hxxps://click[.]e[.]godaddy[.]com/?qs=033854f2dd72c93d8e0ff793102fc7c93091c472355d6a02745e74aa4912fe9031bb9e692b07999338e60ec8f517fc11126ef8e4ada2329e7a73e5eb7d39ee89

Analysis

max time kernel
150s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
11/03/2024, 21:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://click.e.godaddy.com/?qs=033854f2dd72c93d8e0ff793102fc7c93091c472355d6a02745e74aa4912fe9031bb9e692b07999338e60ec8f517fc11126ef8e4ada2329e7a73e5eb7d39ee89

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2020	msedge.exe
2020	msedge.exe
2868	msedge.exe
2868	msedge.exe
4540	identity_helper.exe
4540	identity_helper.exe
6084	msedge.exe
6084	msedge.exe
6084	msedge.exe
6084	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe
2868	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2868 wrote to memory of 4780	2868	msedge.exe	89
PID 2868 wrote to memory of 4780	2868	msedge.exe	89
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 4692	2868	msedge.exe	91
PID 2868 wrote to memory of 2020	2868	msedge.exe	92
PID 2868 wrote to memory of 2020	2868	msedge.exe	92
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93
PID 2868 wrote to memory of 1420	2868	msedge.exe	93

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://click.e.godaddy.com/?qs=033854f2dd72c93d8e0ff793102fc7c93091c472355d6a02745e74aa4912fe9031bb9e692b07999338e60ec8f517fc11126ef8e4ada2329e7a73e5eb7d39ee89
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbcba846f8,0x7ffbcba84708,0x7ffbcba84718
  2⤵
  PID:4780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:4692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2648 /prefetch:8
  2⤵
  PID:1420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:2280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:1468
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5732 /prefetch:8
  2⤵
  PID:3812
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5732 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
  2⤵
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
  2⤵
  PID:3768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,2965250205508111156,9190825527173052326,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2224 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6084

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1264

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1208

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
73c8d54f775a1b870efd00cb75baf547

SHA1
33024c5b7573c9079a3b2beba9d85e3ba35e6b0e

SHA256
1ce86be0476a2a9e409fcb817126285bc4ad83efd03ee06a2f86910fe18d4d94

SHA512
191344f5830cfea68499bd49073ffa7215a42265a9629d203d07849b2417c0ffdbdbf288bf2c669e91009a0d7e8bd6a6b378c92fc283049141231ca7bf4da3b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4b206e54d55dcb61072236144d1f90f8

SHA1
c2600831112447369e5b557e249f86611b05287d

SHA256
87bf9a4c3564eb3d8bef70450da843ae6003271222734c4d28d9961c52782e0b

SHA512
c9e8d2452368873e0622b002a0c2f8a2714b5897a09475738a9f9740122d716a9f0d3841725230d58e039564c820d32a6f3a675a7bb04bd163bab53dcb4e22f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
840B

MD5
ad8035f5cc76443515ac93c3621a858d

SHA1
f39e3f919132901d662be8041bd78ecb370341b0

SHA256
7bc1a493e59c25afd94e7a09ee0035f2cf44e13cfb7eacb247375f3ed6c475be

SHA512
fd09a88a9f0e488ea6c70f3dddea97db13ec2fc55cad13df62569e97e96560e8f7224acbf484ddc76299a29c21d8c7f2b664935b88dfd514bdd7e9db7563b379

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
480B

MD5
e3481d224610efcbc2049a3b9a391565

SHA1
b49d00eab4bb5fda753c32d33684fc7a23a8abab

SHA256
1d718aa5c4944bef369d325db12ec728e407612b63b5313a6ce0e9cb828807c6

SHA512
929c4e19835239eafc33e86e045ae3bb2567f49edaac89b164dce8df81434a18781cb8dc7d11c5b63eeee0a4d80a322773909abe2bca098a699f438792772176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ddbd557e40c41032ff0d5930cf433401

SHA1
dc23f06bd02e56abf6783db98e1ce4e2eee38207

SHA256
66416355cfa6f2c9965f2c01194558d02d0e0b0ea242e4d961891d47aeff4327

SHA512
e26438e505ddf4b9e2d3d6217de4baa738ca526c007eeb6bc2f35e8d158a5d6eefcf395234fe742dc5298e4139c951f01d0b2a8f6fc7080aa2fe834fdbf10f1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ddbadd18da8e656bef72ed2f9320e0fc

SHA1
be2fd4797580bd0b514bd40975a43318a70db266

SHA256
c8603a7fe9db3f81aceeb2ba3620de5ee6d2e9eec6d30dbdef29902ef0616b94

SHA512
aef54e1fed13b047972a6bc1beea880a665f273d92bd85a925be148cb1673e9399596056a0d7320465408a11b74c3562a5d2a5a810ee15a052e87f0d12257234

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
224937d809b72f7ee24cc3a857fe211d

SHA1
0148df3f201632dbb24e84766fb8596c6987c691

SHA256
ea4d2e10bfd31dd34b5d9cbf3919cd2c734b7a09f2a3a02a20abf008bd454883

SHA512
cae7c4280e34482e51155bcf537f2f717aece7cd37226e77acbbc4a6018563edcf9e3b68245087631d177ed9eed338c7f606f3776cfbf5589040d695d1fd0db9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57efa0.TMP

Filesize
537B

MD5
c976a049addc90e23060e59c0d01b2d9

SHA1
1d5c2de4e392ffd0175f529843d06bde56b5c16e

SHA256
5896092a07e0dfb4d55c321ad5651d15256efc1142cb70976fc54aa63970ec74

SHA512
0498fb55fb082e1676f12569be76b93a0d2321f15840faf10cf0c1251dd8b9f465ddd60ceea4f8d2bd2d48502b6e8a0850b25a98a8d55a9378f2731366eeb896

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7cf7360c4dea3544f92d433ba957e730

SHA1
e3809f539fab17334a9403bfeb2f4d30fa456ace

SHA256
1c467c6ae4276424aff89c885782fceddc9239661fc548c0fe26386623cdd70c

SHA512
841c8cca52222a6d5c79dfd26e727c9aa97f53649f5cceaa5a965a140999c824951454a49bd4727b35e665a71ea758310ebb5a31c4d4ef12c92f4b88be43f3f7

Download Submit