hxxps://politi[.]alarmcentral-spil[.]dk/?ruid=54217

Analysis

max time kernel
147s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03-07-2024 07:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://politi.alarmcentral-spil.dk/?ruid=54217

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1352	msedge.exe
1352	msedge.exe
1892	msedge.exe
1892	msedge.exe
4648	identity_helper.exe
4648	identity_helper.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe
1776	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe
1892	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1892 wrote to memory of 5072	1892	msedge.exe	83
PID 1892 wrote to memory of 5072	1892	msedge.exe	83
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 3972	1892	msedge.exe	84
PID 1892 wrote to memory of 1352	1892	msedge.exe	85
PID 1892 wrote to memory of 1352	1892	msedge.exe	85
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86
PID 1892 wrote to memory of 4668	1892	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://politi.alarmcentral-spil.dk/?ruid=54217
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffba6a246f8,0x7ffba6a24708,0x7ffba6a24718
  2⤵
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
  2⤵
  PID:3972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2428 /prefetch:8
  2⤵
  PID:4668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4832 /prefetch:8
  2⤵
  PID:3916
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4832 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1
  2⤵
  PID:1836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
  2⤵
  PID:3424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
  2⤵
  PID:2816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2208 /prefetch:1
  2⤵
  PID:2416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,16346119652342270552,2060490709509171735,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1968 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1776

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2392

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2f4100b1-0597-4ae8-b394-4d43b6429a4e.tmp

Filesize
5KB

MD5
7de7f595a3d066fb114bf45d80795d03

SHA1
c639080fcdae1b00266b31a936eaa2b07f0a940c

SHA256
9722f67b03bf7e1ba0a54174aa6cc27adfc8b358c2b5a183d44715dadaa3c244

SHA512
27f89f5dcd2a6a18a6bdf6ef83d8d32a6a98d393f187c3be90156c59a65923a950ea95e90bf429acc0a35a052cbd7a5fde5b17aa969bbe05c4b59d470414fd82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ec146652686c665d13f5b78a1deb6f3c

SHA1
d7bc80671155265d3d535355492136c0f0506aeb

SHA256
7050ef697619fbbc9e6123599cfdb955347ef18eb468219707515fd6d5a491ea

SHA512
3e35e84329d13aea489c706535d78372e42056b7fd4734b11298e3d6852fd1460354e3934efbf459fd707c7ba78a6a5c281435619a243c52d6c5071bb2600770

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7db1f36a27322c22581a0c99559edf3f

SHA1
13b97e8c9c8d409d604ce526d72129bd15553678

SHA256
f9015b71d0963d1685b71cc07840b8f99eeebb10a9adc01495f81a8dc89de4af

SHA512
bc73676df85e4b27ea7fb9bcdabca3c034e88bf0d97c4543a0a7b6775717222fc37c307a7ccdf267d069a5004096a4adfe7fa3a928bcd9fa63cf2fdfb1ca63db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
e9f1ef8264fac62ce0debe6d014ef866

SHA1
927040b44e5b0c2fb13fd35ab22faeec1ef77999

SHA256
bceb108adb39ffc0099374c5946397e01785fcab02ab66a95fe30b5330d5664d

SHA512
dbb630395c6866a3829152e6aaec23e87eafd8680f2ab80833cdc813b5be0d3775a6eec6b03fda6515db63d7d45c2b0cbe33eb4d55d3e98b8d1c94423747aa12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
9KB

MD5
5129f5517e59abc69fe3d5a5c98782a2

SHA1
c5507cebf5462f91c7efd6ae14a91cb7bb253506

SHA256
81508b4161107eb7840bc1e7de067e99ccb03da53a63982036a730bf91756522

SHA512
d509cefdfeb25950fd1ea5d94de271eb9d27b2c28deab6c32a8f1eaa58d7a02dbb36f2135de27d1262cd18458004a7c43a4fedc15f4074d43fbd21c9104983ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
6c1f762508b50edf51f77eedf8128b48

SHA1
8e20c85e175448201f5c855bc6a327946d8f3f03

SHA256
22c0502638ca12e22ad8b9f06a0f7ecbb33bab2bb89d6f9df2e118beeb70bfc4

SHA512
44d8c2bb92948bb4fa496eac27889b313e3fc789ff3d373a7568fb16a362f6d59c712f21625134e01487dc3a5c5bfe451412e77d46a7b4e5a171f07dc6a756cb

Download Submit