d6753413a812642bb01db5a0c7beb6fbe8659cb9c48ca8a43f7d57ef2f140dc7

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
27/03/2024, 09:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e15d9f067ec2c94aa96550a4a39593d1.html
Size

56KB
MD5

e15d9f067ec2c94aa96550a4a39593d1
SHA1

7c71aaf659899954babbcf757826b18014614e73
SHA256

d6753413a812642bb01db5a0c7beb6fbe8659cb9c48ca8a43f7d57ef2f140dc7
SHA512

05d80a75d28494327ad105dc7579402023de4d39aed4f5d5f6cc4396cc11f9615d57b7a023d69d42c119a4cb128819b9540b4755fa2d24f903614cf72be91aff
SSDEEP

1536:YRRT9rCX7CeHAKsPbQJ1CPMeBrVjTRvRb8vF0U02zArQJt:YRx9rCX7CeTsPbQJMPMQRZMFDara

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3852	msedge.exe
3852	msedge.exe
644	msedge.exe
644	msedge.exe
5688	identity_helper.exe
5688	identity_helper.exe
5544	msedge.exe
5544	msedge.exe
5544	msedge.exe
5544	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe
644	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 644 wrote to memory of 4212	644	msedge.exe	90
PID 644 wrote to memory of 4212	644	msedge.exe	90
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 1672	644	msedge.exe	91
PID 644 wrote to memory of 3852	644	msedge.exe	92
PID 644 wrote to memory of 3852	644	msedge.exe	92
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93
PID 644 wrote to memory of 1612	644	msedge.exe	93

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\e15d9f067ec2c94aa96550a4a39593d1.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd7d6546f8,0x7ffd7d654708,0x7ffd7d654718
  2⤵
  PID:4212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2036 /prefetch:2
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2404 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8
  2⤵
  PID:1612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:1356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:1728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6204 /prefetch:8
  2⤵
  PID:5672
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6204 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:5764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
  2⤵
  PID:5772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
  2⤵
  PID:5972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:5980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,6233743539293377498,5542798851974091345,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4044 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5544

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4064

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1276

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f35bb0615bb9816f562b83304e456294

SHA1
1049e2bd3e1bbb4cea572467d7c4a96648659cb4

SHA256
05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

SHA512
db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1eb86108cb8f5a956fdf48efbd5d06fe

SHA1
7b2b299f753798e4891df2d9cbf30f94b39ef924

SHA256
1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

SHA512
e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
22KB

MD5
79e675d72bdce45fbc43984cca5b1e11

SHA1
498bd777fdf8d09e6508262fbf04f2f7b4fa46b3

SHA256
60cc64beb4a9047b98408732d4ff65fbd4dfcc9430453436e72c3e0ab57d085f

SHA512
760c8fd2c43f6696b8f20f0e475d68c45a650566dc8bd8d719d4f64652c82b20f7cb37bde18af8c7a5226bb7c21faa0629119a8e46fa768a046a62ee290da889

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
229aeeae0229002e0cd74b6ec2aaf7a6

SHA1
723539b07ce4b06984ae09f7b4cd7dbbf21baeeb

SHA256
b17af0e71adf53ac7d88f9da46bec249da49005c91c3a6cab956bd6b82b7a077

SHA512
f6fcba4f8c9fcd365e6834ff4b6c959198ddadcaa0b175d1f88405f92fda04158808aa7bb1225226d6f77171b5d934b0ef5ee53177e5c12db7b6c5379ac4b1cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
dace8ec5cd2c6dd2cbe5a3b841b8fac8

SHA1
31585ef1c814b6bd9d181a4a17706d53d551e1e4

SHA256
a245dedb2655726b39ede40e4dc80abc09cb69e65f0d7eafe400920e9054350e

SHA512
fcce4e9bf0f4d96990a5f237f46807c6fd6c5ed9fdd03e4b35a987d51bef0079019cdde467b91597c1f9da9135d60a953a42b2b9dd859de6b2d3a9b580c7e7a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7fe92c7a0dc0716d63f13910ecabadb6

SHA1
3edda2082cde3c8f6b49cb74ae15589f3271f1af

SHA256
6500eb33c128b6183f9729d9e9ba1c81aab7e48fcbf7dc6dd3dd2273efaf061c

SHA512
84c4b11b715b02d616ec519482de4405ed8bccd417236cfa7ae8c3b79980dfd2b947a9d5b4761d388f36d7c1d9406ed9176b6076f230063e2a1f4560d9f03a43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
875dec39e0f5f9a3378ec4172337faae

SHA1
2612f0b69be3406b48c8acf54c9f1af16b58df83

SHA256
d47b8b6103075218ea89e7d40a1484a3591c1f407566aab0786a3d5eb1053030

SHA512
a95d243c902bbc7b95e12a11f36499e423ccd7c72f5b8801133504dacab1ab6197b82a6d4306c7e32dbb06bb8bd8a29768a63ab531f1c35775fada10c5766814

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b0d4e4f82e67f7a98d84aa49d8c8cfc3

SHA1
ae21759a1968136cdf5b2f081faff8022775b6f1

SHA256
f479ba880cbb22ebecf4b9fc7b83514dae470c5307137978e46dc17c4aee8047

SHA512
56ef8cae847c81d9f30dbc0c4aa5ea138dc48e12c4c80f3e1393902e93d53beb1b031679d832183360692a5168e436dce3f52ece51a8aa344edfc2fd95f18ccc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c1c09d71-4cd7-4dab-8714-f3be24034a85.tmp

Filesize
1KB

MD5
1dfe1489b6983dc801acd7a3fefac0c4

SHA1
5f5b5b20aca576ffd27525e7cf514571d762ef4b

SHA256
e82244648683517d2e6cfc0d7b8afdd2516539e26da478af54d73a60cdc17cb0

SHA512
6dc90f25d490c5168a715e31d3b544132911aa2db3e7e7af6f60b488fcd42e653822ade14181489eb9457939d5776bd1dd2bd0842e4cbf5705626ba2e53ec40e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
05b4fb3c03997d7a68a66dfa0068f1af

SHA1
6841b4a62b28e0dd7355eedda813df53253df817

SHA256
c0d0e126307694fec6a4a1e96c83b057883cf6b0e5fb489f437dc66b46dc9915

SHA512
975dd8858f2d4989f439b3b225672af020ae8de5b9c903453b10372fcea25eb2650c3f60a0ea2edcdcf2ad387ba55af06e93eb5a227aed6fc7da63451034f6a2

Download Submit