hxxp://google[.]com

Resubmissions

17/04/2024, 09:41

240417-ln55nacg6w 8

17/04/2024, 09:41

17/04/2024, 07:37

16/04/2024, 14:11

16/04/2024, 14:07

17/04/2024, 07:43

Analysis

max time kernel
79s
max time network
83s
platform
windows11-21h2_x64
resource
win11-20240412-en
resource tags

arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
submitted
16/04/2024, 10:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
2492	msedge.exe
2492	msedge.exe
2308	msedge.exe
2308	msedge.exe
3636	identity_helper.exe
3636	identity_helper.exe
2604	msedge.exe
2604	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe
2308	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2308 wrote to memory of 1980	2308	msedge.exe	79
PID 2308 wrote to memory of 1980	2308	msedge.exe	79
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2556	2308	msedge.exe	81
PID 2308 wrote to memory of 2492	2308	msedge.exe	82
PID 2308 wrote to memory of 2492	2308	msedge.exe	82
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83
PID 2308 wrote to memory of 4728	2308	msedge.exe	83

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe8d3d3cb8,0x7ffe8d3d3cc8,0x7ffe8d3d3cd8
  2⤵
  PID:1980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1936 /prefetch:2
  2⤵
  PID:2556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
  2⤵
  PID:4176
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5152 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
  2⤵
  PID:2832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,5753382430676005543,8843163849214953368,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
  2⤵
  PID:4752

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1532

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2456

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3336

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
54caf18c2cda579e0dad6a9fc5179562

SHA1
357d25de14903392900d034e37f5918b522e17c9

SHA256
28d77529de92eb605d8afee0e133a7d08e13d4386e5e38d63e2da34623eaad6b

SHA512
88da5a33df9d82408afb8344ec7dbaf7686435fdb55eccfb85d5560f39861e84cef5d71949d5efe7a191778e6be755a8448f3fc3d7043007037f9f5227e10210

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
696ffba7b83ecf008523e96918f200d9

SHA1
970d90e22c8b3674fc33cdd1913c51ef28514255

SHA256
dc6dacd725d7385b2e4db1f488d93f2840d2289efdaaf3737849304d1ab9ba34

SHA512
f8528683b70b58376f3eba3338fa6b462c9e9248c72524573005cff6397a0556bdcc2fdc2ebb020ba8218bc8174ba552002f223a245dfe3d3688826d24d63237

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
f9720cc5d26c5995d2afe624a7747816

SHA1
d0ac3f604c3889006b0bb118f3d5135ab5c6dd34

SHA256
ff1df3fca04175d001f49d5a56698d3dda83e426803c412cc294395bae6b57bf

SHA512
2d6616c9da6f1a74ebf4d7ea9889bb1e92630137320d57d92fef6a217a5d0af99e6426bf976d7da853dc328574c552a534ceb864d1eb962db22d8cbf1277f0b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
444d98e318aace13f153c18b48dca222

SHA1
2109915eccef37862da6de5aed3ce4a313dddcc0

SHA256
bf8f639c17d6615c3f2832f336d9af6f8c57e7032bd999047569c732a4930065

SHA512
99ce5c62c269990230915316937876ae6df972854a4606e35908dff37377bca8b16c9c6f8a5abba601aaa4e3c5558a2e3d04645cef519d6fca78a7c13f0ce462

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
93a6b49a487aa331e57f13622aebc0e7

SHA1
338cb450867b5cea7db69e843f8914e027c71de3

SHA256
7b56df4cb8bbe915911dc74222833ee37e56c9f1247a2aa7ff7a72ca6450bf30

SHA512
2a029eacbec0ce756641487b43622a514d5121df5c9aefe11ca69f5c2a07eea4ac9d49067c3c2caf0587de3daa0a590567cacd7d0ee6ab8af953d032fc513bf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a95a80cdad497df72878eaf278febcb4

SHA1
d92f4a609bc6c65839932db7365ab2b5deee6273

SHA256
6ac9aafd77e120912ff566c67a6ba805dab3ec0d9add4b08ef78639f70905ba3

SHA512
e5962de7a426e043f8fba7b6e83add47f254645d316015ff3c03c0891333add736cd2fc88e9c9201ee1cb17b5a15d0f6001cf1c0eb11d802346b90e9ae65ea5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4ae6a47025773752ef14266d8e035698

SHA1
76ce606376fed25ac9416f1cec5a33841c3dfcba

SHA256
d900fe9599ce156f55e0233ad6ec458f07261ae62f9d264c8702d4d2c9ea5fe8

SHA512
9e5e06543db661a52084b2742bb0941c927894386a31b28de0fc93fa2774e99a5ee8ba442cc23be5da4299bf4e4fe6ed221c70f3bf51f84b254b5f2eedca3069

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
90B

MD5
d6e4d14472e0d64e95e9c6e16d3330f7

SHA1
6b4b79cb7fd1a405631d4af6dfd80263b3fc25ba

SHA256
4d2658c08a4445c985add9d1d8569e3aa26cef3d364589db1b6ba31aed69aee7

SHA512
3b7d2cae90058eca2f93abcf695db27a158e8cb5a526925d779813dafc35128d04cf32a2dcb667f20dc70d469a05c476cacacdbd60a5ea1c94fdfda3433ca9a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
26B

MD5
2892eee3e20e19a9ba77be6913508a54

SHA1
7c4ef82faa28393c739c517d706ac6919a8ffc49

SHA256
4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2

SHA512
b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
540B

MD5
77a11e5feaffed5057a6d0243e58c13e

SHA1
b06e756ccd2638b6b7ccfe85a1d62280fdf3c78c

SHA256
59347dab7963e418171e214b869c8394ed88eaabe3284627cc68d7cf32c3d3dd

SHA512
3aa1b8d234a9631ea0348addceb0d3cdae453ec92e0b9470d997ba76fae0ef428b070d9237b89316d603c6d13a809c07339a658eb2ae9d57f5bdc3ae1a65c258

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
540B

MD5
b45e1408e11233a29e68a60a5408cbbe

SHA1
2e77ad136d1bf25432646788b5f4b3818dc7574d

SHA256
bd0e91284414deacf8a2ad26151dc92f22937f884e580571a07d1a8e6ab315e4

SHA512
3c25f0f8fd11335d4549ef3d4866c0beabfb6a4eaae01dea04f1d6a3032a65e0985055e1318d9c6043efaa126804febcc3598f3350b5c0b0287788ddc20a59d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c8ce.TMP

Filesize
372B

MD5
9c4af196be78116d1516b4e621611186

SHA1
9c54f7bbbb8e19f7247db87e46b6447bd8d42557

SHA256
3261e84a623efe3a56f4e4fb9ad2776fe5fd2278c80d096fc0961db68638b2f2

SHA512
93bb760220ff3b9cc9ed124758529525861e98c0af8a5d5c0527b17b02efdc6a33623aa2449327f16ecd6bdfdb346d4162aa48a7dc0484259dd465ca9e16f9cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c56fd26d31cafcb0210898ff88cddb69

SHA1
4df1d18ab2f95282d65620a6a7b8c92905848d67

SHA256
17f9982f1bec8b3d18dd11ece43aa44352bd711d1749d4b58629daed955c208f

SHA512
64a00fa3c0b0cf2604db5117a9f35c8d8706a7b5c39902b30842e23147a5b327a73654d2f3a2e91568f00d219796a21c72f335c2fa08f105bd0bae5a424c9903

Download Submit