Analysis

  • max time kernel
    265s
  • max time network
    256s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/07/2024, 22:41

General

  • Target

    https://www.amazon.ca/Quicksilver-Lower-Unit-Drain-Screw/dp/B00LWKRO88

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.amazon.ca/Quicksilver-Lower-Unit-Drain-Screw/dp/B00LWKRO88
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3328
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdbdde46f8,0x7ffdbdde4708,0x7ffdbdde4718
      2⤵
        PID:1600
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
        2⤵
          PID:4776
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3144
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
          2⤵
            PID:1752
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
            2⤵
              PID:1720
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
              2⤵
                PID:1292
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
                2⤵
                  PID:1436
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4164 /prefetch:1
                  2⤵
                    PID:1564
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6084 /prefetch:8
                    2⤵
                      PID:3004
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6084 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:4372
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
                      2⤵
                        PID:752
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4172 /prefetch:1
                        2⤵
                          PID:1888
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
                          2⤵
                            PID:5268
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1
                            2⤵
                              PID:5276
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,18035446590453856349,3389342578306019697,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2368 /prefetch:2
                              2⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:5896
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:1636
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:4020

                              Network

                                    MITRE ATT&CK Enterprise v15

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                      Filesize

                                      152B

                                      MD5

                                      04b60a51907d399f3685e03094b603cb

                                      SHA1

                                      228d18888782f4e66ca207c1a073560e0a4cc6e7

                                      SHA256

                                      87a9d9f1bd99313295b2ce703580b9d37c3a68b9b33026fdda4c2530f562e6a3

                                      SHA512

                                      2a8e3da94eaf0a6c4a2f29da6fec2796ba6a13cad6425bb650349a60eb3204643fc2fd1ab425f0251610cb9cce65e7dba459388b4e00c12ba3434a1798855c91

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                      Filesize

                                      152B

                                      MD5

                                      9622e603d436ca747f3a4407a6ca952e

                                      SHA1

                                      297d9aed5337a8a7290ea436b61458c372b1d497

                                      SHA256

                                      ace0e47e358fba0831b508cd23949a503ae0e6a5c857859e720d1b6479ff2261

                                      SHA512

                                      f774c5c44f0fcdfb45847626f6808076dccabfbcb8a37d00329ec792e2901dc59636ef15c95d84d0080272571542d43b473ce11c2209ac251bee13bd611b200a

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

                                      Filesize

                                      16KB

                                      MD5

                                      4afcd3b79b78d33386f497877a29c518

                                      SHA1

                                      cc7ebaa05a2cd3b02c0929ac0475a44ab30b7efa

                                      SHA256

                                      cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821

                                      SHA512

                                      2dc9fff1d57d5529c9c7bff26fa9f3f94adc47e9cef51d782e55ecf93045200140706ab5816dfd4a0b49b8db2263320fa2f0fa31a04e12d0c91fea79b127255d

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

                                      Filesize

                                      16KB

                                      MD5

                                      15e17f26c664ee0518f82972282e6ff3

                                      SHA1

                                      46b91bda68161c14e554a779643ef4957431987b

                                      SHA256

                                      4065b43ba3db8da5390ba0708555889f78e86483fe0226ef79ea22d07c306b89

                                      SHA512

                                      54eadb53589c5386a724c8eea2603481ebb23e7062fd7bfab0eafe55c9e1344f96320259412fb0dc7a6f5b6e09b32f6907f9aaa66bca5812d45157e3771c902f

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                      Filesize

                                      3KB

                                      MD5

                                      1056bd67ecc360fff83527c094b77519

                                      SHA1

                                      347ed2515c9fb0aba27ab6521f78804d89f835c2

                                      SHA256

                                      9a876b18efb34aef9d489a9e4145b8801b4c5974df2a2ca65316bbd91dd079b8

                                      SHA512

                                      13eab36542bea7118a637856af30862f366fee7284f4a6f66c2fc6194479037b810a027ad7ba0dbf3d843a6e12618998e58addc74b7c13c8e3d94696e959191d

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                      Filesize

