Analysis

  • max time kernel
    149s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-07-2024 23:16

General

  • Target

    .html

  • Size

    2KB

  • MD5

    9db8dc152e6c8399b23002ea724594ee

  • SHA1

    d5da3891a3ad4b624a05ecb699de1b67b3501c62

  • SHA256

    d3bf30408ebdf9da381d8478ee14cdd15662a19973cd04a6050fc672f8e447a5

  • SHA512

    b78a7bf1e70ce870a03f43fcca4a2ed47636220fc5028a598abd61a787da1ebdac7ef2c8ebac7a6ce728d88445bec9590b212c07b9dc7acaaa146ad284531570

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
  • Suspicious use of FindShellTrayWindow 51 IoCs
  • Suspicious use of SendNotifyMessage 48 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:920
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa7d0b46f8,0x7ffa7d0b4708,0x7ffa7d0b4718
      2⤵
        PID:3588
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
        2⤵
          PID:212
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2580 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4208
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
          2⤵
            PID:2884
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
            2⤵
              PID:2816
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
              2⤵
                PID:4048
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
                2⤵
                  PID:5052
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
                  2⤵
                    PID:1732
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
                    2⤵
                      PID:2096
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
                      2⤵
                        PID:2052
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
                        2⤵
                          PID:2088
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
                          2⤵
                            PID:1512
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
                            2⤵
                              PID:436
                            • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5860 /prefetch:8
                              2⤵
                                PID:2180
                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5860 /prefetch:8
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:2280
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
                                2⤵
                                  PID:2260
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
                                  2⤵
                                    PID:4836
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,9829773888079035546,3203950064260555845,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3732 /prefetch:2
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:2728
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                  1⤵
                                    PID:1096
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa7d0b46f8,0x7ffa7d0b4708,0x7ffa7d0b4718
                                      2⤵
                                        PID:1208
                                    • C:\Windows\System32\CompPkgSrv.exe
                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                      1⤵
                                        PID:1044
                                      • C:\Windows\System32\CompPkgSrv.exe
                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                        1⤵
                                          PID:2580

                                        Network

                                        MITRE ATT&CK Enterprise v15

                                        Replay Monitor

                                        Loading Replay Monitor...

                                        Downloads

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                          Filesize

                                          152B

                                          MD5

                                          6c86c838cf1dc704d2be375f04e1e6c6

                                          SHA1

                                          ad2911a13a3addc86cc46d4329b2b1621cbe7e35

                                          SHA256

                                          dff0886331bb45ec7711af92ab10be76291fde729dff23ca3270c86fb6e606bb

                                          SHA512

                                          a120248263919c687f09615fed56c7cac825c8c93c104488632cebc1abfa338c39ebdc191e5f0c45ff30f054f08d4c02d12b013de6322490197606ce0c0b4f37

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                          Filesize

                                          152B

                                          MD5

                                          27f3335bf37563e4537db3624ee378da

                                          SHA1

                                          57543abc3d97c2a2b251b446820894f4b0111aeb

                                          SHA256

                                          494425284ba12ee2fb07890e268be7890b258e1b1e5ecfa4a4dbc3411ab93b1a

                                          SHA512

                                          2bef861f9d2d916272f6014110fdee84afced515710c9d69b3c310f6bf41728d1b2d41fee3c86441ff96c08c7d474f9326e992b9164b9a3f13627f7d24d0c485

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

                                          Filesize

                                          17KB

                                          MD5

                                          99a3ed0efd1b75bd2b0afd55ec10d2da

                                          SHA1

                                          0c9a7694c5676f36bf2a9d78a6ce8f20f696fdb8

                                          SHA256

                                          98161ba81eee513e8cc18c732ba44a1790ffb14dd7ed69e8ac54d468e0cec95f

                                          SHA512

                                          ba08c7aafda28c79a84eae2d64676667881304234b070764c109bf0d5e8ae0a39c29f26a0f3dd14acae384dcb038d148e6c132082a58f8ef09f8d7818132f8d6

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                          Filesize

                                          1KB

                                          MD5

                                          d4052cd9bb6d498435aa4c4d4f171299

                                          SHA1

                                          380ddd7ca5e8d07edb4717e9479263937ca404ce

                                          SHA256

                                          1bf103ba001e4cfe968281c6a96dee8fa4144a490205e3c760534d825797ff10

                                          SHA512

                                          697c8fa37b96e3a3075d7ab34beba9766d31398d9dbb8da6e1192df1b6f25cb4fc74766363c6ec76b299c6c4c4332ac7cdab1a9f2b4788604fa5b4866dc9cc86

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                          Filesize

                                          798B

                                          MD5

                                          7958cd223bcf39de356305301ece5d0a

                                          SHA1

                                          d1f68d7074f531e61c53c812851e7d27579364f7

                                          SHA256

                                          9273d93c2190d29452e241ace4eded74a3dc2d85a420f6911944e2cb3de30290

                                          SHA512

                                          a2b0c18c00b0f1514f2c0b277a8aa639f79c3e895ff7f09cb3acd11dda0d08477ba3168f88f9b30a3c5d99e98ca42b903dcd960d54eb61739c612ab20f3cbd65

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                          Filesize

