hxxps://www[.]paloguard[.]com/Aperture[.]asp

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
26/07/2024, 15:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.paloguard.com/Aperture.asp

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2752	msedge.exe
2752	msedge.exe
2044	msedge.exe
2044	msedge.exe
2100	identity_helper.exe
2100	identity_helper.exe
1120	msedge.exe
1120	msedge.exe
1120	msedge.exe
1120	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe
2044	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2044 wrote to memory of 2300	2044	msedge.exe	84
PID 2044 wrote to memory of 2300	2044	msedge.exe	84
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 4284	2044	msedge.exe	85
PID 2044 wrote to memory of 2752	2044	msedge.exe	86
PID 2044 wrote to memory of 2752	2044	msedge.exe	86
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87
PID 2044 wrote to memory of 1752	2044	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paloguard.com/Aperture.asp
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc161246f8,0x7ffc16124708,0x7ffc16124718
  2⤵
  PID:2300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2
  2⤵
  PID:4284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
  2⤵
  PID:1752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:2144
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 /prefetch:8
  2⤵
  PID:4072
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
  2⤵
  PID:2660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:4904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:2596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:2584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,7769700521057377418,10928212166070000390,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4932 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1120

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:628

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1584

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
328B

MD5
1bb5c6d94fdb4a2abaebd577ac41fdf8

SHA1
3f5ad747459418f3b335f9d28abf1fb42d024a67

SHA256
41fd93b4e5f262bbedcfa6cd92ea0beb6a2e98182ea6fea97361f940ce7c72e6

SHA512
928f8eb63882e64171bb287ca58ba7fbaf7135b752b4a13c44c2ad306713b372481007967d6b03cc893d71a07c6d4570c820d67252794db106b3197d547a1986

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
75c9f57baeefeecd6c184627de951c1e

SHA1
52e0468e13cbfc9f15fc62cc27ce14367a996cff

SHA256
648ba270261690bb792f95d017e134d81a612ef4fc76dc41921c9e5b8f46d98f

SHA512
c4570cc4bb4894de3ecc8eee6cd8bfa5809ea401ceef683557fb170175ff4294cc21cdc6834db4e79e5e82d3bf16105894fff83290d26343423324bc486d4a15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
10fa19df148444a77ceec60cabd2ce21

SHA1
685b599c497668166ede4945d8885d204fd8d70f

SHA256
c3b5deb970d0f06a05c8111da90330ffe25da195aafa4e182211669484d1964b

SHA512
3518ce16fef66c59e0bdb772db51aeaa9042c44ca399be61ca3d9979351f93655393236711cf2b1988d5f90a5b9318a7569a8cef3374fc745a8f9aa8323691ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
32b61f80630003738562c324468a099a

SHA1
b6c1761e775c75e1fc3543ce1f9b242586d2ceab

SHA256
5614aaf1a16170263a33a5c089898a7f073c47cf6d92d60894dbadf79acad076

SHA512
e11ab3dfc58ea4119625af0850f3d9f7cdf1d2e1a86c85d68552e43e19089445307974a1dff1fcac845089cd82f9d9e4e7dd7f764a739793886d8a1d5e3437ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
e17a86cf4010731d5b13e61fdf60b536

SHA1
f6d24e3449b9a2b2269def5ec7cbef54f5565a58

SHA256
f94c26b0c10c6e05f7d795d6242ec38fc6e143b6ca6765d635f53e1f6d9697bf

SHA512
74bee5d1740e77a37a80ebcd54b72bfc8a2c8522248fdb33f06495f7307b5d0cb91984bc956687f359a95500fff66dbf2437af7eb31a23ee642908fe8a8a709c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
1465b34892421d7be43cf5d7c2a6d8b4

SHA1
a35112c7b3aca1c7c204b5b859c2c54c1b9c8b00

SHA256
fc810ca4ddc8c68af0740f0f542460fec149b8bbab24cf9e105c3b125a0933f4

SHA512
596e019e1f8d1545149f5ce474e0ee0f5b687704a101dfca09e2be2e3966b3aeeab8de1db3f8b4955eb1739d422dd71f9cb3dd61fe9181e6539f85292a2c3065

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
3ecc2b22f96150fbc5fa2d3dd70f59a3

SHA1
ba8977247fc22052d6d7a337f1dbab59e3b37976

SHA256
269b5edd7abf0b4ab609d97166bd5a63c548c8d80855966eaf176afc95323257

SHA512
4b77a37f09de025e28c001d25267a9ae24c439123640e7f67e20017f26a98e56c596d50e94512cd4ab4a7c8b521384e988e81042d91d76c4f86ea2c629318e9b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
621942983e4491c15c68ec6ffa3bbe6e

SHA1
ca8b1980f92317aa055f1f4ed16f4fe37127d4b9

SHA256
70aabdf371876f3e39748142c27071eba159fa190e6512439e4b3ec75a715326

SHA512
71f132d5b9a637fc565a86cb4bfc08533601d2292c9378f2fb8df73ea7d6524ea261141f304b740258018e6502ef8d48caa8e45caab576bd62a7c930ecf6a928

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
37a6c639863e47ea86c82546024abebc

SHA1
f31c66927a957f076a0ea9338a9ee7ee7e20f533

SHA256
ff40862db463f0392e6b81cbb5e5b6260f16b2a5a052d5b184bb4bb9dfcf7140

SHA512
f5ae1514f4db433c11ae75b21a7d2167e5521aab2cca93ea65416d6928c8a88bd9dc596ed9d0a7fc720d57c5350d2ec966166b4ff1b8b223d5e23ce7bb1fabc8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
8725efb1cdd7304f734cfb7474793f15

SHA1
7a6b962114c897ca728da5d4bb221a840420962e

SHA256
f1d838c0888c9ecb26f1bda0daf21549f9092c47797a65b36a35679346d56360

SHA512
21652b5fbb19c97a205fcb9db5e6805791865fb33218d21bcd922f4407c8662b0f8de93723dfc391b36665b46b18b2ae68306a1b93924ca363e05833e5d14dea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe585196.TMP

Filesize
4KB

MD5
353cb5cf360c174a7b1b45595e0c01a6

SHA1
77af10e5c494a8000587eba2474ea6402a8e3320

SHA256
d0d034d8f21e623529eba65ffe57ba8c645b13644c74e88891f6a58d1e1d1f9a

SHA512
456766e66a29b5c10a2ac9465559926ee1ed017d02b5b02ce00629e02e19c87a7c63c4e46c13657cb47c814ae1a3fc1a8f411489fc57b33a422c8c7e0e613408

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1e29ac34497b32b971da37774ef2ab2e

SHA1
99d3b1a597284479827e59a930648cc87d86194b

SHA256
048df3a21d1acdf9c9286e69fb9a0484c716aa738a6fdf44fc082c69eb8480ec

SHA512
95774b111019b7b2fc7ba3c9f722c6dca2cc15d62c20359a41fa8565c745ace0fd43253f176bcfd8f287efaa1c7effae9f91b6dcf400f86b4dfd704abe41658a

Download Submit