Analysis

  • max time kernel
    124s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/06/2024, 10:41

Errors

Reason
Machine shutdown

General

  • Target

    https://google.com

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 15 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.com
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3860
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffceba246f8,0x7ffceba24708,0x7ffceba24718
      2⤵
        PID:3152
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
        2⤵
          PID:4388
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2748
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
          2⤵
            PID:1168
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
            2⤵
              PID:2920
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
              2⤵
                PID:4056
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
                2⤵
                  PID:384
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5240 /prefetch:8
                  2⤵
                    PID:1568
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5240 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:508
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
                    2⤵
                      PID:920
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
                      2⤵
                        PID:2376
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
                        2⤵
                          PID:1244
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5384 /prefetch:1
                          2⤵
                            PID:1448
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
                            2⤵
                              PID:2892
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,3315939827885351355,13077208926248618908,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5080 /prefetch:2
                              2⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:2548
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:4748
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:1312
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:4012
                                • C:\Windows\System32\rundll32.exe
                                  C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                  1⤵
                                    PID:2032
                                  • C:\Windows\system32\LogonUI.exe
                                    "LogonUI.exe" /flags:0x4 /state0:0xa394d855 /state1:0x41c64e6d
                                    1⤵
                                    • Modifies data under HKEY_USERS
                                    • Suspicious use of SetWindowsHookEx
                                    PID:2292

                                  Network

                                  MITRE ATT&CK Enterprise v15

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Filesize

                                    152B

                                    MD5

                                    ae54e9db2e89f2c54da8cc0bfcbd26bd

                                    SHA1

                                    a88af6c673609ecbc51a1a60dfbc8577830d2b5d

                                    SHA256

                                    5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

                                    SHA512

                                    e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Filesize

                                    152B

                                    MD5

                                    f53207a5ca2ef5c7e976cbb3cb26d870

                                    SHA1

                                    49a8cc44f53da77bb3dfb36fc7676ed54675db43

                                    SHA256

                                    19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

                                    SHA512

                                    be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

                                    Filesize

                                    696B

                                    MD5

                                    4fdef26828f2366cef4e2606b7eb3e26

                                    SHA1

                                    e55d81038cf1d0fecc73cf14018032ed5e8b1a21

                                    SHA256

                                    e81d150ebdb9287cfa2007b7aa20fc68fb83742d7b198eb3100730c4bc4ab9d1

                                    SHA512

                                    9f6c001322d75cecce32dd78e89831061ccd69a1bee4e904f322d3d7134d4d25a94c0717a1d168ae3a7552e6071470f2901beb4e6eacc07351fdbce398916ec8

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                    Filesize

                                    336B

                                    MD5

                                    a8cc136c98fa02dfb518cee83a6436bc

                                    SHA1

                                    32cfeba3d1c217f02c5379df1b59dd5de4ddbc03

                                    SHA256

                                    d18f7fb3a158326f567d11dc4a3c58aaebf26e07c2ef139aafcdf262e17eb4ba

                                    SHA512

                                    e6d350216931d6f18080d1a542df658badffbcad03fa41339f75a87f5c62251ade494f3ad5fc1af2d3d300fddcab371598f10b060c331a2899a1816a42ee9926

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                    Filesize

                                    3KB

                                    MD5

                                    6e49145b268ea91c0a12edda4b28b72a

                                    SHA1

                                    f10f98c3982a7fda5d7d7be79eba8e9d5e9b080c

                                    SHA256

                                    3c2145b4afb6a4b0d0f318b52e498a244dd9e0b2de5a38fa606783bf64402381

                                    SHA512

                                    792701071da4809dc1699e9236bb674538203c10fa68fa38a866e4b52b3671bf955bad18929424b91965c353dcce5224bce237fe841f9dceb7a4f48ad32f92b9

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    6KB

                                    MD5

                                    2fe6a1ad486d3169f577eadca2fd8132

                                    SHA1

                                    120a21cd190d8d449163068525133f61c8465d22

                                    SHA256

                                    0566e7a5278d56893df236039fe91dc70d57603c5391e219a482de4b7714a62c

                                    SHA512

                                    8f2285915fca11999da5538472776abc36c598477a349fa7981de56da2f58d111d64713365f9e863c39e5ddb5050c4e5e07c6bc2c7c2fb5f1ca6d034d58ee2b2

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    5KB

                                    MD5

                                    4b7f80eb83a0270d89c37b1404e7a884

                                    SHA1

                                    a91d403b5d62bc53f683fcbb579338e124e5aeaa

                                    SHA256

                                    25fea398ee6c5bfe4a1a3bd45215b388ca684607c8428ff98a49f6afdc4cc264

                                    SHA512

                                    67504804c6ab24416c3cd4e2aad075f88941497716ff2b76211eb5c32f1b2def4181aac7106d76f37a8a843dad868fecbf52b9ef943da50aac5a6a59ebcbc553

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    6KB

                                    MD5

                                    30cc6333c30c147d0c64b1ff514df37d

                                    SHA1

                                    c6c38efeeb7167feac38fa64c872e371a47412c9

                                    SHA256

                                    62563cd751cb4838fa39fccdb3859074e3f9e0d8de8684edfb3f45a724b26e09

                                    SHA512

                                    a3d3f0ae53ab13d995c3fdbb5dd9e08de8b3b2cb5360a78038bdc917ecedfaabdeae9eb68cc9a5da03075b8c5c764a1efd3fa29af094da986e544d23b7b730df

