843a5f34aac5610144fb397371626094b3c2c9387f34a715e571d5fb9e8aa99a

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
25/03/2024, 17:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

de905c67e5bc1aae2a82a06c7b68d857.html
Size

6KB
MD5

de905c67e5bc1aae2a82a06c7b68d857
SHA1

08d3f9e0a16a1d8dd200091cbae4d2b800552a41
SHA256

843a5f34aac5610144fb397371626094b3c2c9387f34a715e571d5fb9e8aa99a
SHA512

31125e18060a9efbcc2f3081452c45a2c0d4c099a45120cd9c93d106691b70781d158bdd5ced9924d35c2d94938bacebe28903944456f4027660b7accf465f5f
SSDEEP

96:7n+Wgn4cYAnXpvgnM+gnXbnJhnPRnlIgnknpOgnzMncvnIanQOgnz6nhvnIanQOj:WjC7ATUATFATXAVoATLATqATpAcUomY

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1236	msedge.exe
1236	msedge.exe
4608	msedge.exe
4608	msedge.exe
4356	identity_helper.exe
4356	identity_helper.exe
5300	msedge.exe
5300	msedge.exe
5300	msedge.exe
5300	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4608 wrote to memory of 1360	4608	msedge.exe	89
PID 4608 wrote to memory of 1360	4608	msedge.exe	89
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 4616	4608	msedge.exe	90
PID 4608 wrote to memory of 1236	4608	msedge.exe	91
PID 4608 wrote to memory of 1236	4608	msedge.exe	91
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92
PID 4608 wrote to memory of 4600	4608	msedge.exe	92

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\de905c67e5bc1aae2a82a06c7b68d857.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc6bf646f8,0x7ffc6bf64708,0x7ffc6bf64718
  2⤵
  PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  PID:4616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
  2⤵
  PID:4600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1
  2⤵
  PID:64
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4192 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
  2⤵
  PID:3236
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:1216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,15579668524432369890,14162834488875089354,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4004 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5300

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3156

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:828

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cbec32729772aa6c576e97df4fef48f5

SHA1
6ec173d5313f27ba1e46ad66c7bbe7c0a9767dba

SHA256
d34331aa91a21e127bbe68f55c4c1898c429d9d43545c3253d317ffb105aa24e

SHA512
425b3638fed70da3bc16bba8b9878de528aca98669203f39473b931f487a614d3f66073b8c3d9bc2211e152b4bbdeceb2777001467954eec491f862912f3c7a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
279e783b0129b64a8529800a88fbf1ee

SHA1
204c62ec8cef8467e5729cad52adae293178744f

SHA256
3619c3b82a8cbdce37bfd88b66d4fdfcd728a1112b05eb26998bea527d187932

SHA512
32730d9124dd28c196bd4abcfd6a283a04553f3f6b050c057264bc883783d30d6602781137762e66e1f90847724d0e994bddf6e729de11a809f263f139023d3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
197KB

MD5
5e28e72b443ded036a4cf369d0dda3bf

SHA1
0500de4480a54243b12d096745c6ba04c9479e66

SHA256
15fc7a054efbb9f76d937448fbb4814d7b3f25a6d137e24c1a69e32947eae71e

SHA512
7d17a5248e54e4dda8fd17a4d662edbb274629161a1e25b3b7f7f5112541663a5040788177268c53b2c78bc7e6d2204ccfb342d93c2ceec0a12d8a41788c088b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
57684b6e49cbfef2014a173ee211aab9

SHA1
15b899ead37457f53cedc29be005ec097efa2a9c

SHA256
c0b733bb6ca40350b04eeb6f8b6fec4f25327f0b4a5be3296c06d276a025417a

SHA512
7da4bf51e7d716ccfaa72a504444e347a9467993e8bff5ad67ca1837cf2eda9c1dc33bb8858f2b68a9de70a7b4f878b7447a8bfbc9471e45426becca2145e7a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
6c113c1bb2e95721a68b12c993d019b5

SHA1
fca814da2018b001d7528907225364c616b9a394

SHA256
58d7ae197eb8d39b4a2bd45986e5690f7cce2e3836cf385f6be238dae17cf08b

SHA512
a7746c094a93ea33a6b97056fd0d4672be29db69785975c809835d01b21e54368e00de9db7764c5ca32c230bc0a8fab2f086ea61f954b7a1b71c414997d9019d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d46fb47005e2bd0d710bb2732bdba415

SHA1
847009fcff15044bd12cbcc3774ccff423eea6a1

SHA256
8bba315738f649a79e538aa4bc15b15ed9cc6a0b623ca050b90d81a9df1a5728

SHA512
c4acb0c44985773916151e4c0d96de152556174d4e2bb14f5ce0c654b38a361be4bde2e8f6bdec8cde71a148d8db41fd6408cda957738ba9db8e893f865e266f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
44201e0eff2f45bd92c3870154a72c86

SHA1
e2923738f070680d469e7d2161f25fe8401dcd8d

SHA256
8a94572cbfe7b4030d2e066a39ac681b87a89d7cc56c5404e31bc15f35273777

SHA512
ed4b3a5f9489116a7870c4aab095a9d700bf40dc4cd4c4e54188cfc5c5a5c31fbaddeb1ded75c2e3aa88c16d58bd803888892028511117dca94b9fe734c06517

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
5a0e82689801dc3f83f060319db6839f

SHA1
143a1a53488f556ca6e44bd950e528fdd5837383

SHA256
21c780b8742d7f15fec37b42b691e9d402ffade73b3ce352b94ae73cd865a080

SHA512
4c85728f52932a76b3e2c7ccc988d518ed8c06355af29a60931fdeb3b7f23bc3270f2d21e36beed84dd4f05da50dfb90de38fa9d061f04e08f9534bc2426c8e4

Download Submit