hxxp://universal-current[.]com

Analysis

max time kernel
93s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
29-05-2024 15:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://universal-current.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4584	msedge.exe
4584	msedge.exe
4508	msedge.exe
4508	msedge.exe
3100	identity_helper.exe
3100	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe
4508	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4508 wrote to memory of 392	4508	msedge.exe	84
PID 4508 wrote to memory of 392	4508	msedge.exe	84
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 5020	4508	msedge.exe	85
PID 4508 wrote to memory of 4584	4508	msedge.exe	86
PID 4508 wrote to memory of 4584	4508	msedge.exe	86
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87
PID 4508 wrote to memory of 3212	4508	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://universal-current.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd329346f8,0x7ffd32934708,0x7ffd32934718
  2⤵
  PID:392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
  2⤵
  PID:5020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
  2⤵
  PID:3212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
  2⤵
  PID:2176
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
  2⤵
  PID:2052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3932 /prefetch:1
  2⤵
  PID:1964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:2980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4099714900412639526,924723920995571708,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:4888

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2492

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1980

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
537815e7cc5c694912ac0308147852e4

SHA1
2ccdd9d9dc637db5462fe8119c0df261146c363c

SHA256
b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

SHA512
63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b167567021ccb1a9fdf073fa9112ef0

SHA1
3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

SHA256
26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

SHA512
726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
f9c24f9a2763c9ac6c20d56a1851a929

SHA1
2e943b455981722d311e66819ad242b23623a92d

SHA256
bad8dcc3dd52e5a80b0ba2696f2d4ce317365258268ccedc67d733fd4461bef3

SHA512
5252a29a2dca9e042bed87d32e7ef925be0b558bd2f7411c5df8036ee2398f58c3168b91e981142eff84d179693241c944fe9996d614a5fcc02a0efa8932a535

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
5639a12c8efa732cd87e9d98fc53ba40

SHA1
6c0cd5e0d416a70677612e4cec4283ba640cd015

SHA256
0b6bdbc2afc5180ea22debc863b1960cf495aa743d71e392fc4d5c50d4602e11

SHA512
4f69d996065fc0034ec1db5596da06573262ebdb5da637e6bd860778d6f7079ae7a89a453b1b46b0be9402fd9c075f89252138362425b6f8dc1c412235cd6654

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
94d35c9148dc08ef0911a619b53b6b92

SHA1
175f580acc69a615332523a676575d0f5e237faa

SHA256
cbc0f88e39d3c0bd91785e5cafbd0394e0ad534b138b36d348322d00848e9011

SHA512
e2083720ee4e8a9bbd2c9e57457d943758372dbf898cf352bb5ad30fe44a7317535db01f99a085650a4a304862bedae5e8fcac711447380a46dcf4aedf52c28c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8a6550d253a3f113c4ed123cd094072d

SHA1
bee56d9b55263cd37f9afc968d8c519cccd85a8f

SHA256
c23e04d33798a4d55e0fef44703ffda2ee1cf43c50375314a0998cc334438253

SHA512
a29e3b49ddd847c4610f8875b0bfab66eb4daf686a6bbfd7c0d8b7252046186692d52e46c19a6d410036b51035810c3f63da4f378c3b7c7848230935abcff906

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
8533b4ecea4f80a8b66b168cd72f945f

SHA1
f41f1f0c2c1700ab24283e60bc21d6877e6721ee

SHA256
fe83b59feaf7991a101d44e949ef963eccdb7814534120f68d994e5b356a4fb4

SHA512
4a4f37f9e24bfc5dbd94a3dacf2668ace3082a18f9ccc4cd554eb522ee0144dc6f7fa2453e1b1e0573e189df4899178badb9ca6dfb3260465718057396f38c5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
52dbac53fd4190f06b3c7d4e1a79f8df

SHA1
530e5cc4ee8b4174301480a26e5b41c9f4cdcc28

SHA256
9f0f323e3dccf098e41350886c2fdc9c27d4839084024bf1877b95adbf3cc402

SHA512
c57ab3d8e35e55384f61145f454d95cbb3f651ae9e23b0cdaf0f01279803a5f5e21eda6e60b4156a407bacab7d8fda1200a614f2631f1a7a54c2c9297d0c1566

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
204B

MD5
38bbcf876fdbc859831002af2f5cf0ad

SHA1
aab7603168a3834f58cda28f0c679f96ce375367

SHA256
e94f69163199704f64954fb60f5361f50b5faf66c35f3dc54d0bfb62ad7bf7e1

SHA512
b670d3ce7461c1a189db89a91ff26e7c09c1bc5401da136dd7263cbf756131e2e66a38c850f2300c65274e9d6a815a3a21dc243c663ce674cb729219e1bfa652

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587c30.TMP

Filesize
204B

MD5
b725788003b6773879f1f6e220e51cbd

SHA1
d49b451d92d8afd3d10104a120c3a201ca0d017a

SHA256
f35b977e1dd462461bed8b6db7e052b9fc167c5c2dfd599d9d4b7d626d3aa5ee

SHA512
d1a871f03168406f0531ec8dc474b8cdb869e71a7fd72bf32fd8c31d9f7b8dbf539f9282fa95b3aa8f56d9611527195ba167db402cda6bb2df02c0242aa71916

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
1bf55392687c4dccc9c9b10ec9e50291

SHA1
ae2385d42f208349c1fd60db3a60653766048863

SHA256
b25070abd90c236a64818ea4ac597db1282350f7f1d3ba3c3fd25bbad6b43866

SHA512
5ea3f89614e7c7b748fb7dc927fd1a99b8315150c11d44e795e9539bf28210bdbd4f66b0c88c3c40a766f94d0e52c7d5c46db0fa9caa28bdfc540c96025174de

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
9KB

MD5
89a3116b2472f4ed990a7a6dc37a32a8

SHA1
2db0036bd7161e9030559f9f7747d073d66ffe73

SHA256
6e0fa05390ecc9c49731549a5a752e8cb1af7497f7df38a10f4aa63dee2f8142

SHA512
8cd5d6b5bb6350e0f32fc3be588dcb1e5f1cf39cd9aaf3106d10be1113975afd062623629e8845ee071488e6be37670dde5e56d2e7d4dfa88a7dfc5a320485e7

Download Submit