hxxps://javascript[.]info/long-polling

Analysis

max time kernel
35s
max time network
35s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
05/07/2024, 20:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://javascript.info/long-polling

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1488	msedge.exe
1488	msedge.exe
4232	msedge.exe
4232	msedge.exe
3516	identity_helper.exe
3516	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe
4232	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4232 wrote to memory of 2664	4232	msedge.exe	82
PID 4232 wrote to memory of 2664	4232	msedge.exe	82
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1676	4232	msedge.exe	83
PID 4232 wrote to memory of 1488	4232	msedge.exe	84
PID 4232 wrote to memory of 1488	4232	msedge.exe	84
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85
PID 4232 wrote to memory of 4812	4232	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://javascript.info/long-polling
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff893e446f8,0x7ff893e44708,0x7ff893e44718
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:1676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:3044
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 /prefetch:8
  2⤵
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
  2⤵
  PID:3060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,13649049486045293369,10452713821345569328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:5048

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1180

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4648

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fbc957a83b42f65c351e04ce810c1c11

SHA1
78dcdf88beec5a9c112c145f239aefb1203d55ad

SHA256
7bb59b74f42792a15762a77ca69f52bf5cc4506261a67f78cd673a2d398e6128

SHA512
efad54eb0bd521c30bc4a96b9d4cb474c4ca42b4c108e08983a60c880817f61bc19d97538cc09a54b2db95ab9c8996f790672e19fb3851a5d93f174acdfac0ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5b6ff6669a863812dff3a9e76cb311e4

SHA1
355f7587ad1759634a95ae191b48b8dbaa2f1631

SHA256
c7fb7eea8bea4488bd4605df51aa560c0e1b11660e9228863eb4ad1be0a07906

SHA512
d153b1412fadda28c0582984e135b819ba330e01d3299bb4887062ffd6d3303da4f2c4b64a3de277773f4756da361e7bc5885c226ae2a5cfdd16ee60512e2e5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
aa8ecd1f5edd4a912f8867211d0192b5

SHA1
19c50c40c0febc1d3e69878a583748b8281911a5

SHA256
e5fba4597179a4f6866f033beca62717e93888f0f45fb32dfa08ab9322b3b9d5

SHA512
c47f0ef6c7bc00a89fa634ba11049c1bb7de0ff02833753575279b4b6587c4c77113083c4327c5a3320bd921a5fd0e07cc910d4123d1094a00e6264c25b561c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8cebdac0bc10713854ddbc5a756a321c

SHA1
1f93ad7dc65b44e1ea96de724e06375c0dd8a08d

SHA256
433273b87697bb3a1507d4f5bb9e8729f129e0e73c8aba39956fc8a454b893df

SHA512
be595eb298e83c7c11cd5f41eabbd84b7183673ff62cbc3e215e32ee779c83c49d89fd3cda40e3b9d17386c46362d34f7cffa3a7450540d2f4d68eb05239b11e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dcd379b0c60befe87342d98057c8770f

SHA1
a3896b9307b00e2511c89075e7814df04492848c

SHA256
6eeb12343e20a479468cb951b1d0f7e1586013fc4d747e9d67c854755eb6ca2a

SHA512
d404020b55876860990df0f1ec56b0cc2b2fd58bbb7475c9494a09704008b8abf0a9e9f5ecd0b03eeddf9a9b1b383e25d8600b45f6227844394afd76af2d22ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f0f7b1996ab134c0d4411a3cf0206127

SHA1
794e70e8c2b42576c8a4e2c2f771a0779df284f0

SHA256
8fca5ecdf91a72062f5f12c8cddddfb74be96457cf4909853c9ec330c1596ba7

SHA512
35ba30e6a548ff6a31423e429df249af351a6cb034de6756668c99c455a086cc04993b63baf17fd0ea4fbcbddd74f82839810e21d03b73a495399e43d4044774

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b82c3f8831725899c804db8951855ff8

SHA1
4aed0d13b5c1f3968b92092be4f218c862225bbe

SHA256
8bebdfa0e3cfc84fe63241ffabde037422a120025bd543d938aeb8dd11569e6f

SHA512
57645aa6a4b71b6320a319f7864ed1d5706fdcd6547b8ba7cb6e254e33465963c7f4160ca3ea0a74bb7f830a1e0f9862a106ba8e1c13d3cc61c7aa4575fbdf33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
288b7b6ccd49f3e3736cd381ff82fdd7

SHA1
d1915056ce6f7b2cd728946e082fb1387f324b6c

SHA256
433f8c45eb33d83feb0f4dd00f0aa25cc2044aa258074253bd3838deddaa2c92

SHA512
ae9eb81c0492c6abac388387f225cbac059329ac3e706c70518ba1e980cdec4435be57c7ce45176b36797f34eed0ded26580b1471e340221aa50606546c97282

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
6cd68f770373ca07f64d4d127135cc27

SHA1
1fc4346bffc06f5df733b36ccbfcccf1f3095e28

SHA256
ad0f4a928395b303b83a9dbffb03d29479cc320dea64c873a17b8fd61a1eb84a

SHA512
702a2bb4da4a3971c0381db678d78c7d9ae51fee665969eaaa3d0a3d1223f7a165af7cfbf6b2a3d5ff4c4f6a6a9ff9833e9ea6c95a43f3f3864c0de143c65053

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
28a43adb2db9e45cd26e9b2fbbf7e539

SHA1
d978fbedbf0ab9f574b9ea9598f9d3ab5c2f9209

SHA256
c76126f449aa48a3d1b1f146440ddb60dc063cefa5e347c6fbf6313459add845

SHA512
d1c64c34eaff9c90f8f919d1dd87a810ff1261f1bf9adac54ec34e3214a5426182a99a72219daa8567c1036383611f00b9e16b24843bdc26ee695746cbd8f6c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584dae.TMP

Filesize
707B

MD5
a3cdb888d41192309bf0276373f12bb2

SHA1
6772ef8949c62abf8ac4b42438b7c998499c29ca

SHA256
f8699bce0151ee16436a71ac76936da6511ac1665f952b6d2cbab27ae0c66503

SHA512
27ff9a8f48125e5826ac5fc8aebcd6cd83f1b15a92395f8ad7a8871b5763c492819dac70355be6d7992616e81e17d919f527ce0f8905815695061221591625c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
884df55be4172dce1b2b3c82fa596fa9

SHA1
6a1900137dd7fd62f2d73fe7fa29e73d7889b25d

SHA256
62908e2fcaddd803a93b11c41e4a5287a24a4e783ba970c64c4a02b8451fc2d5

SHA512
bbafab1598c1f901536a730496205bbe30cab037a30aaa3fe4a3b7019cd631769aeb9690af39f41aef467164ae543aee369a9924cd932439f55403b197b3b30c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
d5c67d24aa74afc1656b48139ab3aec9

SHA1
92167c46cb2710d44b44cc94745b582eddd6cc62

SHA256
5f5d3c10ed90ea0217f6b3667ecd9b7389845bf777fa920f5e94a2dd06285994

SHA512
70da581cfa40419b88134c845b5e92facc4e33bc6bc3c630225f554e222cdec750c082746f1e42549315e7ee7a2bc1ceb1c7a3dacd2eeb7d7cd271052e5c3125

Download Submit