dcf77a35d0ad5009710aa7c4cb64d9107bd7114ec6aa8cdd91865b342aeec9be

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
18/03/2024, 16:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d3f0cf6ab2fdbf3548efc955a03af572.html
Size

183KB
MD5

d3f0cf6ab2fdbf3548efc955a03af572
SHA1

8e32391d6d0b1ec30cc2e6bebd35a113b2345cde
SHA256

dcf77a35d0ad5009710aa7c4cb64d9107bd7114ec6aa8cdd91865b342aeec9be
SHA512

649fe379c301c3cb46665af419f2d78711d61448ab846ac582340b31437c46fa0cf13c0e9b98323255eb5a0dd5f2ff911742dfbf3709671dc02301dbf4fb0991
SSDEEP

3072:0RcVhIVs2LQegU0Dzvj40MZEPjLpUxAfYxslxNcl8CLcXmNRS/GWkVsXLYXk80se:UcjJ/jXmNRCz+lxRkR8i

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4112	msedge.exe
4112	msedge.exe
216	msedge.exe
216	msedge.exe
860	identity_helper.exe
860	identity_helper.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 216 wrote to memory of 3904	216	msedge.exe	88
PID 216 wrote to memory of 3904	216	msedge.exe	88
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 5020	216	msedge.exe	89
PID 216 wrote to memory of 4112	216	msedge.exe	90
PID 216 wrote to memory of 4112	216	msedge.exe	90
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91
PID 216 wrote to memory of 3312	216	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d3f0cf6ab2fdbf3548efc955a03af572.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdb34346f8,0x7ffdb3434708,0x7ffdb3434718
  2⤵
  PID:3904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2
  2⤵
  PID:5020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
  2⤵
  PID:3312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
  2⤵
  PID:3112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:2636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:3020
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6104 /prefetch:8
  2⤵
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6104 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
  2⤵
  PID:884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:1512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,1075962743119570284,13377538672860871815,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5764 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:452

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2592

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2368

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7740a919423ddc469647f8fdd981324d

SHA1
c1bc3f834507e4940a0b7594e34c4b83bbea7cda

SHA256
bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221

SHA512
7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9f44d6f922f830d04d7463189045a5a3

SHA1
2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c

SHA256
0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a

SHA512
7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
c10759decd743bc2f93afde3dfc03de2

SHA1
f98520c10b63452ad6ec8a0e8764f5304d898554

SHA256
86f2be49b872e287000132013f076488f33e18f76fdc48df166748389f028264

SHA512
d64803ca8ca86a7da80c775a329d771ee833e6c29c0389c6293f80db99038f530a132dbb7ad7246b7ac476d249e2779efe33e76982bac3857fd4b5d1dbc64b8f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
dff0d39c3ab09cba471321975b9b242a

SHA1
7eb022aceecdd29f0ed7a3fa9b46f681ccb677b4

SHA256
c5397ca0eb5bed5b4d7958df02ce29d839c50b90ac65084beb5523aa12d76a9b

SHA512
dddb9503ace1e84409871d8829a60ea467936c033d084cf7f7db974577162a70baaf7a0616881a47bc572ba6bcf599d0b85e1adfb844b2a199900f81d5dd22fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c8e2713e3312f32817b33b7b3aa6ee64

SHA1
0ea0252c9d2d94e560cd5e9c46d156dded3dcf1e

SHA256
3b5b17b913d3088cee539da8dbb8f850494ad93388239f3d5bfee4a655f19766

SHA512
4ea1a599edc983133eee7b8d28e0dd7ba25524c0d51da7ae98514aaf2c4719d5e49426dae893803fc98fbe886942bac9c4576af7fcac5b150549c164f3b9596c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
011763a9af980317debc939d05c62fec

SHA1
04c5cbdc9836a3cf7e36f9a5174fe0a49d763a4a

SHA256
aed97a3ce04f05c3a66a4cc0b69f7de392953a236ee1b2636bcf8c19c05276a1

SHA512
71765fefff03021bba81384867c9adbabbaed62a9c7669e29e8da43c9e0355594abd224bc5bbf46675c6bc06c17e65551f5c728df99a1784c4c61dd69d1f6d1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1c5a82646c120863d6a82947222c7119

SHA1
c8730fbcda485e48fffb47b222153474d951085d

SHA256
8b9f9e1cc9bc9f124472ff1f655f5313503661a00af7bae42848009059f811fe

SHA512
50c7e1b8b9906ccde1958749c9cf51e037fb30d016174dbd1d9f5ae43397a81d34945d5edbe90e963559d9f7380f0ef0bf7c47d0a1db3abe55ceba69dbc86baf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c870.TMP

Filesize
706B

MD5
cfc8c04e765b5d5100a1f4002dd8b3aa

SHA1
f19f7150eb0dfadd462d5d423e89c0b79192c8ef

SHA256
dec3d5fe2202fbb7cc8e29ac73d05668f0ed434b98643d91ff9c23540ef0e990

SHA512
2600a5c5209691ae71deace0f6a8b410f36d6d2776fc7f89ed5ebdd1426ac30a5049e51878b5d6b70917c9a8ddc37b101550d6d4c4d5d348959f1d067f88dab1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
61929d2043ee7b9d10e57ba1a1fd5002

SHA1
71679ef98b8b9d76a198cf12d011e6e36ff057fb

SHA256
8878d418e48023f2eb8b4411f69e75fba77397e1fb5c10358eaf647a97a0b677

SHA512
76906834cacd986344254e20f096d5d99986c787e3f7b5e6420c8583a8b6f98277d4be80da0e4b965739935f5263613b510f895d6e994f1451a209528d4f3ced

Download Submit