264	msedge.exe
700	identity_helper.exe
700	identity_helper.exe
5608	msedge.exe
5608	msedge.exe
5608	msedge.exe
5608	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe
4264	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4264 wrote to memory of 4948	4264	msedge.exe	87
PID 4264 wrote to memory of 4948	4264	msedge.exe	87
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 4636	4264	msedge.exe	88
PID 4264 wrote to memory of 2044	4264	msedge.exe	89
PID 4264 wrote to memory of 2044	4264	msedge.exe	89
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90
PID 4264 wrote to memory of 1044	4264	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\bb77aa21bdf236d0baec486452e302e4.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9153446f8,0x7ff915344708,0x7ff915344718
  2⤵
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
  2⤵
  PID:1044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:3876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:3656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1612 /prefetch:1
  2⤵
  PID:440
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
  2⤵
  PID:1988
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1884 /prefetch:1
  2⤵
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3012 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,6234838170247842345,4140492110843024104,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4900 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5608

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3816

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3796

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3748

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fd7944a4ff1be37517983ffaf5700b11

SHA1
c4287796d78e00969af85b7e16a2d04230961240

SHA256
b54b41e7ce5600bc653aa7c88abb666976872b2d5e2d657bfc1147a0b49e9d74

SHA512
28c58a2ccf39963a8d9f67ea5b93dbccf70b0109b2c8a396a58389cdec9db1205523a95730485bcbc9d533867cbf0e7167ad370fd45740e23656d01d96ee543b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a774512b00820b61a51258335097b2c9

SHA1
38c28d1ea3907a1af6c0443255ab610dd9285095

SHA256
01946a2d65e59b66ebc256470ff4861f32edee90a44e31bf67529add95cafef4

SHA512
ce109be65060a5e7a872707c6c2ccce3aacd577e59c59d6e23e78d03e3d502f2707713fda40a546ed332e41a56ef90297af99590a5ab02f686a58bcbf3a82da1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
72fd5ca107800194eea42fdbbd01149d

SHA1
c5c1648e0e1d2a5092854c96a23275a04215930c

SHA256
2358b5ec0f813ab6a7d3198322920f3c8cc069a631084e2bfaabe1d8dcf7ff54

SHA512
6e4b9d569fec3628809c313c47913be7fa719751f9dddcecdac250f9949c0f416949500b7543b548d587bf8f4afd59fdf6f2efa940fc7ca5dad03a4fd20532f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
6d12388689fe15c20159683dd4653e21

SHA1
97ec35f6797089a2e26d6131a4f848e173fd1040

SHA256
674e1ab45b74e73580be66c23a617db517f45636b5f831c13b6ac6a532501af0

SHA512
ac09097ddd227e51e256340281420e4f9b0a67b9d39b9e289d18e976bcdec4a6d6e94fc93650aec04c6520ebcc422cb9894da69ad2a8dbdd87847dd603199270

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e65fb07b56f217a86c7c9ef7d5e8fbb5

SHA1
e036be9ae0704714ce4934f00dd8906a641bd74b

SHA256
f24af16c13582dd5f803ce9019ee03262176f90852278bef7dfad78751305e3e

SHA512
95f62ddc5df5b220fa7e3b13699399b44126a9c652a26f9f9ca8c07a7a923bc6c4757470f3e9fcb3fb8077e93ce88afad80761d4afe75af41ccd9f040980c12d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
523fc4e27cae1b803602d80b48f57b5d

SHA1
05676505fc8e63f4a3e463b145730adb1c65ddab

SHA256
bfc582b1d5a9e8141f2dea0a9181254a0bc04406d61e91f3b80ea295258a2f6c

SHA512
9e636c2f15163a3faaffdfef71ebd9dd2087f1b322d3bed80c7f184500e50aff9103ab8d62f4f1239349a922416e35d3be7b9ef61d1969a145b63d52d1baae1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
db734b0e527d5becd207359484e59367

SHA1
8c56fbfe79beb71a8815596123ab990c3e690fd0

SHA256
ae7a69e1b993a5f5d93ce0a97e11241b84ada6cb66615d9f9261291c44abba4a

SHA512
a94afea2ac06f0bb988510c3400bd1d5b7595f4acb6ce9fb0f2c95008e0665e17fec8a9af6dc98af02c01e4650b97be2b53217d1132c22a4f8ef33afc5be7d1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
f0d41c060d292773fa7208d0973bdcad

SHA1
1992ff441d620807919e27b381f91941c779bfbf

SHA256
aa2560903b44bf2bd3830f0f0acabb14bb3aece2500e8c70cfe79ef76c686ef6

SHA512
289c488413ecb4331110f86584e79ebb1b1912f2ec94af90a89ec27303bbf52af5594adff39107b2cbc3ea37cccfeac88ea948476cd9f78e35a3126035b1462e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe586bf4.TMP

Filesize
203B

MD5
7b9197adca066aeb101d2aabe98a9b94

SHA1
4a80521fd76d3344de0aea4ad1cce4a5be777c24

SHA256
133a108a5e168d23150d8f35be30241d10bedb8d63b9f1007d4d53b021335172

SHA512
43ea27b84e0c71f0dca0f7cdbf111aee2f4233e021449ee20b4b33396061003bdfa1dd13927a681edf3837679a87f321a1cbf557354a30aa9fe35eef76448151

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
964d840ef8800179209c39c1ac0ff51e

SHA1
17910f13e7e9e6fd9032888ac044c31faf0f75ba

SHA256
94948bd7674c2c5f6b722107c0388becca337810fa35795120e0e5bdd8deb38c

SHA512
df63d5134d18a5d6d6d07b1021281ec2cf79a26c92964d808b7a8fc8c1d7beddd50aafd3ea4b6d1c916015f726664a2cd776a3c121440230246215bc314be410

Download Submit