400d6ec1de298a13eef1866dbf9e6403ab017a9ef80f6e2b9a15e343615f65c5

Analysis

max time kernel
145s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29/08/2024, 13:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

trial_vegaspro20_dlm_z72jp2.html
Size

7KB
MD5

833d51783e683a84ebbb6669dbf086e4
SHA1

2a7be07f74a835e1fd7d30250ccf8b7a391c497e
SHA256

400d6ec1de298a13eef1866dbf9e6403ab017a9ef80f6e2b9a15e343615f65c5
SHA512

b0c163d7af1875f2227843829c932768ec51b53a3bb4ce3e69498616f2f792de03e7a295c07386ccfb01bd38df1fa1bb32fd7f7c39c11a776318e9ff60f3ad3f
SSDEEP

96:pIm1m0Myh8xR202xsUNlAKU1Mu9urvIFuHO2PrpQH3DQo:/m01h8xR202eUNlrju9urwoOgCDz

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1488	msedge.exe
1488	msedge.exe
4028	msedge.exe
4028	msedge.exe
716	identity_helper.exe
716	identity_helper.exe
1016	msedge.exe
1016	msedge.exe
1016	msedge.exe
1016	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe
4028	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4028 wrote to memory of 2324	4028	msedge.exe	84
PID 4028 wrote to memory of 2324	4028	msedge.exe	84
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 2784	4028	msedge.exe	85
PID 4028 wrote to memory of 1488	4028	msedge.exe	86
PID 4028 wrote to memory of 1488	4028	msedge.exe	86
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87
PID 4028 wrote to memory of 4456	4028	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\trial_vegaspro20_dlm_z72jp2.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe54e446f8,0x7ffe54e44708,0x7ffe54e44718
  2⤵
  PID:2324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2656 /prefetch:8
  2⤵
  PID:4456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
  2⤵
  PID:2140
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5880 /prefetch:8
  2⤵
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5880 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
  2⤵
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,16612898333846831653,11542092699939284535,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4884 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1016

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:400

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3652

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecf7ca53c80b5245e35839009d12f866

SHA1
a7af77cf31d410708ebd35a232a80bddfb0615bb

SHA256
882a513b71b26210ff251769b82b2c5d59a932f96d9ce606ca2fab6530a13687

SHA512
706722bd22ce27d854036b1b16e6a3cdb36284b66edc76238a79c2e11cee7d1307b121c898ad832eb1af73e4f08d991d64dc0bff529896ffb4ebe9b3dc381696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dd2754d1bea40445984d65abee82b21

SHA1
4b6a5658bae9a784a370a115fbb4a12e92bd3390

SHA256
183b8e82a0deaa83d04736553671cedb738adc909f483b3c5f822a0e6be7477d

SHA512
92d44ee372ad33f892b921efa6cabc78e91025e89f05a22830763217826fa98d51d55711f85c8970ac58abf9adc6c85cc40878032cd6d2589ab226cd099f99e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
b9b415a4acf806a75f231e345b4aedfc

SHA1
e964f0d8bc7e1e07c92ede5b432cefb3267195db

SHA256
6e3777f6e73af4be9a9092bb12b06c53f82881226550ad512a46d7346e11c399

SHA512
3cd216a3260029dd1f38f866fca96ac422242d8fc4440fb11c9567fe3bab081bd18fada5666e7c3d34effe1acae81d13c00202db5c92f39c776debc60dd993b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5a7c90827dae09acc4ff5dcffbe4e651

SHA1
ea6ed051d6788a6faaaa72a47666f17e1732680d

SHA256
7e1b066f2dd46944cb40b963799c0047f687be37e494dc882252e14c20e8fad3

SHA512
eaa1355c124ad17a5ddaaf84d84530ebadd4c2b8d8c50902e2b8bc080e2d5451fe238b73d0b049accfde32cf1b051bc4ae4064ac5b33c1e9bab181bee60e6c51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
eb38897e492bf6e152de2b0c8abefa30

SHA1
36c638bd513effd6220652b4a5082995658103f3

SHA256
e1d99c50fdf82ba78ae907c21392e203ffbdbd79b5166975b06929a71b6e106e

SHA512
3395cea9cf85a6446b668b06523225a3f4828188a0344de50b122172b859b5269e6ade2876b3f567b282e5089c9dabdff7f8c39318327a3d398a95dfdb22a025

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a7d7297f9d0ce34c67fbeafa14d0bf5c

SHA1
5b8554a5fb9525d850f5f157ab7fcdeeccddb629

SHA256
067105d82695d9c066a2db81f596ad86eae5b212ad958ca6b7d2370e199e1038

SHA512
b0cea4add155dd99bea6f52e1660b0484e98a2cfcc8115676433a8d4e91898ea80dfad1b08b1954c260a62ae6fc911ed6f90adbecf7dc012e1a38271d07b8b2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
498ab051a705e9c48802722690b1627f

SHA1
1e7af367e67b9847617203c30195db1fcb557e5d

SHA256
1653f4fe66f3da9a0cf93ab12914da6984b89319bab0b0707a11b09b6d61e662

SHA512
31cc18310938d0323360582460ff2fc33507e7456d58ee2ed735d6bb2974c5f8c079bb28ae899ba8f5b1b3a02bae18913f32137e748ae58b2002dbc20e3ddda0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
e12dcf22b815524aa00765288b7c3263

SHA1
326106155f2c7a2a3a1d6fdf2af9f51e1bbc71ce

SHA256
036978453f237e7f164526b551f3a7d90490ce1b286025c674e3ecfdfc254d77

SHA512
1ba89fc34ca800a3ca13a71d0a0bc27dfd158b9b7c4d98977809fd15d4c0bf360f8b0de953c4d36d17dfc9f199d5d173a5620700ce9ee3ca9361c21f50afdfbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
efa0466b0ee124bd652ecad177f79103

SHA1
bcd2a185399e66e7f5bb2c033347fa4673cb500f

SHA256
f6b9f41cd9816519a9541e61c0920f30de400465f4eaf55ebd7746a6ce5660e2

SHA512
0e52f1d72a4b531b0d4d07fa50f6d90c7111c64c83c3e173974b9f3b850a72cd61090ffa8ba685379af9f6ab05c141a0fa223382f723d605b0f1edf414df477a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5822d5.TMP

Filesize
370B

MD5
5ef7dc8200e5879da60351307e4d44d0

SHA1
db5d17592dec0be9d9e0fee4c5d000480d6c5f5e

SHA256
7595e23fe54758babbdcb8128c950d9c114403c9e3400239872fb5b3ffa957bb

SHA512
b5ae49c157041f03243a9a77ac9a38f29ab6c1228f6cef9f30ef3ae865db32ed2c849d9f636e0de100f746331048087d3b88c2b44ef7de3cf53432f1d5a3f602

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
3ee92fbd6682512d112c46021cd6b61f

SHA1
b258849fc09c1aded53baaafa48af85b84e0bbe9

SHA256
db2996fbcebb63715d3004b42675cb884334d36566cc3f25a9d3ddc6ed5bdb74

SHA512
ef7c134657623118f8f140178ed940581cfbf830771f0c72ee635aaa462b05f30160be3475c17ebbe7959c0d026716aaa0204a072d79378730cc59d976b7f9cf

Download Submit