4558e12dbf948c321c5de75b1c6717f8a3cd9dfd4d50888e06a84c44b6bb6e00

Analysis

max time kernel
145s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
26/05/2024, 03:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

02mins30secs_Transcript336.html
Size

5KB
MD5

c5aa29991dd8f3dc47a6a7a5fe032c20
SHA1

084c0b6df0268d8dc4625f6898e010e20f10fbad
SHA256

4558e12dbf948c321c5de75b1c6717f8a3cd9dfd4d50888e06a84c44b6bb6e00
SHA512

e92d8a0997db6e293115178d5f84f74108c02a0c32ed0ec5118987a6f2f3a954a7e8a48b9d5a4f768dbf45d120deb171a3008fd414e54d964a9f88a8496b3a60
SSDEEP

96:LCVkJb8gtcXJFzgE/CSSTalqfJIWx7CpdJST/lI+jK7c5YJN5ST7HfElIG1w:ykJb8hJFzp/CPKqfRdC4++WBA/fjG1w

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
428	msedge.exe
428	msedge.exe
1080	msedge.exe
1080	msedge.exe
1208	identity_helper.exe
1208	identity_helper.exe
2440	msedge.exe
2440	msedge.exe
2440	msedge.exe
2440	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe
1080	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1080 wrote to memory of 4328	1080	msedge.exe	83
PID 1080 wrote to memory of 4328	1080	msedge.exe	83
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 3060	1080	msedge.exe	84
PID 1080 wrote to memory of 428	1080	msedge.exe	85
PID 1080 wrote to memory of 428	1080	msedge.exe	85
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86
PID 1080 wrote to memory of 1660	1080	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\02mins30secs_Transcript336.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff61f746f8,0x7fff61f74708,0x7fff61f74718
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:3060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
  2⤵
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:4208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:1088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
  2⤵
  PID:4656
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5404 /prefetch:8
  2⤵
  PID:2656
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5404 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,17170741769264708868,2046260305619921414,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2256 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2440

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:388

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3436

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1ac52e2503cc26baee4322f02f5b8d9c

SHA1
38e0cee911f5f2a24888a64780ffdf6fa72207c8

SHA256
f65058c6f1a745b37a64d4c97a8e8ee940210273130cec97a67f568088b5d4d4

SHA512
7670d606bc5197ecb7db3ddaecd6f74a80e6decae92b94e0e8145a7f463fa099058e89f9dfa1c45b9197c36e5e21994698186a2ec970bbdb0937fe28ca46a834

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b2a1398f937474c51a48b347387ee36a

SHA1
922a8567f09e68a04233e84e5919043034635949

SHA256
2dc0bf08246ddd5a32288c895d676017578d792349ca437b1b36e7b2f0ade6d6

SHA512
4a660c0549f7a850e07d8d36dab33121af02a7bd7e9b2f0137930b4c8cd89b6c5630e408f882684e6935dcb0d5cb5e01a854950eeda252a4881458cafcc7ef7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
5a6875cefd526e084f20125307306f86

SHA1
f3f31ea464a4fa43342eded0e0cde2f94dd4dc1b

SHA256
f1e078e6a82c7eaa7a2b915a1f596255db664cd80f4241d91ffbb017fd5458ed

SHA512
ec3510fb7c4938d98dc1c3431a6851d347816c726fb853375c4e7a5fada4eb9e728a1fd9fc15401d243c5c7ffbee37b29e96669eab0bd211c8ed860532be90c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
262B

MD5
f288cda88671eec32998c6ea602c41f2

SHA1
8b0d539d329dce87130da957c82f3e2d689f0bb7

SHA256
aae5a3506ea069ede01bde892e524c986f9d637bb761b574f8dd20eab8abe97d

SHA512
d9254b1ce02af4b9b27b49916a78136518ca755d6a0a3c09a9f1fb8d1d6d8263f832c4f19ff66479f4f9b48b364ded3e4bc992d091ee31751d8389ccdb06b6c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
23a144e024e880b84f7b6e30be87c721

SHA1
0d928deef8886d30945d282f6a21772bd108ee90

SHA256
edcf3c1a6d5c633e0c27bb4f77235597c183725f67571a1b8ab7136119d26569

SHA512
f86d1d25124880e7778a993411baad468baceb64d6cebda414fae5001d7be036eee941080d398a3b66ea72beee0a9b693a91c4bf23c1764c12860f9d36f2fbc8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a8512fac1b56cbd1e11bb833a4de80c4

SHA1
2291ed09181c12d7e7df0366e5d7736097666f8a

SHA256
8d39fbd7259fbe7ad376af60770bb79c02f8d8d884c1889810e619e3bf29b563

SHA512
b1b5727d567f2d88df2f896afb87f5772a82097cb39eda8c24fe09a2b4286e18fd2750fe0ac81596b9ca81a81eecd368d1e832946df61f2c7a179753dc2acd4a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
702B

MD5
bc38ade7c2fe253eb30513177fc27506

SHA1
4e66c5884fa0e1edf5f7a4a2d987029ce06cc532

SHA256
4cd8646c339de162992327eed4edafc75f553c43ab4c977b79dec496dbe49cd1

SHA512
bbe6227d1e0fba8d96e648e51665f351238f9805206d0810d932cfa0c7d50fd85f5ef37f40bd3a77b0fdd2c1b3a0bd932cc98583ff61de21912919094da20501

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
702B

MD5
9ef2e6d00b20f8d9e523befed082247a

SHA1
7c1c22f34b2d2819e568155b8e8b3c749e495b70

SHA256
3c0367e0280968d106f68a4dd1ca41b6b9b80fde34fbf244ad3ca207bd9c3ef1

SHA512
04639655df9d5cb11a055c0170a3c910e9931c38337440dd4fce0601fe0fd474e19de4b334f3d50376e674caec92e64fb29c828652187b1039bace7386950eae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57dbc9.TMP

Filesize
535B

MD5
ee9cc3282f5682e8477eb18d2cca4a65

SHA1
28c884ef9a647a948e8de4ea1c13fa73c3562e2f

SHA256
c3569f8940f0cc1783b66afcbde9e5532b83f94be693e2e2696161ba49d9205f

SHA512
1c7f7ddccd623526523e0c065977da609c02759b2a642769d1cc30f3fba12f838ac6dc4959343762d3043ab0370d4cd4210a96ebe76b5951e1535e262f00d0a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a61f9532ed622fa1c81340f34b588f72

SHA1
793b9eb64dfb7974dccad3f05058537602016e13

SHA256
13a03232caf13894b13a398cff7b70f261a31a4d0b22ca62f2b0da16a6ae60cb

SHA512
e71405ce57cc6c1f032d6886fba4cb88af428f93ca882c1ee7976f20f5f00f912823cd72f1c24ac2109cd27422c351060f460060c86622b8cc6c8883c461770a

Download Submit