ade195731d49f270a68783ea82943d4fc06cff942fe49d14f7750eeddd759a50

Resubmissions

24/08/2024, 06:19

240824-g3a6lsyfnk 3

Analysis

max time kernel
73s
max time network
81s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
24/08/2024, 06:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

genpatcher.html
Size

55KB
MD5

1650e6a40cdd616e6db139625a408089
SHA1

c4ff3a99a1ab275b6d44eef40b31c65240c198f4
SHA256

ade195731d49f270a68783ea82943d4fc06cff942fe49d14f7750eeddd759a50
SHA512

1e69ad9687805ead24dfd959dda6e2e0cfc9325873c882f968f22b484ab25f5e0cfe2f7dc8dcda245759581421bea11f2608138fc66913a498f2735506ad0041
SSDEEP

1536:/oJu04eeUeeeeeIxg0eeeee4eeeejfB0E4JHmPCvNs4K/LJNJNmmrT+:/axgHm62Xy

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2064	msedge.exe
2064	msedge.exe
116	msedge.exe
116	msedge.exe
2072	identity_helper.exe
2072	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 116 wrote to memory of 4768	116	msedge.exe	84
PID 116 wrote to memory of 4768	116	msedge.exe	84
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2708	116	msedge.exe	85
PID 116 wrote to memory of 2064	116	msedge.exe	86
PID 116 wrote to memory of 2064	116	msedge.exe	86
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87
PID 116 wrote to memory of 1584	116	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\genpatcher.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff636c46f8,0x7fff636c4708,0x7fff636c4718
  2⤵
  PID:4768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:2708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
  2⤵
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:1908
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6104 /prefetch:8
  2⤵
  PID:3728
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6104 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:4836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:64
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
  2⤵
  PID:2972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1756 /prefetch:1
  2⤵
  PID:2976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2656 /prefetch:1
  2⤵
  PID:4892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17435020117183843276,12052598743570062871,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2224 /prefetch:1
  2⤵
  PID:220

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:384

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:100

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
848B

MD5
98f13bf853afca5e743ce8d86145643f

SHA1
6f826db8a97d0d12c9a1d1ddc7240bbf1e044602

SHA256
793f08499a3cc2d6fccf9b62234efb7780f664e3a1c44833273612184087f566

SHA512
e54b9f17379581e72e1454e3c9498ff2f66a289e67b5c5465ef1ae0553be505fa68ccb759a1405920f32b97364b78a1e80b3b68867a8fe8065705d23549b29d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
372054e34ad976a65d3660c895fa639f

SHA1
8faa2bfeb25d00723ad8a0663e27aa797313a978

SHA256
a93563916d830f224400848ec66031de6cfdd4855171b757dcfd5d5768455224

SHA512
b58e13fc891095fea90747cb40362864a4c8188d8d7abe8f68dd823e2dbf4dc10a2ce5a915d32064bb33579d025bd93391c89847a89b037133621e705f62c512

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
53d8e58e759f1e54d6ed3aa60ef6c297

SHA1
90a1339b0621deb4caedd83c45daeeb85994ed9b

SHA256
62e0e75ef50771a681e47ffe1f6629ea568c2dc03a1db122cf89e44e4c01ba43

SHA512
1e9f5ce90de383e0af69a5c5ae1b0889d505d7637dbcb8c860aea26bb82d0eebd30d2fbddf6329b7896e61da114278a72fe3fcabaf937e3f313fbe08a791b54e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5031871a52048eeb34588ab7b452c286

SHA1
84dabc5ab0b83a55374e8c8b3f88f47653b9ae44

SHA256
678f80e1eb8be6c6ac7989864a365eace8ca96f6f427d9b336e878367ffec8ba

SHA512
15cccd80ea5df9d3cc7fdcd744779fb3044236abb0b547c3dcb39376467735d82fcefc44b976e441c14277da83a962d0c6c089160f17644f44c8379b4db250ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e2fcf65375db0d5885f6e16d9957e80a

SHA1
07d003f5b33b4352c519bf47538cc4ea8b79e4f5

SHA256
7ede96281c7e0a6bda1f737606f812dbb34961bbb8c0f510218c32b601fe33b4

SHA512
4a3e42ade14c9f0d6d85d501abab921ea62bb60f784588657dc261ffb77e75d952a5254ade3ec0711044c7c7e6ddb0d516d95ec743d4f031b82372b6dfecfc7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
707B

MD5
bd405070791cdd61d10a214c27ec12d2

SHA1
f495f6c7bf7d1c4bea9c811a5ac9384eb93c8cf1

SHA256
83785edfd6355c335ef2fbe8c5cc52e9b3cc102c8bd0c815f7031ab8ef7cc2f1

SHA512
ab7c3290b792f012b6db54c914b1fefa059f1ca14a02a3cf7bb528e1e87bc543fabca6c34cbae5e23709dc6b9d220523054c4352e1717742502da026c0cf5885

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57eb69.TMP

Filesize
539B

MD5
5abe44de15cf02eb0173b67a94510887

SHA1
51f2fb07c686e5ec3815ca60694154059961f904

SHA256
78102ce56016146c47e2a253ac42ea30ffe99bafe1574b2574d1ae413962ba4d

SHA512
961898dfcc6099f54df0b76c4f3d2ddd873b3b5bebecee54850236e08fe116d30c8913f02d5d6a7ddfe28f440d967c0374e7d39f1abfa33998d9767ac4d0f363

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
dbff8f93a411f9ca7fff685eb92893fd

SHA1
0d7c979a473ac4a86639f58603b0b5d38ac22d06

SHA256
10d2c14bf70b6a9460d9bfecc169b0cbde6e52675335c6602663071d1d30b7d6

SHA512
74ba845ac24f27e9c06ebf60355c72a1d08fe81f74a713af50cbba75a95039465b54da6621f21aae8f75fbc69086e69fe1be48b4b68f50186acf79f593084f0e

Download Submit