                                      5KB

                                      MD5

                                      bd81c41259c834156e9ab7acaf020765

                                      SHA1

                                      2f4fca28d064d80df764c7a07b01b1f0d6497117

                                      SHA256

                                      d7435b0f3ebfa08fd8fc3849a46e9dc6c14f15c8a067493e5f3d42f84d323a9b

                                      SHA512

                                      2b78e5d0759684d38440bfeb62b21058a162d6e457bab00f0360d3b325c2589e8fb804e14f80330741fc26cde1dde4ea90dc9b30a968972fae786825f0c825e6

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                      Filesize

                                      11KB

                                      MD5

                                      a5de60909d7fa87ce3eac58e38c8caa5

                                      SHA1

                                      0fcc87e11bcac963a63c15f0c745f95272f246a6

                                      SHA256

                                      89d2975e4d4f7878bed9097c7175c9b5d53c0e517b364ca3beecc18bfedb8b9d

                                      SHA512

                                      e650e6d4d1dad236fd5628d929fa42b4e6ff2a9c05e6de22ded36f7b982b8059ef0e1e705548bf4839d71b3f5ca494c88e4199e312a8cb252385a548c31ececd

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                      Filesize

                                      72B

                                      MD5

                                      727d13b527ac897b9b2d3a5d6ca02201

                                      SHA1

                                      5891c00a9ea69e5479fa8121776cc65248493dce

                                      SHA256

                                      617e62c0ff697d2b437109fc1c71d69790602e268b8cedd57a84915b881c5b22

                                      SHA512

                                      83ac6df69d7ad96f0cbacdc898b2e50379d992dc714586da7c8c09baf23944769dbd5947e9b3f10b15dead240da48f5dc66ea7a0d1c77e49d3f265ed94bb7c10

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5bdb59.TMP

                                      Filesize

                                      48B

                                      MD5

                                      631ff906c0a2ca189c591df9992b92de

                                      SHA1

                                      e545c01754f0dd0025783ccbc0ebe9742c6d79f5

                                      SHA256

                                      d6041307fd5df56db1df8a2a27fac08c1ac0aa77433f30ddd45e44cb1dedfe99

                                      SHA512

                                      2e77a44b14b3a976486113e0a8afd4c2f3edc01dd872169355a0d2a25c2fb1d440071f16731e4b9d4e5ce43a4fb44784fb11666fd858b6207462e051f64c0104

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                      Filesize

                                      3KB

                                      MD5

                                      0a6c64fd9d1d3e34a325c1bd17dd659a

                                      SHA1

                                      66bdac8b9116591e3492fe35296d5d7143aa6e62

                                      SHA256

                                      f93e4a94a844c21d52591decf72ffb945a0f35bd304feb61bd00909176331d15

                                      SHA512

                                      59dea5af458c6260edf6171c2dd5aed42d21583857aca6016c3b5e7b4df835aeec999927700cf348659e34e5d67b251d6adbe004f861536e077396de6aa26901

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                      Filesize

                                      3KB

                                      MD5

                                      96ff03dafd8049864ac19c7f086350fb

                                      SHA1

                                      aca156d3d7b83d3e6472fa43e38be20380fa9b03

                                      SHA256

                                      9afc5152639a55a244663b210ff2ce15d7ff51c11cbdd8cb61a203d5ae17703d

                                      SHA512

                                      9cc6b81fa937f32727f3f044ee0f46eaf2581581b3afaa08dd6f1fd1453400bc9d40dbcb7eee918e149dfc35b5f8439acddc7c21cfb9ace1f478c3efb5ed98f3

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                      Filesize

                                      3KB

                                      MD5

                                      83b2725af69846834eb39e419feab8d7

                                      SHA1

                                      0200adc0c38ad1e85278580f0d11234486484239

                                      SHA256

                                      500963da61a71c08d7077efb5b9aaa3dc326a62adf7188d773cdc202324f6a49

                                      SHA512

                                      2643164e56367c22e24df2624c851097e19a7f4662f9e0a4dc8802445e7f25d7ff2cf978bd9c3b010c3aadba1ff97092ccc56bff8d6f0404b69d68cfcd38ab7b

