60e96704f55f6fc002d0f7206bb97acb11ce3217efa35e347123786574747a8e

Analysis

max time kernel
149s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
13-09-2024 23:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

view.html
Size

86KB
MD5

12487612d88f9c548ce44102948f7b68
SHA1

e7f9c0979e545c5817053fb12823d661ce3935d7
SHA256

60e96704f55f6fc002d0f7206bb97acb11ce3217efa35e347123786574747a8e
SHA512

fba90f9e7d9295ef04c57210edc381ca7aff6891ce8e8f213f2d001a64da7e4df577486248c237b8704f4a0e7b1fd3eeb06072ea5f00ae66dacca69e32031e3d
SSDEEP

1536:SfT0TJxP0iCFHf3KTy6wCDNtSBwCw9JWd+1wY:peKe6wANt3h

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
1	drive.google.com
13	drive.google.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
5092	msedge.exe
5092	msedge.exe
660	msedge.exe
660	msedge.exe
1532	msedge.exe
1532	msedge.exe
5036	identity_helper.exe
5036	identity_helper.exe
3068	msedge.exe
3068	msedge.exe
3068	msedge.exe
3068	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe
660	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 660 wrote to memory of 4532	660	msedge.exe	80
PID 660 wrote to memory of 4532	660	msedge.exe	80
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5040	660	msedge.exe	81
PID 660 wrote to memory of 5092	660	msedge.exe	82
PID 660 wrote to memory of 5092	660	msedge.exe	82
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83
PID 660 wrote to memory of 2372	660	msedge.exe	83

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\view.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa1cd23cb8,0x7ffa1cd23cc8,0x7ffa1cd23cd8
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1864 /prefetch:2
  2⤵
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
  2⤵
  PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:1744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
  2⤵
  PID:4240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5768 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1532
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6048 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
  2⤵
  PID:1064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1236 /prefetch:1
  2⤵
  PID:1548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1
  2⤵
  PID:1336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:2484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1728,4599033227572318133,9144092986181630783,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5240 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3068

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3444

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:352

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0487ced0fdfd8d7a8e717211fcd7d709

SHA1
598605311b8ef24b0a2ba2ccfedeecabe7fec901

SHA256
76693c580fd4aadce2419a1b80795bb4ff78d70c1fd4330e777e04159023f571

SHA512
16e1c6e9373b6d5155310f64bb71979601852f18ee3081385c17ffb943ab078ce27cd665fb8d6f3bcc6b98c8325b33403571449fad044e22aa50a3bf52366993

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5578283903c07cc737a43625e2cbb093

SHA1
f438ad2bef7125e928fcde43082a20457f5df159

SHA256
7268c7d8375d50096fd5f773a0685ac724c6c2aece7dc273c7eb96b28e2935b2

SHA512
3b29531c0bcc70bfc0b1af147fe64ce0a7c4d3cbadd2dbc58d8937a8291daae320206deb0eb2046c3ffad27e01af5aceca4708539389da102bff4680afaa1601

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
041179b664b74e611b535f1b23e6e10a

SHA1
fd7e4b32717058b66f1138349301b4731889f0c4

SHA256
880477191b60d30c1fe80ed25b6c198b94f79a7a131a60436b0653447c781a82

SHA512
4f653151386cb9237935fcc60765652ea048bc3624aa39579999a3814bf9286482cf8ee7382be56ad78c1c00b56fc0dd5853d0d2222a3f24b3937ff9067fda16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b4888bed36d36fddb3afa10eb3127194

SHA1
26ff2ae5cc03b50ab7fb95059c6d02f41aca40d4

SHA256
ac8714f77087ccece8439ea23e5222017381f39081bf6194e278ca59d683b2b6

SHA512
a10a24f0ea19d8b779ab89c430f7c9194dcd866dc37bbb7862f6326bf55a1272f77fd0db61888a6c6b8d0e640ad3d5551073c02646843e49f9661db6e3f552e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
1ccb77fcdbcaee9294fad9b387c43c40

SHA1
784d274b03a6c413a695916cd6e9d7e2cde1df84

SHA256
4f4f21c40b241dc7e7d9dbdecfdaaed6f400bf8728bf2efa71815671e35ae908

SHA512
c1b83fbbed1bc66f04fb95d82b6e28e8d140bd6880b9a4c0ace521c5c4831575d695dcb779ee4f7e45af01bd97185f2ca202e8fed65557865c651c5c5b492097

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
56fbe48050b3b14c198736d149c78924

SHA1
81fe225c2a0ff3c67f6da17d85962dc03c8e4e6d

SHA256
ea4951c3b85565a08e37c52815072c4fac163f127d102eb2246617c0a8b5df27

SHA512
3be7154fe080097cd532984a8e0ee6b3963ab576a2912d395fddac117415459edfe9c2a9e59c20c78eb16701e0c366819a9f721b425ec457663dfe6e21e3f412

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d08264dd7a5964a825abeb60b0465907

SHA1
320156c3f50f9975932ff1f3ad3d243156996206

SHA256
d3d294355a564e243d3cd7ea276e1284c7d27c4d21e3bd0b1242b7c0cf25d94d

SHA512
4765d7c55d96d40f49f5b0e4eef0a70281dc9f6b66dce15c04a8e071178b38165fa953894fb307583fdbffdb297cd5fb21afa0d68631963994d9c66168981025

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
e0efea60bc837617142b35851415bcd0

SHA1
12def8ad6502f27e6063065962bf5f596e2a7043

SHA256
37861ffe9c3d9e3037d7c8dc96057ab6d02f6c89360872436a8b4cea3c1b1348

SHA512
9b9caaff083efd60456304fc8be935e8181cc8d97c29e71657c9b71495cb46ae54fd05b60d55c635a6105aaca13685492302bc1d81ed094b27254b3508c4cf1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7852b28859884167572d88aae86ef7eb

SHA1
130cc2cfe7466003d3f2d0f5f01687e89c63e134

SHA256
f66699999b81cd7658d0d088853bd6939a051a20228edd597986288510fc91a0

SHA512
4b952c0be801cd981c80fb49e88a34bc6460b53fa0714cceb682d03ed852240503c80a950f2bd5179cdb5c57c67808665cce8f16875b7323bba35609bd6a7889

Download Submit