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    90B

                                    MD5

                                    2c0d1c13951aeba7ebbf927f90f03a5c

                                    SHA1

                                    44557160ed75adac76fd269874a04df6a049fb45

                                    SHA256

                                    b26a4af5792b8de9f6aacb507476b3e347696970481981df41a8c75002841a49

                                    SHA512

                                    0d2c298dd812d958446930ad99cbe16433e5363879acd2af7c4e1658260bf0388d92d7d29d9764599181e96e5f886b7f6abda24b8f87c3aecafaff6caee6938f

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    26B

                                    MD5

                                    2892eee3e20e19a9ba77be6913508a54

                                    SHA1

                                    7c4ef82faa28393c739c517d706ac6919a8ffc49

                                    SHA256

                                    4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2

                                    SHA512

                                    b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                    Filesize

                                    540B

                                    MD5

                                    d55771ad69f9116a627f7c99c0556d80

                                    SHA1

                                    49ebea4a8932a9f50817bda948e9aa5054444d03

                                    SHA256

                                    1217e0dcc401c51150d5b5e877c74d693329f4f50b731906342ea5a7ada73b72

                                    SHA512

                                    30f6bffa3a5e5611ba16a729253de67e4563c1d88537ccdf9337aa186732d22003a42c12324cb5a5c4bfa8a2de7c2bd23c12ddcbc5e11ec9e1037cf820a18dc1

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                    Filesize

                                    372B

                                    MD5

                                    2ab197b5c2e616cdde6d7b21d35f8d2a

                                    SHA1

                                    b2a688b20c643ea8c97fe57bd39fd6af99a79b95

                                    SHA256

                                    a14c96acaf60431146dc77ce3786bd5e17e55e9f407ca74851aff22cce16879b

                                    SHA512

                                    f09dc9e73bf33764377e086254855bbdf856a6d59fe98a1d9e0572ce974e8cfd4678c0c9cb4550540a7e693a0c27b0c0e0db6b9d99d10f97438aeb5773ec4c03

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                    Filesize

                                    540B

                                    MD5

                                    6c7529ec67141f601ea33a6ca7506b75

                                    SHA1

                                    bd44bbd55cc15b1160385d0b0b1a01d2a5b6905a

                                    SHA256

                                    59189f73ce4618269bc54df965e68e2561c7d424c93c9106d9875b74e6d5e99e

                                    SHA512

                                    7e6f36a1dffd71b7ef38ce1b144d6507180bc315733e3f32f7b716a0df436a3185be4219cdb32e09e361929826bacefa502bdd1e218506ca3c28f1f56b111072

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b268.TMP

                                    Filesize

                                    372B

                                    MD5

                                    3e0b3ff1ba8fad8ae4e9bae9861a936f

                                    SHA1

                                    241e99dd29990ff3ccc6ac94972af743b197070c

                                    SHA256

                                    b9626b539f653d35e8d721a7d54a5eb01f1815cc9030e847d7931a33bfd4fd82

                                    SHA512

                                    c4b314e47a40a545b32cb4b1f78bef1d7a541f12abb1b727df32ddb4e0bec84da523ed434eba8bcabdbdbc6f43ac7583fb0f7582fd682ec68b1d318e42572817

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                    Filesize

                                    16B

                                    MD5

                                    6752a1d65b201c13b62ea44016eb221f

                                    SHA1

                                    58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                    SHA256

                                    0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                    SHA512

                                    9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                    Filesize

                                    11KB

                                    MD5

                                    91561ebf329143dcb465c65699bba999

                                    SHA1

                                    3339b7610c2dee1dd315a7c27574a95621b86b12

                                    SHA256

                                    e86546f8f9f5ea235ab3a9a5f5fd5bc3f976b095efffc8da8439de32ab4b3ce4

                                    SHA512

                                    27169a86f04727babcfaa7b35c84c9846fde33de02c133ae33bb369aaa0718ed47fbf8a9ebe93b5a3c756d18f9338e0098e873bc0b4fa3eb738dda11fad74ea4

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                    Filesize

                                    11KB

                                    MD5

                                    6925f4c710856a2e40d0cbe6e4cef939

                                    SHA1

                                    85b7087b8da05ab6d3924fcbf8d812f62a2d3457

                                    SHA256

                                    094f6ad2199c2771f2e7418815a6113b6e0e513432254c998e9c1cbe46e48274

                                    SHA512

                                    f2084dfdc79c3127a72ce1c3cc42a7ce66206c93bd4fc8927cc817f41b6c96ccad657998f19fb3047bba6a39d3d3bb46c319e1d3a499412e6b60b23f0a544e05

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                    Filesize

                                    11KB

                                    MD5

                                    e857d5a56d42738e8f2afebc5c401e05

                                    SHA1

                                    28a19253f7dc01704e068a13d5f2f3fd7b8c8c2c

                                    SHA256

                                    f98c6ec8f5e47454879758fbed99b677a0be3c5a386fd2fe82244aed593e7737

                                    SHA512

                                    93161dc6726a30e19edab4f0b3fa16dd2aaa4570651d3ffcf79db52b55877b9e55d2c048009a4e16091a1a3547fc4fc5da5d85ef7133ad6cabdcc02e477b52d6

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                    Filesize

                                    10KB

                                    MD5

                                    d36d5f05738c42bc301af45f120dd32f

                                    SHA1

                                    662453b7f42b53c1f074e1623e2c2b5d4f0aa5c5

                                    SHA256

                                    a7f306f3d37a71d2253fc72ab85885f8a27d91ec97fc86b5faf0ef4dab3ec6b7

                                    SHA512

                                    3ef4450883b83d1e5dd0dfe9390e9f4e196f6efaceef0a1a94bee944c35bf2604a56127ab0757ed73c845b56621620202f378b142c4c41823160ef119c772430