0ecb58eff1dd7994f3af2aa57dafb3f86cc802c7cd152b9f19cdfe7e5aea9cc9

Analysis

max time kernel
148s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
19/03/2024, 12:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

newgames.html
Size

226B
MD5

a6a529b451231026923bd49a4150426f
SHA1

42a29d0bb7cd455c47739a86f4b75f04f5f7b57a
SHA256

4a0f715447de0c3ac83e1f43aee8edf6255c20f5abc0c946f657d9a3a6ac173e
SHA512

6293bbf84a44c8fff51723f3b979a2b034f357e31c672e91095481365dc76d73012d55ed934c284c67b7f296ae6a235b61a1a42a0d3167734ddb4a68da4a8853

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3972	msedge.exe
3972	msedge.exe
4984	msedge.exe
4984	msedge.exe
3876	identity_helper.exe
3876	identity_helper.exe
5940	msedge.exe
5940	msedge.exe
5940	msedge.exe
5940	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe
4984	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4984 wrote to memory of 1540	4984	msedge.exe	86
PID 4984 wrote to memory of 1540	4984	msedge.exe	86
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 1920	4984	msedge.exe	89
PID 4984 wrote to memory of 3972	4984	msedge.exe	90
PID 4984 wrote to memory of 3972	4984	msedge.exe	90
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91
PID 4984 wrote to memory of 4236	4984	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\newgames.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb33fd46f8,0x7ffb33fd4708,0x7ffb33fd4718
  2⤵
  PID:1540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:1920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2416 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
  2⤵
  PID:4236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
  2⤵
  PID:3056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
  2⤵
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:8
  2⤵
  PID:4600
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
  2⤵
  PID:2476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:1216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3940 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,9957051788266942088,4884158761104195548,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1832 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5940

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1824

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2544

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\8dc40cbc-4cc6-415c-882e-3e7dd0431907.tmp

Filesize
11KB

MD5
776a0d508ed158f8084bed0af509d2f3

SHA1
46645a6b9f50dd723cb4a86cc5101e6114e31670

SHA256
e535d11a6d672f8fb32f80c0185d55f245d13b7cfadba660a17d227e0a83e40c

SHA512
05c0ccdf509fb02b3dc8c685a6d9c17b4a295d1197e32f6d654523d8445be3b5808f4a79afb186a9e9ddc68bbc435526068c72ae23195233fcffd45d0115cfef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7c6136bc98a5aedca2ea3004e9fbe67d

SHA1
74318d997f4c9c351eef86d040bc9b085ce1ad4f

SHA256
50c3bd40caf7e9a82496a710f58804aa3536b44d57e2ee5e2af028cbebc6c2f2

SHA512
2d2fb839321c56e4cb80562e9a1daa4baf48924d635729dc5504a26462796919906f0097dd1fc7fd053394c0eea13c25219dec54ffe6e9abb6e8cb9afa66bada

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5c6aef82e50d05ffc0cf52a6c6d69c91

SHA1
c203efe5b45b0630fee7bd364fe7d63b769e2351

SHA256
d9068cf3d04d62a9fb1cdd4c3cf7c263920159171d1b84cb49eff7cf4ed5bc32

SHA512
77ad48936e8c3ee107a121e0b2d1216723407f76872e85c36413237ca1c47b8c40038b8a6349b072bbcc6a29e27ddda77cf686fa97569f4d86531e6b2ac485ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
10ba7ff9c8da2f4b5b8d9ce286cb0994

SHA1
777c56bd45b86fdf9f7f3dec865ccf07c693b56b

SHA256
cc272986db224776bad24e290c31c1046929727d0b724ab3ebc12270cdb08894

SHA512
b4ca367256fcccf0b39063b9527b43156ab9ea4c7bd92e47099b6503c07b0486fa3bc40674e0813e9478ba4fbd846c947aa8aa98570ec9c42765e2b539759d31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
5904d7fe6166c07736fa5f816182d319

SHA1
d6b2b3045051f38a3d8ff0e565523e31c0804f23

SHA256
b3ffc42ab012483754baaab7da09e18db859f03c65f3143a1dd0ef15267adabd

SHA512
977c586e0a483bf800882e1c69bd39a68e07687e8918f893ff4dc1fcc3ebfb3b31e6ca044851a5b9537011c2adad6e30a8a5f3531cbc58154ebbf952cc823615

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
270d81be22a55eed3ebfcd1203395df9

SHA1
984a8c108800474169904563bd4bca60c8222656

SHA256
a8efb4d5398662f98ad2c51047275bb9031b86f01a03659330ce8dc676277260

SHA512
c0fe5cbc96473e52f7a12effad7d676d7f306123d87f3f919968cffd69ca8d6a264c5e20acbad26d144267eecd0cac1353ee9e5c62618515f48bc01bc45a2e39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
51ff5f5f7bbf194f13dc80758ec35fa7

SHA1
5dc570bad8781508d6a1e517c9e45afe0a6b1f92

SHA256
576e6aca848c2d42182fa98b78405d167fa5564e8a2369d07229fd4373e0e243

SHA512
b664d9ccb11376152bf3b2323d2bd269ac28eb8f37a6ead89bc6479d7c6b43af98f93187905ba2f1c25a84c0e3c52c4f5e8e43c149aef7a365efe8ec61a70539

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5a8885145a07d736a85c59f9781bd2a9

SHA1
2d180fcc17ec2b642b74335ab6e71147392fee93

SHA256
f950d79e40b2709ca7a93c573317e4a384fd6ef6dd2b2ecc352aa7064de198f8

SHA512
84137e1327103bcdac9d4774a07d67aed1e2bbb003b5d6bcd9ff8d8b62ec586d0652e2e081240ca07bf04929483dc17e37ea48ce1f7c97ba164b8b846af58184

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
c0d08e0c6b2643d7a73984f9c876d80f

SHA1
1dfd2eb31daf74b98f6db408b3999aabda3cdeec

SHA256
5e93b33b4df45364369252e06b2587c2c009623189b6ade705bc58870a2cd56a

SHA512
bde8eb9ed4e41ed7443daff18b185f18036cead7ccfd0fe59ffcfcb842096c6964bbc8c14f7719cd472b86a00f9e683619be8da8ce6a4b2a93ca6fa94521ee86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584755.TMP

Filesize
1KB

MD5
88a419fa8322479568a89e02393707da

SHA1
811bd95834a5e32d3229bc6ba2e4f52885a6ba2e

SHA256
2e94e14594c40587571eb9a709969b35dab6194348b7320c7a9405594b2873bf

SHA512
85acbbf74c9e346737528bdd42bef77009715a58ed9fd2e0522916dd4bb9af788fa6fb97500db0ac8e3bfb5883403ddf160de80f3e666e6df2d9776c3f63d933

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit