dd11db7fde593a546542e6240b7e4e920c250870a219cd8f3d67ba44763176ca

Analysis

max time kernel
150s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
18/03/2024, 19:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d458672d6c6d73a3b67b49b092798fcd.html
Size

3KB
MD5

d458672d6c6d73a3b67b49b092798fcd
SHA1

bb162e8bfd1233d9084f697543dd7819ebfb71d9
SHA256

dd11db7fde593a546542e6240b7e4e920c250870a219cd8f3d67ba44763176ca
SHA512

dab39dae2d4e541152e8852ad6e7a161aaed139f6322e0a25017f0de148c8ec67746d629b1fb5e84cd966c8a6f7badf47d94129f5fb5fbd2abcc8379a8c30733

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4892	msedge.exe
4892	msedge.exe
1468	msedge.exe
1468	msedge.exe
4188	identity_helper.exe
4188	identity_helper.exe
5700	msedge.exe
5700	msedge.exe
5700	msedge.exe
5700	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe
1468	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1468 wrote to memory of 116	1468	msedge.exe	87
PID 1468 wrote to memory of 116	1468	msedge.exe	87
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 2868	1468	msedge.exe	88
PID 1468 wrote to memory of 4892	1468	msedge.exe	89
PID 1468 wrote to memory of 4892	1468	msedge.exe	89
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90
PID 1468 wrote to memory of 3464	1468	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d458672d6c6d73a3b67b49b092798fcd.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x9c,0x108,0x7ff8fc0346f8,0x7ff8fc034708,0x7ff8fc034718
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2208 /prefetch:2
  2⤵
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
  2⤵
  PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:2468
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 /prefetch:8
  2⤵
  PID:3168
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:4740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:5144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3768 /prefetch:1
  2⤵
  PID:5152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
  2⤵
  PID:5444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1
  2⤵
  PID:5716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,4811955367214195994,14500706486750643876,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3444 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5700

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:900

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:848

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cbec32729772aa6c576e97df4fef48f5

SHA1
6ec173d5313f27ba1e46ad66c7bbe7c0a9767dba

SHA256
d34331aa91a21e127bbe68f55c4c1898c429d9d43545c3253d317ffb105aa24e

SHA512
425b3638fed70da3bc16bba8b9878de528aca98669203f39473b931f487a614d3f66073b8c3d9bc2211e152b4bbdeceb2777001467954eec491f862912f3c7a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
279e783b0129b64a8529800a88fbf1ee

SHA1
204c62ec8cef8467e5729cad52adae293178744f

SHA256
3619c3b82a8cbdce37bfd88b66d4fdfcd728a1112b05eb26998bea527d187932

SHA512
32730d9124dd28c196bd4abcfd6a283a04553f3f6b050c057264bc883783d30d6602781137762e66e1f90847724d0e994bddf6e729de11a809f263f139023d3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
196KB

MD5
813c1b41e435242e7365a4bcd7adcf23

SHA1
2d25e1564eaf93455640413b95646b3f88f9075b

SHA256
70cb2151ee4ef83195855d29819491a23c5eafee2e72b7ffd9041b35363d1542

SHA512
268c4fa1797700a205e37e716c1472592ad6242344645c703ab1ab8d4d68452c3ccce7cdc4d56a0b42d4061bdc793f1c79dffc397f038133387b94b2a1f4051e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
1562157c3f62370370515ebd0e16984c

SHA1
8a51dcb3da4bf496266926fa5c1fd569a86040db

SHA256
cde465e7d9d8cc35c516870e65988648a15904ae162ecccadbb45536562e6591

SHA512
034450d260e99a2c810038c15790830ae53e557ccb3f1a3b41e809f4699e9508bde55a04274b6d2c6526594e20733fcacd061eb3ff555f26ffea29aa488de4c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
99587ad7e0eba120a8ae16fae8c0f7a5

SHA1
ffb2a9dacdcff69bcb4f5431fed2ac48853fbbbf

SHA256
09085a65bd6750de20c72d8e832b52afce0a78d63dfd33f61763e5b4fd9bbb6c

SHA512
dd1e0995c7522ed29d20ee1c49465fec4d1c1d62e95a2384b6a66f0bee9a2bcd7f8bb6488e27439ebd2c8433abb561ce596caa527d55e6c8b7971841e6a32ab5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1fe61b572322bc4280bcea985a8d7df3

SHA1
4f70807423d4d5c4ac0553335c14b4c2b4ab7f34

SHA256
1c54fa1f57a3d79a400b00488428b693d7b42a220949be0935ca04ac9eb7dbb7

SHA512
87efb64c90f8039ea55a57f519dd1dc9ba3ad145a0fb37eceeb8dd348950787421c809d1a73514ecf7dde8e61a59ce41b769d1a6f3da00e0abac7ec9cbb89519

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9eafdaf3a9c7a98771ddeebc294b895a

SHA1
17e06950014581c0224d612a69edccb1d0d0753e

SHA256
9145dab9aaf4d3319c18c16008d0d306902d3cde8460d5769693b57e00990389

SHA512
806f72da5e2e08878e49665ff2efd4d9eb1e38c444fb18507ab91ade3e74a91748524ce0c67e75b55954e56f5b8f01e7d0bdf1418b525071896d149611241fce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2f80987e20143ae9a2aba6c6591d95ac

SHA1
1dc5b0848b6d9ec29541e4482302d8501ecec72d

SHA256
c3c6820145796f2488d15b7f9e9e19bfa676adb0cbd39b1f8cb026782fa26a4e

SHA512
f58df95d99ddc10aec66c1c6877a66c9c5a677796b855e6bfe762a1fc6e9beb35158e00119fdf95a1d5af7470b79b3977468b902bcfb219f8e9ad7d67c9703ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
22f2d43bc8a8e9d0789b051e8103ffcf

SHA1
e61b37b09a74eb4c368dc2ca4262ec5e73bd61dd

SHA256
e10cae7ebc111deb5d46edfd3c99ed0b9fbb65c15889d7f68806879f121bbab3

SHA512
6039b86450b0f0579419befcaacd93f86293ac0eccd5e65e64d9db2599cd7c96f16772c9045f4d6a311d122d435b46e784f77eae119624511efdcd84db9698c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
43cdef14c5621df2a040b8c2e0b9fe04

SHA1
ebef7f844067f9a022dd3dcacd53aaf828b1fa9f

SHA256
8395593611723265af7626883ea31eb531917c9102bf62c8623f31b602003b33

SHA512
980da951ff748e32bd7ab308c4db64bd765b0e65e1ee8119941756415fa234e26efbffeae360b5ac95a77643f67a0549c1d5e74baa3fd1c1dd605bee0e17ebd5

Download Submit