                                          6KB

                                          MD5

                                          925404f727992eb6195001755160fb73

                                          SHA1

                                          793a7e8ce0bee02cdb7a244ec9d54b41c64c8720

                                          SHA256

                                          c2fee6c7af51b67b7498eb521f264655b8677c465b1340a435558a487ceded03

                                          SHA512

                                          33d564a436f12dc94f49afa235ce53e9561ad5fb2dcb40eeab2b2da187a04dbe435f60a5864c1dff779fbe397dfc4d6a6441204e2b4aefabdfef685918111edc

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                          Filesize

                                          5KB

                                          MD5

                                          0dea6520715ed5510d95242ff2e64997

                                          SHA1

                                          729f23a220a116006a744c6508235d71514e4dea

                                          SHA256

                                          49a248184dd82f0a9a28d6bd465244636fb241cbd1bb08715d8ab22bb7bd2cb3

                                          SHA512

                                          608697bf3eaa25d1094d490f76ad8b661c7e1b39657231689066511f279e3d0eeee94dbdec0edd2bb888fcf625dd371e8e4cba0917e1584c889e5f0e7ff81c3d

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                          Filesize

                                          6KB

                                          MD5

                                          88d35d0d2721349e8014aa24365adb68

                                          SHA1

                                          f2dfa5150870e594e6115ebe0a69147ce7dcdd1f

                                          SHA256

                                          52de8f8c4704b66da5abecdcda691f36f5cb04e692b2d6ef451f712389e9992b

                                          SHA512

                                          1b604f197be6dc882d77c249bf5c2d55484035d1266e62d149709236816f4e92e285be1d9680670798a74e42f5c885a014ccf8d704e0c54793348ac553a10992

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                          Filesize

                                          6KB

                                          MD5

                                          1c91d97a8698e2eda91b79e2bfeaef71

                                          SHA1

                                          21495b6fc83804c73e608e7d768fb1c96a00363c

                                          SHA256

                                          f4c70d2a68d7daaf3ced37804bcbe6843bf7dade42a4bd297190b430e529d6de

                                          SHA512

                                          591febe2188a8d21096c81cbaa48e5f81ba30ece578c36cf73a32c4dc4c872adc1b6bf57c3be3c491f1c2be75a35d93ab063151192047779f684013ddcd86fdc

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                          Filesize

                                          540B

                                          MD5

                                          47a94fb56e9b3e97517ede3a55deff06

                                          SHA1

                                          13617b0bca598ed5c6debd167ae9c90062495079

                                          SHA256

                                          af9ad2ae1dea06c175870e3f561bf9207fb3a4839f4c80848a582edebe21ac3a

                                          SHA512

                                          1d06b8a8072461119e6433dd37a87f39c6c144c33691c8664d6584c61531a95a1d8219b16bb1e179dd940bed8ba750151e03687b6a27d6822c8d9784f7e82433

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                          Filesize

                                          707B

                                          MD5

                                          fa26c5db978c9d563375fc3546d94ba8

                                          SHA1

                                          6ca412e6d5eba9e52e7a01b8ae8d7aea59eaa42d

                                          SHA256

                                          b89c3ae26e880163a3aada76178b6c3af4ab26e16b08e0612903b236c5c52988

                                          SHA512

                                          a65f09d8235c2dbc0cee637b52b0f10e0fd76fa4b98eacc13e530ff65ab6bfe368d711b4b4c160d7fa29a863f32a84c5c0bbe742294a1e80f51db6f1b21462a0

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582bed.TMP

                                          Filesize

                                          372B

                                          MD5

                                          9dc51a2519cecd440f7e390890e42fb1

                                          SHA1

                                          cd85503e158ce6c16f5766a3946b570164060816

                                          SHA256

                                          39e93dfa5e941fd09a20d1ed85e3ed88e1d2feca68408616fb12a98c0d843ffc

                                          SHA512

                                          7a8f129768964f4f2893431568f3c613009fc41dda714526d0a07072f4b7358756c5e9d98652cb02faaa1be64a6baae82ead77eb6c4774788b17136282a8e9b8

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                          Filesize

                                          16B

                                          MD5

                                          46295cac801e5d4857d09837238a6394

                                          SHA1

                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                          SHA256

                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                          SHA512

                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                          Filesize

                                          16B

                                          MD5

                                          206702161f94c5cd39fadd03f4014d98

                                          SHA1

                                          bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                          SHA256

                                          1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                          SHA512

                                          0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                          Filesize

                                          10KB

                                          MD5

                                          0d5f2d0499f6fdd43fae9909bd853a65

                                          SHA1

                                          73e5ac5062f4de6fc331848ddf5ad2cb7a8a2aee

                                          SHA256

                                          0e2415f460bf923958ca06be1a240f8077c60708b3da6f46817d7cfd18eeb974

                                          SHA512

                                          4fa3f1d1bdc3e96e6edf10c7073e21806039dc6041d37b3f85881e2108c6a932b97370176c1767ff3822e5ec3f13ba0cd2c0afdb9508bdfb48e5162923f3a82c

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                          Filesize

                                          11KB

                                          MD5

                                          63017e9b9f5fae5433811615c8d1d8e1

                                          SHA1

                                          b36684ac921213aad1c53a9eeefcd06cfeb33fb2

                                          SHA256

                                          8a41b28e5a4a49d46bd0cdade75b2beda3729cc659c4c893579741b5030f5a98

                                          SHA512

                                          1066068cf4c26778f20d01a9d03853bc3b31f05668994b0d2eda8fbf730a3fc44c95c4e5c8129ebec39d2829f416fdbc474822ec3a64354ed7a1a50bf4d1920e