hxxps://www[.]geeksforgeeks[.]org/

Analysis

max time kernel
150s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
04/09/2024, 13:59

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://www.geeksforgeeks.org/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3760	msedge.exe
3760	msedge.exe
4100	msedge.exe
4100	msedge.exe
4920	identity_helper.exe
4920	identity_helper.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe
4100	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4100 wrote to memory of 1932	4100	msedge.exe	83
PID 4100 wrote to memory of 1932	4100	msedge.exe	83
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 4412	4100	msedge.exe	84
PID 4100 wrote to memory of 3760	4100	msedge.exe	85
PID 4100 wrote to memory of 3760	4100	msedge.exe	85
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86
PID 4100 wrote to memory of 1752	4100	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.geeksforgeeks.org/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd8d7d46f8,0x7ffd8d7d4708,0x7ffd8d7d4718
  2⤵
  PID:1932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8
  2⤵
  PID:1752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:4360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5176 /prefetch:8
  2⤵
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5176 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:1468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:1364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1
  2⤵
  PID:3908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,9530233637984861271,2673250905208429094,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5780 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:216

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1552

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4248

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ab8ce148cb7d44f709fb1c460d03e1b0

SHA1
44d15744015155f3e74580c93317e12d2cc0f859

SHA256
014006a90e43ea9a1903b08b843a5aab8ad3823d22e26e5b113fad5f9fa620ff

SHA512
f685423b1eaee18a2a06030b4b2977335f62499c0041c142a92f6e6f846c2b9ce54324b6ae94efbbb303282dcda70e2b1597c748fddc251c0b3122a412c2d7c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
38f59a47b777f2fc52088e96ffb2baaf

SHA1
267224482588b41a96d813f6d9e9d924867062db

SHA256
13569c5681c71dc42ab57d34879f5a567d7b94afe0e8f6d7c6f6c1314fb0087b

SHA512
4657d13e1bb7cdd7e83f5f2562f5598cca12edf839626ae96da43e943b5550fab46a14b9018f1bec90de88cc714f637605531ccda99deb9e537908ddb826113b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
1KB

MD5
04cd20376bbb030aec620637c04bbea9

SHA1
cbb28b844390b0a8d0aa18f16aa592833afd86ed

SHA256
700a8563ec795de3ceaebeee4ddf72cdee7ec982f1df7d50a74a7710d46392dd

SHA512
516aa885b6f3974fa34dbeb53619fa0dd364a3f0b8e759230ddc16853cfb02793dca6c561d5dd448c64d07da49ac7cd9d23da50b470f1b9c1bc2e04a1a888ed8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
1890baed88a0ba75cedc0a77cc512799

SHA1
ad7ed3f45b40f44516051609eab08a817ac16761

SHA256
55dc7b71ded34085d5b216680cfc79c3489bd5f64cb784512697684813b5014d

SHA512
fa3529fbb4ad149cb6ca82ab24090aa7d6f38fd2d5ed3015eba3e1b39dc250d27448404900a6ee1a981277626226e841e31473959befc7f29cc3776af1a4aedd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
099036d7f03cd3d5ee96f3202325dde0

SHA1
3317cd30e0a7f585029fa43a2753ddf09222d1b5

SHA256
eb2932b6d6453c398215917131dc6356bfcd753640a2e00bc22535060f96b1a0

SHA512
0cd426e4e8b0c557e8419f513284e0994a6a95853bb1ab6e0629e7731b08e2158ee16c4f905d92d0684905c48799108ffdac1a866a3270cbb556995cd204fdb7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e0d5becfe4cf35cd9f656c4a5827dc18

SHA1
3a8ae46473ffc2d8ab6238dff68ed1546cee6d44

SHA256
f33509bc7d743925f2ed8111823de70eae7a3aab4a7d53724237ba96080e3099

SHA512
99410a87cae81df8a486b886274b511f0321c481162e9d8ec79a4a05718201b29decfabe9b2ab0a4af8406e965dc792878002a79b84f0f61cb8a85a7bc1e0d01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
dbc485157339a32e71f97fe9aaf36ba9

SHA1
8834c9b431b24d329669e373f92e1193991e97d3

SHA256
734752bf0c69dc745f0ad86471eabf9784faaa8ca0fc1c7ed06a00b258013123

SHA512
94b068f46f9802fc4bdda2330c05696c4a1bbbb2a0710d96bddf538ea34a82758915423fb8001833a0775e569c840f287aa87f061db4d01773ca4b6448d95f65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
cc173a314bbb69f8e7d2e16b7e963919

SHA1
3545cb7213489f8663ffad96c893cd664e6029ec

SHA256
7fd1100a0f2969638fe69bf2ef3918596f04440d8d12ba4090478a6fe12b8ba1

SHA512
632c42d1ec4b3bdf2e49bfcc0e3984b8b4b48522fdb8d80e077bd9104767eadc38a07641803541b5afa30be6303d22071264dfb1dd95293c945f57490c7e620c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
effafab2d6467b2edc46d938cd4f8164

SHA1
fc0934017faf653f6b85a9401be1fdc64529282d

SHA256
36bcf1d62c14bd6d418d63170287f28f90e407b2fe47dfde358a148d2b096980

SHA512
905cb0d8e6937d085ab7243984a4961fd60f7d24d32cd6e224bf067a65762285a45174e639db2649639e527d61b53d7bbaa2bdbcaca2dca852e3642e33b0286f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57db9b.TMP

Filesize
702B

MD5
159ef7056c31a64517bb79ad63fdd550

SHA1
c74c8bce8117af282c884405a40b120febd18b75

SHA256
04d469c4ad6368532df775842a3351db41a907c31d3c47987a63f416de2c3996

SHA512
b165706b8e7b5d715d0c51a8ebf97521d5f9ffbbadf9ffdcaef7b924138a998138e8a6ef0588bdcdc73ee6ff6b08b94abc34f8c0c96b8dcbcbdd13646370a43f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
1917b6b6a5590e2aa3c7e73404296125

SHA1
aeecc3fcd90f2a21c78c431e177148bc7ec91ca6

SHA256
cbd3e064c8714329e9ffe22a74d4def816120a5eb3345a5d747f81a210fd44d4

SHA512
0446b4be5bfd98eac3b4550af445fa0f87927717fba1b091bca4744704dbfb77da2b993ad98017b868aea0754b17dec9960ff2716f12af5e82123e009366fecd

Download Submit