e01abf03eafc5b8ca1e3488b182da4bd6274bbf4b2a04b6431b64421362e3098

Analysis

max time kernel
150s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
14-03-2024 03:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c791b52ec163fea4d4673b199e690914.html
Size

20KB
MD5

c791b52ec163fea4d4673b199e690914
SHA1

ff1eeb8634f3079cda9daadd4f2108d87099b180
SHA256

e01abf03eafc5b8ca1e3488b182da4bd6274bbf4b2a04b6431b64421362e3098
SHA512

77b3fe7c9f0f995cd63ed6f7afaba9b081f1f068e8cecc57688ab17bfc5cfa81f857581dccc805293064b1c38fde723f8bbccfbcb273bd6880582fb30b729729
SSDEEP

192:xyvKiQtY8wNrSn/iEUKVFTe7/Um1/k24qPLJmaO0AQoYpMFuIgJO:xQkt/QKUUsPPP7bATaI0O

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
5060	msedge.exe
5060	msedge.exe
1612	msedge.exe
1612	msedge.exe
4948	identity_helper.exe
4948	identity_helper.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe
224	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe
1612	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1612 wrote to memory of 4672	1612	msedge.exe	87
PID 1612 wrote to memory of 4672	1612	msedge.exe	87
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 2180	1612	msedge.exe	88
PID 1612 wrote to memory of 5060	1612	msedge.exe	89
PID 1612 wrote to memory of 5060	1612	msedge.exe	89
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90
PID 1612 wrote to memory of 4116	1612	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c791b52ec163fea4d4673b199e690914.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd3e2a46f8,0x7ffd3e2a4708,0x7ffd3e2a4718
  2⤵
  PID:4672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
  2⤵
  PID:2180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
  2⤵
  PID:4116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:4928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:4128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
  2⤵
  PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5988 /prefetch:8
  2⤵
  PID:4456
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5988 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:2888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:2016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
  2⤵
  PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1
  2⤵
  PID:3588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
  2⤵
  PID:5448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:5456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,7325089695643337559,6489304386121428397,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4908 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:224

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3924

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4720

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7740a919423ddc469647f8fdd981324d

SHA1
c1bc3f834507e4940a0b7594e34c4b83bbea7cda

SHA256
bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221

SHA512
7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9f44d6f922f830d04d7463189045a5a3

SHA1
2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c

SHA256
0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a

SHA512
7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
d2198a092479cc988b1b7a4d2ee8499a

SHA1
696023564ad4b2e6a069ca90e75f88d11c7910f2

SHA256
30c1b03f568e6560baddfc16473f1eb0d0ccdb4078cec95b276bb81c5cb7b6f5

SHA512
dcbb7aea8469d5125d6a835145cbe6a51583839ed7fbf4bc4342e45da0f5696b9f888202a72038c6abed86b44802d32d9a30ff0aee26876821e9262628ef4cb4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
b36c5523f6078eb7017febedb871c564

SHA1
09f4661277ccb09b88cfdfc8676e73e1cb992136

SHA256
5ab9c96a247874336dfc09654a8ae84eacdc1ee9b4a61d1122677ae39a1663f0

SHA512
4a415e65ecdb05daca387fd42ece497ff948eb2a6bb92443dda22505b13660292296f0eda471fe8a92552987a4ffa743f7bb48adc1e923881eb03df8ef326620

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bec7e098ecd25f3420e4fb4ca254a0c5

SHA1
b840b44362b44288831b46f824e07f5dc2f226cc

SHA256
600e9689d47dce72320bfa1b259ffd40dc430671718364eff0bf4eca04233e09

SHA512
60a5bd940d5fa83b798e3af965ac9b136c16de8df66f60d9907de5f8e5560c847de2d4017f61581a2d4ca85372800f50329f8602204ef4512eedbbf105e953f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
bb407b5c85590d36fa6c39b5826217af

SHA1
838d2b072c382a6675cc36ebf82aaca99812f376

SHA256
d67892062f38d4c1b4c3b238f7e880737eac9ea6e8f0797e2bf51956c0fc977e

SHA512
324059a98cb582e77171388dc852b343f8777770ec8d0ef46c5d78c429b554632067665cc4202630ade5a0cfacc963c2a68edc2289e9bbebcdd1dcce66ddc20c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
fc40841dd84efe51f35f60f097d1a13d

SHA1
699a10738f88776a31254bb8c181d7f31162d4f5

SHA256
fa65ebda147b228eca9752fe706eceb827bace1bae39c029a44dc86e8f06c2c0

SHA512
63044efc2f2bb1bacf031254e1d5232d8dea2e1cc95f988d226f2cbc04d8e7d620cf8f3c9792241c3a9e435110e012f97dc2d3edf89139676e47a109182996c2

Download Submit