e4fa1d3699a2271ae0612da43f7c02cfc001f94d2c702dbb73f73efa1a1dcf7c

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
13/03/2024, 20:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c6c60af17e28187bbb2c66a211cb5071.html
Size

19KB
MD5

c6c60af17e28187bbb2c66a211cb5071
SHA1

6c9143d55d82afa598b179c72280d49c316e39ff
SHA256

e4fa1d3699a2271ae0612da43f7c02cfc001f94d2c702dbb73f73efa1a1dcf7c
SHA512

40676c4d5231cf7632874f88bbd8e47ed3375a2e9398778c4a0da07b6ab7122c8575f02c3d917c6285c783262b2e7fe8f0190656b57be90780b9cf96c41c01fe
SSDEEP

384:4+QfPFd9QZBC7mOdMgKtKfpC5IgSnbmFe7Ac49670LAPd:Zcd9QZBC7mOdMgfpC5I9nC45Pd

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1312	msedge.exe
1312	msedge.exe
4360	msedge.exe
4360	msedge.exe
5128	identity_helper.exe
5128	identity_helper.exe
5252	msedge.exe
5252	msedge.exe
5252	msedge.exe
5252	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4360 wrote to memory of 1924	4360	msedge.exe	88
PID 4360 wrote to memory of 1924	4360	msedge.exe	88
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 208	4360	msedge.exe	89
PID 4360 wrote to memory of 1312	4360	msedge.exe	90
PID 4360 wrote to memory of 1312	4360	msedge.exe	90
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91
PID 4360 wrote to memory of 5060	4360	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c6c60af17e28187bbb2c66a211cb5071.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcb55f46f8,0x7ffcb55f4708,0x7ffcb55f4718
  2⤵
  PID:1924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
  2⤵
  PID:208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2956 /prefetch:8
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1980 /prefetch:1
  2⤵
  PID:1132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3980 /prefetch:1
  2⤵
  PID:2716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5928 /prefetch:8
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5928 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
  2⤵
  PID:5216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
  2⤵
  PID:5224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:5564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,10904052280457179592,3126364863813320100,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5868 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5252

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3644

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2124

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f35bb0615bb9816f562b83304e456294

SHA1
1049e2bd3e1bbb4cea572467d7c4a96648659cb4

SHA256
05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

SHA512
db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1eb86108cb8f5a956fdf48efbd5d06fe

SHA1
7b2b299f753798e4891df2d9cbf30f94b39ef924

SHA256
1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

SHA512
e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
194KB

MD5
f5b4137b040ec6bd884feee514f7c176

SHA1
7897677377a9ced759be35a66fdee34b391ab0ff

SHA256
845aa24ba38524f33f097b0d9bae7d9112b01fa35c443be5ec1f7b0da23513e6

SHA512
813b764a5650e4e3d1574172dd5d6a26f72c0ba5c8af7b0d676c62bc1b245e4563952bf33663bffc02089127b76a67f9977b0a8f18eaef22d9b4aa3abaaa7c40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
7a16c9be1be2e6965da2de7c0dd8fc7c

SHA1
2e8edbdcd5a0d4a0660308236cc65dbf524ff9c6

SHA256
99b9c6178327d18a22b145a235d361b302f93c16bb78c00fa7748e0472e94f89

SHA512
16ce96293fb06815b24a9897998c8e7b0892cb1e2ccc63cc323b750cf3236b8e58ccf788423d22ea86d9b9cd03cb7fd12e3cab6c920975608b03080a363ec0e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9c6d749ccbb8446d8fb2229d22507aa4

SHA1
3d4bc4db892be734532e5a03c838b3d872c7ee5c

SHA256
816ebab8f81e29831ac9e9192bdf3ede597cdce74f3e55201ecf8aa8b7500aaf

SHA512
20b164e46025d48891d13cf4a34f34f9d610fe2a7c22996e782ea75391bc03462e7bab7fa64bc281ac3efea92419260a12f9f2124fe7c7722db1e7ed7eafdc8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
217d782d9f62f52069372fd44f658a1e

SHA1
1723a91a7d49298cc91c9f613cb2f39a12a77ddf

SHA256
1be8a3a6161cef3b23afa33ef69fd39e3b1f52997f659119f03ed3217ddf740f

SHA512
49cf8390813c899357e6dba02990b8f5df65c2dff5c0e277074173ff00fd81a66b53e813c3206305635e7ace6946a71bfd412df0b344e61f1d64249296e7a3b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3d604d257695a2b5ab8019f533d40b0e

SHA1
c5d062e5ac672c302cdacf70e03ab2c300f8d88f

SHA256
f2c72f1b8b87de83fafdfd5b6afb3aec27f19a5194835df88aa4165b957573c6

SHA512
5ccddf9431140855d99f9a8f0e44d021370c511240765562708049b9593bc65d9282152c63271974aa324dbe5161d0d8215cc874107c492e2ccacdaa5234f6e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a360f25bcc061e5340db610eb5f488e0

SHA1
6d0d9578e2ecbd9db68e7407e596f6f182c06f8b

SHA256
20ebd0ef869a06d547111d3b74f7807469390206ac9dea06c98ef66118723135

SHA512
e07bdda212d022559634b74b4693150f92186e435f8901fe37b29649571f7bf31720499239f66f770c468ba9c118f311788dbdf6f666d0fd418cf1892fd368e6

Download Submit