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                      Filesize

                                      3KB

                                      MD5

                                      54c97de933458189b4a27c97d91c23f2

                                      SHA1

                                      348b5250aefa24a12ec868c32f16e877d64893a7

                                      SHA256

                                      2a42060d8d609d8e033b265bd4d1acca690fcc2b9863d0819130c9c3f97dfc9e

                                      SHA512

                                      1bbd4f1415ec50a189d29cd2e7557576a122cea03eeeb210371d37ef35f121429dc2ccae3530d7e67c482b10aa890801ca91b98ecb8298a03ed957b01f29b06e

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                      Filesize

                                      3KB

                                      MD5

                                      ff653468a8f600a31489a54af31707ab

                                      SHA1

                                      b0da54a2ffb7adac7a013e4a65ccacdb68ae0aa0

                                      SHA256

                                      cc622e8c76c942f9cd001458b6618c3147783aae1fe4c49ddedb04fdf0a05cab

                                      SHA512

                                      4b52f26ce8c3d4fd70f14f236c14c49b2468d9b54551dcdf907c6c8dfef8b46ac5d561054b64adac99b7abdce9704c981fc60a0d61a4a8b7dd4312c80da0d376

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                      Filesize

                                      3KB

                                      MD5

                                      b13aac1a7fc91def6c348e55eb5ce75c

                                      SHA1

                                      0ed16e893ac3894eccd4455a31aa4a0f965fa7e0

                                      SHA256

                                      fcccc844d71d0240dea5de46c9f55fcc47408e8ca19237f6bf9fde9743a05e18

                                      SHA512

                                      d2559994f122116a1b6738ea0c5ee4907e14f814a090050d1f875585b0fc87fe8257dc56d559689bf9fbf8b3b62ebd03cae9a762c9281843b7c4655a0e543f6c

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5bcee5.TMP

                                      Filesize

                                      3KB

                                      MD5

                                      4545975795d33fc0c15ed2665c094007

                                      SHA1

                                      586facba6f6f3872ab8481e69689e811bd36d6af

                                      SHA256

                                      789b8e697463e139e0e372d406010ecf37bd66c786094766432989ffabb5cc13

                                      SHA512

                                      c1da5b0782161547984ef8fe603bc45f5026a26495f2d927d0ec52371f3496e93b7f1daeee8ec5863febf7b7f79213843e359d4f416c726fb45157b4ba662d49

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cac5187a-7dfe-4490-9616-0f04785e9940.tmp

                                      Filesize

                                      3KB

                                      MD5

                                      2d11b41e008713d966858402fe460d77

                                      SHA1

                                      d1b6b9c93950746dada2fb0f14b3c48e67481c57

                                      SHA256

                                      743ed6eb8e64b833dc302b38c3ab43faefb5f50158d8365ae7d53ec38c01ceb9

                                      SHA512

                                      24de3bd4a1793a5386e26ad39d07692ae29dbc155fb004cf2e138cb72441b72d49f457a8adb8694d53ae86db94d05693fd05f4cc6207f5fff1ed1bbfd11e8be7

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                      Filesize

                                      16B

                                      MD5

                                      46295cac801e5d4857d09837238a6394

                                      SHA1

                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                      SHA256

                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                      SHA512

                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                      Filesize

                                      16B

                                      MD5

                                      206702161f94c5cd39fadd03f4014d98

                                      SHA1

                                      bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                      SHA256

                                      1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                      SHA512

                                      0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                      Filesize

                                      11KB

                                      MD5

                                      5f5962ae50de966c38845762b28ee972

                                      SHA1

                                      a82009db49a445a33641bf9ff9609b26d2b9f357

                                      SHA256

                                      f571ab2797c55cb563bd9909e6579f4747b951005d24a25ea38c75166ee04ab4

                                      SHA512

                                      87f93686e93951eb0af415c27fb935d5b26b067b3a5da0c8d07800d936cb8616b078071e7973d36d793c2d0d9225f20171a6d88c08e7f08c6b82e56eb537ccbd