hxxps://girafficdesign[.]co[.]uk

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-ja
resource tags

arch:x64arch:x86image:win10v2004-20240226-jalocale:ja-jpos:windows10-2004-x64systemwindows
submitted
19/03/2024, 07:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://girafficdesign.co.uk

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4832	msedge.exe
4832	msedge.exe
3536	msedge.exe
3536	msedge.exe
3080	identity_helper.exe
3080	identity_helper.exe
2836	msedge.exe
2836	msedge.exe
2836	msedge.exe
2836	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3536 wrote to memory of 452	3536	msedge.exe	88
PID 3536 wrote to memory of 452	3536	msedge.exe	88
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 1848	3536	msedge.exe	90
PID 3536 wrote to memory of 4832	3536	msedge.exe	91
PID 3536 wrote to memory of 4832	3536	msedge.exe	91
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92
PID 3536 wrote to memory of 5048	3536	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://girafficdesign.co.uk
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa2ade46f8,0x7ffa2ade4708,0x7ffa2ade4718
  2⤵
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:1848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --lang=ja --service-sandbox-type=none --mojo-platform-channel-handle=2376 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --lang=ja --service-sandbox-type=utility --mojo-platform-channel-handle=2784 /prefetch:8
  2⤵
  PID:5048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --lang=ja --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:3792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --lang=ja --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --lang=ja --service-sandbox-type=none --mojo-platform-channel-handle=5472 /prefetch:8
  2⤵
  PID:3992
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --lang=ja --service-sandbox-type=none --mojo-platform-channel-handle=5472 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --lang=ja --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
  2⤵
  PID:2940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --lang=ja --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2132 /prefetch:1
  2⤵
  PID:2472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --lang=ja --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --lang=ja --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
  2⤵
  PID:5216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,1121839173265091389,13290917141400062621,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4836 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2836

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1144

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1696

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cbec32729772aa6c576e97df4fef48f5

SHA1
6ec173d5313f27ba1e46ad66c7bbe7c0a9767dba

SHA256
d34331aa91a21e127bbe68f55c4c1898c429d9d43545c3253d317ffb105aa24e

SHA512
425b3638fed70da3bc16bba8b9878de528aca98669203f39473b931f487a614d3f66073b8c3d9bc2211e152b4bbdeceb2777001467954eec491f862912f3c7a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
279e783b0129b64a8529800a88fbf1ee

SHA1
204c62ec8cef8467e5729cad52adae293178744f

SHA256
3619c3b82a8cbdce37bfd88b66d4fdfcd728a1112b05eb26998bea527d187932

SHA512
32730d9124dd28c196bd4abcfd6a283a04553f3f6b050c057264bc883783d30d6602781137762e66e1f90847724d0e994bddf6e729de11a809f263f139023d3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
4b97557f97978236df8bb0b1e28c76bb

SHA1
932f1bc738d927fb2fb684795c906b59eb43db02

SHA256
dfd63c2e42ec2c3ada4d54e98e81b9a94b98ca05a539d59474acbad6625f1afc

SHA512
ce0a67b0c011769c95ab76da6b2ec1b24ea54b19b09d744e26cc4afe4c28380d15ad026a28b3b360563bdcc4031fd4372ab3f0f783de0fe0b10fdbad6e73b12f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
626B

MD5
8dd2189e2981f5d1afa0381964c5182c

SHA1
688506d1a8c3d104ece5f71eaff56725ce0a70ed

SHA256
9f7ee5db3a586e7003f06e04273edbcfe24ea7855e4579e3b2267a155d4a126b

SHA512
fb18a287a494639f565bb41f20f93c5fb7ed665968718456315ea1294dc7848f68f1b254a31022bf6e7e907a57e69da88c2d56533f78268900de2f554364d90f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
626B

MD5
34f6840bd7604a24acb214537742855a

SHA1
cbf980a119b4dbf272420a326910fa2af9c1f010

SHA256
15d2baec36ed767727e5b7aa6fdf65f17a09c9325478cfbdb20f5687dc2a03d1

SHA512
52727bcefa1e361962464eeaf32bb94baa022b5e2a3cd517b82c67b200d200f2483426cce813f64dd657dad1438034067b1a72b89026fb524a01dcc868287089

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9101d0ae508905bdca33cd866274571a

SHA1
fab90ea8da0bd7bd900963ea554ba3fe499ba90d

SHA256
a3b62037934184915068437b4313c1939d7215f7201d2524ba817fef68a9e796

SHA512
d2d1292b0ea33832b599ed5843e0f35fcb77129396206ec70b794ea15cbfef4dc04f6532c303c162befa83692ee82c67c401fb4ad39e7f05878b11881b55e18b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c23359cc51b897df671d437fba43ac88

SHA1
f63400057785f1deb456e643512bf1ff9e47fba5

SHA256
291332a70a692f73ec1a8c3b19f8fd8fc94836113765b834a8d0516d95d2c452

SHA512
d322c33886d94d2a3c6cb83186d3215a3231f8201217a8d8e7023b8c492498af23183afcb641964d6fd9bd715e25e774ef4a47a6de9deec5fb6f6132f25d1f76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b2e20e93d0fdde3c6b295a51896dbb88

SHA1
c2ca17419230fdd365857f2a04aef1b313c98c63

SHA256
af309b5e0ecd678b209891c982f301ecc472f61753b0ad8c020b0fca4ea8f1f0

SHA512
0df79681f31546f852e45b5a7cce632e1b26e1a54ba9b297965c86801f713d44175ebc2737075e11998bb6715db8384bd9081e5a200fb32ef11de86928e674b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2620428feb01fe1ddf86b376c2dd4d78

SHA1
2166e8cdb3ef778dc8ac594a08b03dc41d80f828

SHA256
eabe08a1c79c369a4f8b3d9aa11d98bc84b507ce613d4818b85d2879e33d4043

SHA512
173edc1f72fd093dfdf2d08ea5518b32bc4ff2d19725e501da9ddad7f88a5a8ae4ec2cd0ae3129e4bbd9cafe7d77f3e937d94b66353259adc7b09257cd345213

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
82ffea848f6df926aa9603b6b0aa3cf8

SHA1
537e25498e7649914ea1d1a8f722b8c3ac3952f9

SHA256
0f569ba1cfeca27bb1919bf658e6f43ad0e014958f8a60df8b04a7af4028450f

SHA512
b903dec84300a15639feef34bd17c3fc35e81a808ba6e1babec920d1287bb44c72c0e93be20f5d7b3642d74e37d7a72fdae38fb9d614e96faed6c200f3396440

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c60322ac1587e0cef09d53785983e2ca

SHA1
e7ff7e8de27f0f07ae52867ce405b5394ec2c0f6

SHA256
b851dc81e7f23e704ac052e5abf4d62fbade32313aa5dd359ee9aa185474f4f8

SHA512
7254954aec6fd133703e23e148917bcce4ba1f3dc0674e5e2643f32d8438c50ef0f3341ec17d56246b7ddd4a6b3984993a00031ca506878550c849816031f6e4

Download Submit