hxxps://mega[.]nz/file/vbgCjYjC#eij-04fdXqkI-45KpR26ov5_b79ZV-jVEuAErQbnw_g

Resubmissions

28/04/2024, 17:57

240428-wjzr7ade6y 5

28/04/2024, 17:55

28/04/2024, 17:53

28/04/2024, 17:49

28/04/2024, 17:43

Analysis

max time kernel
85s
max time network
94s
platform
windows11-21h2_x64
resource
win11-20240419-en
resource tags

arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
submitted
28/04/2024, 17:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mega.nz/file/vbgCjYjC#eij-04fdXqkI-45KpR26ov5_b79ZV-jVEuAErQbnw_g

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
4028	msedge.exe
4028	msedge.exe
3164	msedge.exe
3164	msedge.exe
3068	identity_helper.exe
3068	identity_helper.exe
244	msedge.exe
244	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe
3164	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3164 wrote to memory of 3304	3164	msedge.exe	80
PID 3164 wrote to memory of 3304	3164	msedge.exe	80
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 3700	3164	msedge.exe	81
PID 3164 wrote to memory of 4028	3164	msedge.exe	82
PID 3164 wrote to memory of 4028	3164	msedge.exe	82
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83
PID 3164 wrote to memory of 956	3164	msedge.exe	83

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://mega.nz/file/vbgCjYjC#eij-04fdXqkI-45KpR26ov5_b79ZV-jVEuAErQbnw_g
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff858263cb8,0x7ff858263cc8,0x7ff858263cd8
  2⤵
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1892 /prefetch:2
  2⤵
  PID:3700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8
  2⤵
  PID:956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:3416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4196 /prefetch:1
  2⤵
  PID:740
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4528 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:3992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:3868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2836 /prefetch:1
  2⤵
  PID:1204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,8336053015822731403,10977008654481418287,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3000 /prefetch:1
  2⤵
  PID:3016

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3008

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4992

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:1656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7c16971be0e6f1e01725260be0e299cd

SHA1
e7dc1882a0fc68087a2d146b3a639ee7392ac5ed

SHA256
b1fa098c668cdf8092aa096c83328b93e4014df102614aaaf6ab8dc12844bdc0

SHA512
dc76816e756d27eedc2fe7035101f35d90d54ec7d7c724ad6a330b5dd2b1e6d108f3ae44cedb14a02110157be8ddac7d454efae1becebf0efc9931fdc06e953c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bdf3e009c72d4fe1aa9a062e409d68f6

SHA1
7c7cc29a19adb5aa0a44782bb644575340914474

SHA256
8728752ef08d5b17d7eb77ed69cfdd1fc73b9d6e27200844b0953aeece7a7fdc

SHA512
75b85a025733914163d90846af462124db41a40f1ce97e1e0736a05e4f09fe9e78d72316753317dabea28d50906631f634431a39384a332d66fa87352ff497f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
68570302ca3a32232377000dff96a30b

SHA1
30721d17e7006ace2c4ae99388068fa33e107df1

SHA256
f096492966e77eed6afbeb16889702610d89a2dd6e79ab99db8d9d7ba3fde693

SHA512
d27d98a79c4c2b4c1652eec34bcfa3e074b871a69f2420fc9561f29cfe43ae0ab9bf10329ea78faced615737db564ea91d8cf08786e2573c8a2f97c1a54c0c00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
88f3a0143c766e36d892533e2c722b43

SHA1
1b9947376c0a6d3f7da56ab32c69016db5970574

SHA256
81f8e29166981c054db253e005711b3e103c458942f61abda7e035c861281fe0

SHA512
5254b2fd4d57884ad4aefbbe1055a6e424753b49008d89041137600d2983ae6cf5185dfea4c18cf12bd833845ce7dc1af57a7e2ea5c7688254fb86988c5e20d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
7dcdac974ff8698209372ec0fbf60bf1

SHA1
4a7b109627a6a178472e24c271d78402da9c640d

SHA256
d014ce7762ad188611022b25b17e311f618a8a169a9aefe26fe8b0e4cfdb66ad

SHA512
0e43767052a96f984e76d822a25868d069eda20e87ea94c79d898fae3d2be21ba07d90695835b060490e680abe16287f2f1648630dabeecfa0bed1ba401f7159

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
5d5bf55e50b35ddd847849f019af4b9f

SHA1
852bdcca0042111f32f8f49b75195496b1a77e86

SHA256
b8900c916463b7719f7f648c534b808711a61561660d77a2bd51227a288d4358

SHA512
b54ef62a0d2a8b42ab723c97209200f3b46dfcd86fa3214cf62ff7d74387856b75eeddba7707d890866154e4252bbf471411ab59215cf50c763213945f57626c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
ee8497920d768d3cbf70c6bfcd499d4c

SHA1
dc869ef99d23be7667adbc94c26edfc924939b2a

SHA256
aed33ee6790d547185a64d9c2084bc5db902678dc7a6142f314775781e35b815

SHA512
0eb947adba6236f5b4f7e35b90fd4c0d6c482db2318ac67ff542b248027d18629dbb0db74471906c27a3f43d540f82b2a7ef1eb4294086d3e7a84453198ac8ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
fb42b0b8d353c142c58de28fb99ac877

SHA1
b77ed8f34e84f4922940b974332911bf4292ffb8

SHA256
b0c491c8cc439fb0132bba4d69fc4f05d843ddb3734e50d004ac2d8309207d3a

SHA512
80220dd8d627e60ea20d25b4fd8ccd85c77763e37eefeb29e48cb9226be99a3b96c2b9c3c294ed9949127d32eaebb4b5a95d2d8fd63dbcb27191cec57da5eb7f

Download Submit