hxxps://ify[.]ac/1Ic5

Analysis

max time kernel
1728s
max time network
1685s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
14/07/2024, 16:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://ify.ac/1Ic5

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
2232	msedge.exe
2232	msedge.exe
4116	msedge.exe
4116	msedge.exe
2612	identity_helper.exe
2612	identity_helper.exe
3468	msedge.exe
3468	msedge.exe
3160	msedge.exe
3160	msedge.exe
3160	msedge.exe
3160	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe
4116	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4116 wrote to memory of 3144	4116	msedge.exe	81
PID 4116 wrote to memory of 3144	4116	msedge.exe	81
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 1884	4116	msedge.exe	82
PID 4116 wrote to memory of 2232	4116	msedge.exe	83
PID 4116 wrote to memory of 2232	4116	msedge.exe	83
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84
PID 4116 wrote to memory of 4900	4116	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://ify.ac/1Ic5
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd90703cb8,0x7ffd90703cc8,0x7ffd90703cd8
  2⤵
  PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
  2⤵
  PID:1884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2584 /prefetch:8
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:1364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3776 /prefetch:1
  2⤵
  PID:1160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:3528
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5804 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:2796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3772 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,17451736584777181621,16918518583680035020,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4796 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3160

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3056

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3820

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f1998107017edc46fed4599ad24cfe53

SHA1
47e92f0646f0de9241c59f88e0c10561a2236b5e

SHA256
cc6838475e4b8d425548ceb54a16d41fb91d528273396a8f0b216889d79e0caa

SHA512
ef7228c3da52bf2a88332b9d902832ed18176dfff7c295abfbaab4e82399dc21600b125c8dad615eb1580fab2f4192251a7f7c557842c9cac0209033a3113816

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
21cf39beee4d807318a05a10dc3f1bf3

SHA1
01ef7fc09919eb33292a76934d3f2b5ba248f79c

SHA256
b766823dabbf6f78e2ee7c36d231d6708800126dc347ce3e83f4bf27bc6e2939

SHA512
0baf8b0964d390b9eb7fafd217037709ac4ab31abcdf63598244026c31284cd838f12d628dcffe35d5661ba15a5e4f3b82c7c2d9226ac88856a07b5b7b415291

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
e9cdb02c82965a6068eb1216b6b89d54

SHA1
b2bd751586c74dda2ff4625f63431bc7c0e9bc62

SHA256
c074730a26576fa3ab61b88e38328b428b155f744672ffe875b3faf9e92c5934

SHA512
dc6f6209bc8ec4fb8e73b8e16e332432c35f884e2ea396bd64e29249e27cb0a753c8352e5b7bef29ff229491148b08e603b8dfc559c0e7f65317acb2211e486e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
a7ba150b7944a33c44020e9de356e2b2

SHA1
adc63b26b957000a0c8c56876289dedd0bdfaaa7

SHA256
4d93b19129e48b79086ef1d486cdc48d3abd06e911bdc0cf508b2ca45f366b82

SHA512
54f92cd28003727639b6027715bdf67f968bf0bb3da48a0668f9153435c2bde60e8201918b12074d9dd9e7b92461133e54187d905bbcfbfc42321f43556cc8d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
860a5c43d242ceb05b8d7cbfc079b85a

SHA1
f929e34b4a8a174b5c313bf68c646f70fcd301de

SHA256
2c3d5ec3120757112768662a040e626b93c7288c08d8a521693dbbe12952293b

SHA512
a772c5397356891f8d5049fe77634c04621df568c883a8e62fbe2e610ef41d73fea2b63ea8a028c1e85546d1c855994cba33e676c4874c22c80c8c0a894a1bfd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e44fbacbaa66411c90370f8a8257b7bb

SHA1
33d252e989ec43ed1b900ef5eb45b9688460e572

SHA256
99b37d6519d2a808992759ac687f3d16847b41a43c7219c0f73324fb6b1d5573

SHA512
7e0e1a05c873bf713bd2f9ccb149a87f872a0b10a75d8c9fd05356f0b30b2bad1e112e21a1866048e0f868c106885c271e29e6bf49278e8adb1770a78ae54414

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
8b3e147b638d66224300b04062fa9f3a

SHA1
33e137fec32dcd925bbe580c08681edde442fbfd

SHA256
90fcaa3de86ec7ceb6200841b1ebf7e5fff43c6cc5c130a11665d6624ce56a04

SHA512
b15f6822fe7af37285b75f68870d318ed3a6f40c963f4c14bab24ada29dda865358a9c4e3aa8ed00548661058d1e8840e01b83ebce04e7106540c47c47f7fd3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582b70.TMP

Filesize
48B

MD5
fdd9956b9dbb615b460e820cea5c0bf6

SHA1
1e55805c60f76ae843989be2b70c3d16e5db5e23

SHA256
fef83c6f496ffced3941279f77715d15f64b814e9b7003589e47cb6d32e91112

SHA512
613ac7de8bf98eaf342d550827f1b5698cb52202b88390cba38a01299d9a4a3f3514809a50f6a83e3fdfb84c90571c6dea0ae92db026f6792ffbe441b2939dfd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
540B

MD5
fd62686de4fe0d7f2b059d62aaf76417

SHA1
a0fd14e4eade6df77764ec9e3048324eac7bae7c

SHA256
cb7252a7027132af9bd0b823e4dd3c42027438d281f92fdface3e7bdb3cdccd7

SHA512
ac4d4bbb15a269a43d8119c68b9317fe04a4e282a24042607042a6e3b6ae2a4fc15e3c1d015664cbbc9abe70241cea7f59d43b43ca375e2db53c9ee92ac51b24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5864ef.TMP

Filesize
540B

MD5
ce684b232d10f9e396e60bdc6b53eb03

SHA1
e6b33356d40b04657d5860ee1877e5a98d433c91

SHA256
565c67865ffb14f3c30ebd79c4a133263e10c3c6fd2bbf3754fd4c110f7c5902

SHA512
65ec95f85dfe9c8dc2f4103d9df31e68fe86402593b1fdef9e2ba12772e97af420ced76fd5d863416719aaf2e379f03cf600a000cdb988ae12ba80757b6806d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e03ccf04d44acb40503bf04155ecdeeb

SHA1
6451be01ab0cb737b6370bfc35b74e4c235aa0ff

SHA256
a737547f83928b54c3cb22c4c576597722783770bd099bb32a31dbf7313f86a4

SHA512
bc785ed33d5e9419388ac33448c030bfbc161c32a8cb0dd890b481e3ea8f59219578e5df9922e6999666c31a52af3389ee5dd90dc83a0b2d8b4d6a261ddd93be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c7157460e113cb5c6486c2f7f74a314b

SHA1
c2768f3ba2da1f92922f38a84ce309534050f89c

SHA256
8aa596cf7dac4d853bf972ea976f1b13650cc8562cb105936376629f5f0752d6

SHA512
4648c40958d9fa6e322c3321d3d1da9d2d26c4865b5fcbb951c90132bbda90cceb482c6f488a3d4acc313e9ec1d2604816d03f8079a545bc1132ef431a5d017a

Download Submit