e0249755c399ba0dac88e64d6057342e94347212a1b209a8a157cb2d7369fbf9

Analysis

max time kernel
147s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08/03/2024, 16:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bbc19b52b96a5b954deb1b87f5872325.html
Size

27KB
MD5

bbc19b52b96a5b954deb1b87f5872325
SHA1

56102f3e2a669e6b47befa7d61d7778a5c5734a7
SHA256

e0249755c399ba0dac88e64d6057342e94347212a1b209a8a157cb2d7369fbf9
SHA512

cc4f6b4f7982b39e7a1b6fb83f4d64699e123692d3b0594c6afd4e46f07baec3f45d1d26146e8b32060dbbdac0a8406b0b47aa516837c10197253126f6da0827
SSDEEP

768:Ul9pXTGxK3K4I4cJECTNyx53SFgQwV8EKrhPLf65l8SAqh7pEiGdRvm/:Ul9pjMK3K4I4cJECTNyx53SFgQwV8EKC

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4968	msedge.exe
4968	msedge.exe
3980	msedge.exe
3980	msedge.exe
1544	identity_helper.exe
1544	identity_helper.exe
5168	msedge.exe
5168	msedge.exe
5168	msedge.exe
5168	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3980 wrote to memory of 3840	3980	msedge.exe	88
PID 3980 wrote to memory of 3840	3980	msedge.exe	88
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 1820	3980	msedge.exe	89
PID 3980 wrote to memory of 4968	3980	msedge.exe	90
PID 3980 wrote to memory of 4968	3980	msedge.exe	90
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91
PID 3980 wrote to memory of 3232	3980	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\bbc19b52b96a5b954deb1b87f5872325.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd5ed546f8,0x7ffd5ed54708,0x7ffd5ed54718
  2⤵
  PID:3840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:1820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2696 /prefetch:8
  2⤵
  PID:3232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:2456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:3340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2988 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
  2⤵
  PID:2460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
  2⤵
  PID:1856
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5732 /prefetch:8
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5732 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
  2⤵
  PID:4224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
  2⤵
  PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
  2⤵
  PID:5224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
  2⤵
  PID:5248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,14557735103569434919,6609765931056638776,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5436 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5168

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1072

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4828

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7c6136bc98a5aedca2ea3004e9fbe67d

SHA1
74318d997f4c9c351eef86d040bc9b085ce1ad4f

SHA256
50c3bd40caf7e9a82496a710f58804aa3536b44d57e2ee5e2af028cbebc6c2f2

SHA512
2d2fb839321c56e4cb80562e9a1daa4baf48924d635729dc5504a26462796919906f0097dd1fc7fd053394c0eea13c25219dec54ffe6e9abb6e8cb9afa66bada

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5c6aef82e50d05ffc0cf52a6c6d69c91

SHA1
c203efe5b45b0630fee7bd364fe7d63b769e2351

SHA256
d9068cf3d04d62a9fb1cdd4c3cf7c263920159171d1b84cb49eff7cf4ed5bc32

SHA512
77ad48936e8c3ee107a121e0b2d1216723407f76872e85c36413237ca1c47b8c40038b8a6349b072bbcc6a29e27ddda77cf686fa97569f4d86531e6b2ac485ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
194KB

MD5
f5b4137b040ec6bd884feee514f7c176

SHA1
7897677377a9ced759be35a66fdee34b391ab0ff

SHA256
845aa24ba38524f33f097b0d9bae7d9112b01fa35c443be5ec1f7b0da23513e6

SHA512
813b764a5650e4e3d1574172dd5d6a26f72c0ba5c8af7b0d676c62bc1b245e4563952bf33663bffc02089127b76a67f9977b0a8f18eaef22d9b4aa3abaaa7c40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
1e128dd82ac7cf33033d4d7e3753cbec

SHA1
30cced6dc2bcbc92278ebac5e207a9d41486ffdf

SHA256
905be0e158edf2a145fa65865a37185f002b5f3ed28fe36d6a8491f4b6fa26e1

SHA512
01e172c4e244d15cb00a32050c81ffa25431ce38417b3e6855b4b3a81d71313b2cfc9f9cd22de419aa9a911662de6f71f4f46101346180ed02afa647f71913b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
170c162c5a8965f69cba5708685bbb96

SHA1
0f09b71d1f0f17867e69ab8b9bead56502f95206

SHA256
9e2389dc0fda61ed98c4479c54f457a2fd160a22d0c886541e8ef8c8a7ed79de

SHA512
375f0f3c95fa51b85a12dfbb0763c02b3991e9af3009eb88c6d4ae6dcaaf2be605fe4272c59e7915259b202d626efe5082dfd47feff8a992cb3859143056c767

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
09284456fbe573acaa5635e641220d94

SHA1
1b1d414144c213fa4ea3a971713ea29179184213

SHA256
15fedd612ba9cec2f051cb677ec85c556a33eb6e656a954eb89a47b09847cd7c

SHA512
9ac50a463ea38158729e123dba74d082e9b64f2ffb9b9e18f66610ffcf87b6646d822d266300a2ab35037c1b58277414115d3773f7c592f2c9dcb9a345747eaa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d76f444cb80c17585b6ae0d0af6f44dd

SHA1
d589144435e51db175d5d6ad1ad63f105e64a054

SHA256
0d08316d17091ae964e210ec4d9a2b3240ed38868d98d79ea355baa8aa2904a3

SHA512
01549c31eee4c533a018987540fd450756335ae4a9455ff97fafe17b2bde33a5f7100da2fb06c0e5d5806c167b625ad3d1287e0ed1d0a67c8d87a041d01c3201

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
74a643f1fc941073960e09eaac891b06

SHA1
535e8e62d0782d4688004c8d016771d858f9d379

SHA256
0b1877770c56edf24ec355f8c1797fe51f93fb19b0f44a1c344c9e92508225e5

SHA512
4edf9b041472c3237d44f1bc68ec0b4354d5dfe08ee2132501684724a72eaa8977927bd4fa8e46fd31cb29438d6b7e3682061010f1b98423c2487c7531afa398

Download Submit