hxxps://ratemycontractor[.]servicedesk-us[.]comodo[.]com/view[.]php?auth=o1xaeaaaaabaaaaaNuGvNIfExQbqRQ%3D%3D

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
21/04/2024, 23:25

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://ratemycontractor.servicedesk-us.comodo.com/view.php?auth=o1xaeaaaaabaaaaaNuGvNIfExQbqRQ%3D%3D

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1476	msedge.exe
1476	msedge.exe
908	msedge.exe
908	msedge.exe
2008	identity_helper.exe
2008	identity_helper.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe
908	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 908 wrote to memory of 1604	908	msedge.exe	86
PID 908 wrote to memory of 1604	908	msedge.exe	86
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1556	908	msedge.exe	87
PID 908 wrote to memory of 1476	908	msedge.exe	88
PID 908 wrote to memory of 1476	908	msedge.exe	88
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89
PID 908 wrote to memory of 5052	908	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://ratemycontractor.servicedesk-us.comodo.com/view.php?auth=o1xaeaaaaabaaaaaNuGvNIfExQbqRQ%3D%3D
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc824f46f8,0x7ffc824f4708,0x7ffc824f4718
  2⤵
  PID:1604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
  2⤵
  PID:5052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3512 /prefetch:1
  2⤵
  PID:2464
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 /prefetch:8
  2⤵
  PID:112
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
  2⤵
  PID:3968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
  2⤵
  PID:4388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
  2⤵
  PID:5236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,347964778016610681,16319994664605854266,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1364 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1236

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1656

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3460

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5e2f0fe48e7ee1aad1c24db5c01c354a

SHA1
5bfeb862e107dd290d87385dc9369bd7a1006b36

SHA256
f13b3ebe8d71bd0086d5bb82364c35f59a95d32b39753af251e8639360e291a9

SHA512
140d026437fd5e8a874cd00b03950c8f010e1a0732a0a1cc5bdde477e7f8315ccb95790bb4c15b8dbaab9468ad532eb885b6c429300a64e39412d976d079324e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7e0880992c640aca08737893588a0010

SHA1
6ceec5cb125a52751de8aeda4bab7112f68ae0fe

SHA256
8649a39877c190ec740a5422284ec5f9ff509b30b2d7896635476873dd8824e2

SHA512
52bd0a38ca7f43b26731966035045b1cbd8b60b2d81bdf9aad791cf444da8af8b722ebf3cb364a6e660bebdf23084eb0e30bc23562575b704801669817549f8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
50KB

MD5
df3afeec0bd76590d876ac0b21d92c01

SHA1
0cf8650332e4e4cfd77474afa6caa50cd91a15f0

SHA256
10e72ba70a5ba50149f13c85424c3dca89082da0a73f3784ae9c361bd10dedda

SHA512
36b7ca2ed497e7ca90a91e3eeef20c8e656a6b51d869723ddfa179286b905005b732369af7ed515edb1b3e69842a87305ae9356b839b0a0ec8d935a6b67ec56d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
16KB

MD5
b370229a9cf716e93ceea94c4acb6817

SHA1
89609ae66020cf373d91710f8d0df43eaf5a4bb6

SHA256
0ad21d7450171a7ba5fbb8035bab8c591cc3ed9127b4fa1970cc5dd8c3e0ec8d

SHA512
00e9b9e8d3944eed39b7014e01ed902dafee4ebf6270e4dac6a406ee2504055e16d8f854b359afd3a42f6da84d6ef0b567023ce3435466e134205bbe487d3436

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
0437693d558f074eb15c1330310c67b4

SHA1
f8c13ec44dd5add3776224c590b0460778a7616c

SHA256
ba65fb8efba8a0aa91a02f2d9bae6964769107b79912b64a01555d1fcff545d8

SHA512
9f45cac741bfb30ba236705d277aceea9c4984ef88aec73495c7daf1c4962ca944f2584f591646fe7fa5a944b4123ee388bf813541559bf5a8141a74c491e3cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
03154e774e04bf44c811dbb61f7ad25e

SHA1
a41c95a1f2d7318721dbe81cee57ac52b2c17b38

SHA256
2b361c4fcbfc915d1a08aebcb330c2b14b9705cdda0ed0512f4ff0237b979c5d

SHA512
4c3b8967eeeb02fe575ce4971c52b016cdc5bb529ab05ab8a9a47333bc5fceeb450b2ca754f589e45ae0b863ac73847f87b95b1e7d8f67bcff4f10b10c4827b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
605B

MD5
528644eda0c82c07264adddffa139644

SHA1
fe31f48f5da27ebcd7ff9d55bf245222a610fd47

SHA256
984ecb7a2c18a0c584484c64d032be7251794a5fd7f861ff3fea90747452dd48

SHA512
3d4ed5a8ab913829c4b78870ffcc7e7a2bed44dfa22c9a215b7f53f39d870e2f6143a4d70350f88275291ce20dc72e0e6c988ed991cc64ee897de5e75ef89b3d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c0dabb66dc181df75c041d0e6ae4463d

SHA1
c3a0733975e82831869cc6dca7ec4f86f6fa99b8

SHA256
224beaa92eec8299125be58e085d7707aa9a91ed12bc6f15219083808f1a1c82

SHA512
96e4e8f02f1921b0a7522d47ce57ec8041e3a1c55770c38fb8549c482e6877fc81e935f04a05f16ff06fb0d74613a1d37b98b07037413885779fb567ea548ac2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
64c7499326aabe708ec03e53f0af66a1

SHA1
992efc4ea4b062dcd1ce25ba04ed205dc4c652d4

SHA256
41b368df1fc40458fd2926df77c20659e929d379a8dad67f7fbec8a435287585

SHA512
6757cebb9152926cb65b50789de4d3b4e226a8c10b8665ff9f8ccb68a4cac54b55247986ce665dcad0e6a2bb43ddb33e77e15e64dfcc963ce5ca1ca0ede0a5ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0d8f67196ac86a42dcf67f2b781c04ab

SHA1
82f0282b86bde4de76303d69e568bd2f84bb2394

SHA256
847ca1d17909ffb2b25114d4d34930050e611e3545480318e6dbd252ca9089c0

SHA512
f4e062b9482ad4633d4c183ff1857530ffcbb56c0b2054878485327a45bc153af0483e399b6a257eb6e456a497146f18a8d4a24d1e7ebbf02a613e4c4ba5ed21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7551c5603f3ad6dbc8cca16ab678903e

SHA1
859594957c2d3a2b1c811a939adba94c52cf650f

SHA256
8adbe57ebcbfdaed6637e4d7bba713882cb9a9405a512eb49b3abab07abafdf2

SHA512
2917ffd1e63cc7e6f33d8a9cefb0cfb1e4b78317399ad7b81c424c695a074261bcf7f41cbb40ecc8f0f992655b2e8b4a01caa428d7c7fb779f4420ca4ce47642

Download Submit