dd041ad5d455c5eeef5247aec982eb1d30262d0aac29b2ad773cd15681d8d9cc

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
16/03/2024, 02:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cce160df20b4035637fd028fd7f6d579.html
Size

71KB
MD5

cce160df20b4035637fd028fd7f6d579
SHA1

db8799159b077c4c758d2c9a26f92c405947276b
SHA256

dd041ad5d455c5eeef5247aec982eb1d30262d0aac29b2ad773cd15681d8d9cc
SHA512

94781c1ebf2b79f3b7b40e770945afe325c279d4402157190f604bfb4e3f931f9b5c2a239dc90b2fe0a021547142a1242e4c039377eb727c9227acc292a149d5
SSDEEP

768:SO0hqGbIiP//mdvsYSgLj/DVWmTMYq8Dfr7Vq3t40MSxjfLD+PHgkyMrj3DZ+/V8:SH7Ik/htnwOHqRlRucn

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3524	msedge.exe
3524	msedge.exe
4772	msedge.exe
4772	msedge.exe
5348	identity_helper.exe
5348	identity_helper.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe
2848	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe
4772	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4772 wrote to memory of 868	4772	msedge.exe	87
PID 4772 wrote to memory of 868	4772	msedge.exe	87
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 4188	4772	msedge.exe	89
PID 4772 wrote to memory of 3524	4772	msedge.exe	90
PID 4772 wrote to memory of 3524	4772	msedge.exe	90
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91
PID 4772 wrote to memory of 1824	4772	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\cce160df20b4035637fd028fd7f6d579.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8939d46f8,0x7ff8939d4708,0x7ff8939d4718
  2⤵
  PID:868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
  2⤵
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
  2⤵
  PID:1824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:3280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 /prefetch:8
  2⤵
  PID:5332
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:5472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:5480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:5704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
  2⤵
  PID:6004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:6012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,7285771225640469576,8959251673780114101,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1260 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2848

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1840

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3436

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fd7944a4ff1be37517983ffaf5700b11

SHA1
c4287796d78e00969af85b7e16a2d04230961240

SHA256
b54b41e7ce5600bc653aa7c88abb666976872b2d5e2d657bfc1147a0b49e9d74

SHA512
28c58a2ccf39963a8d9f67ea5b93dbccf70b0109b2c8a396a58389cdec9db1205523a95730485bcbc9d533867cbf0e7167ad370fd45740e23656d01d96ee543b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a774512b00820b61a51258335097b2c9

SHA1
38c28d1ea3907a1af6c0443255ab610dd9285095

SHA256
01946a2d65e59b66ebc256470ff4861f32edee90a44e31bf67529add95cafef4

SHA512
ce109be65060a5e7a872707c6c2ccce3aacd577e59c59d6e23e78d03e3d502f2707713fda40a546ed332e41a56ef90297af99590a5ab02f686a58bcbf3a82da1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
198KB

MD5
06d38d9bf028710762491328778f9db6

SHA1
83e1b6cbaad5ca5f6dc63453da324f8df28de193

SHA256
91558d69c027808e375e11c80166dc6ba245fbcfce715c9588decc55b4a33dad

SHA512
b197e5f92add72688396a07246ee9842a3b0de36508aa57f0254531cb109c77d0392e00ea28e006f9fbab1b8fee9b333998946de47ca7526b631e8c810780781

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
e9779e031c817bca5723b9a3df3916c8

SHA1
b45d2ee1f02d5b86c4f75f08306b580002578b39

SHA256
c6178c9eba4b06bde0ebf3821bcf91f5b7dce300f502b430fb5e05659b1514ae

SHA512
35fcd226b8c97b2f0bac018b2c8e7eb9a240ccbdf723b55b9058bb1a7a4c9b9eb6b714f112cba4c3c786be53eb5f211dcb4b4c94d046ac58c3d8dc47ad385c4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
828B

MD5
ff7b070102de1e7a12ad88ea3d9d7932

SHA1
757005f6efbc8b58e11dabd634cad12592f0f646

SHA256
c92eb33d334ba00db96ac739e0d90fb9788e983acd38f8b03982e61eb5ab8a4f

SHA512
47e49ada6101b5ab844b3bb640f4da947efe576eef2ae9f9203c41316455d6f525fdf1d77e694d7e416d90bbaff00731e030f3c228cf3d0a42c6d18ffaf58585

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
77387aa960af3bd2d8fac801810295a0

SHA1
ca7414210d5b78126f3117c420bb233e55280146

SHA256
10facfb4944ab0bd2b9721aa329cd31099258254f96cafc2710c86d7fbc3220c

SHA512
508b53c9902e66c724681056103e75cc51401c1eef4e17d516bc48396708e9609ae7a1acddaf22abc4f9757c5dd3d2d6e414286aa8e4ce3e6441d7974cb77152

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fe64e02eedc55220cea92dd1a7986ff8

SHA1
4dda145dc8b8dca1a96ec30975070bde49107925

SHA256
ed5e7f8e6bfbc1d795102f8e8de2a177d957f8af6fb2832c53d83c2e96b72b81

SHA512
00bf66af5e50adbb454a3db6911fe1b4336afc538e5225cdc9ca801f50261d2d2b45a4622897c936a3bdfd4dfdfd8a8f4615c916252b26f64457674e15c06667

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
54a4630605f78ea2e4a460d3daa2ff96

SHA1
fe5d36a797d08c60b906f4041794b63585c4b732

SHA256
3d62c1210cb0c97d9934e218a1ba8cf3875088c25e32ecb6648db362250eeba8

SHA512
4de1159e81e62120dbd9822242acb8da985b643b5cc102070be675eeadfc84ad198353499a655875532a55e79f1566408314667e5a3ef23d9e08d0adfee576bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b519246f9af3b9a4322abefe1fa3faf0

SHA1
1c109606b2e56d622d31678eacc956feee52b73c

SHA256
113999424a829222e075b4c0d438e14c1b9adeae5506669d0a0182e1c602173b

SHA512
0d15fc04f321e5da15aaedfe382d48115477e3c5a4b02d97b37c74ee0d81fbfb0ac923554e5b3f00ad790348256b83c8c901106c48db1284f7a4814ed19a08a0

Download Submit