f0902b35b8a173f9deac8c5330aed6a2598e3da7ac6aa3c6703dbabd322e1c10

Analysis

max time kernel
113s
max time network
114s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09/10/2024, 20:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f0902b35b8a173f9deac8c5330aed6a2598e3da7ac6aa3c6703dbabd322e1c10N.html
Size

86KB
MD5

f31c219a49cca21a5bee5f5cdfd80980
SHA1

97900740a5a56a0bac627f609aa4c36e0edcd6d0
SHA256

f0902b35b8a173f9deac8c5330aed6a2598e3da7ac6aa3c6703dbabd322e1c10
SHA512

3c6ed8dde58acdfe18e4062b136a25360f838193563249b59ab0eab4134d0a1c6e419296c686fe9834db3219659a5110bbeac968bb2e8a641c9a75830df57dfc
SSDEEP

1536:tIRIOITIwIgIiKZgNDfIwIGI5IVJ7SqIRIOITIwIgIiKZgNDfIwIGI5IVJ7SZDTd:gDTx5Oo3lCD6ebXyDpYRuIezSKpSuaiL

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4820	msedge.exe
4820	msedge.exe
4044	msedge.exe
4044	msedge.exe
1624	identity_helper.exe
1624	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe
4044	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4044 wrote to memory of 4624	4044	msedge.exe	83
PID 4044 wrote to memory of 4624	4044	msedge.exe	83
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 2852	4044	msedge.exe	84
PID 4044 wrote to memory of 4820	4044	msedge.exe	85
PID 4044 wrote to memory of 4820	4044	msedge.exe	85
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86
PID 4044 wrote to memory of 4460	4044	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\f0902b35b8a173f9deac8c5330aed6a2598e3da7ac6aa3c6703dbabd322e1c10N.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcc2d446f8,0x7ffcc2d44708,0x7ffcc2d44718
  2⤵
  PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
  2⤵
  PID:2852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
  2⤵
  PID:4460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2876 /prefetch:1
  2⤵
  PID:816
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 /prefetch:8
  2⤵
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
  2⤵
  PID:5068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,10453356579796353873,3389367475011692214,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
  2⤵
  PID:2344

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4832

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:224

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1112

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
85ba073d7015b6ce7da19235a275f6da

SHA1
a23c8c2125e45a0788bac14423ae1f3eab92cf00

SHA256
5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617

SHA512
eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7de1bbdc1f9cf1a58ae1de4951ce8cb9

SHA1
010da169e15457c25bd80ef02d76a940c1210301

SHA256
6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e

SHA512
e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6ae4c6c4-ae45-467c-b7ee-8c2c8c7ce563.tmp

Filesize
6KB

MD5
d2f562f46abd682c69f1335cf5093637

SHA1
92f5131cbf6dac4276d1dc208ce56ade9a9b2daf

SHA256
abb8851ca1fbe91ef4ee162d684880d41d6ed1435ee0eeb63cae073797af7581

SHA512
d16040f5c80c20e7a99f5792b4ee8fa0b3a88a1871a166e28aa31ec1c21e1ab44b475b1a10ceacac7ffbcbc1da8c873ae8d518f6c6e1eed7f557d642085eaae6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
47KB

MD5
56a44607861eed852e6334bab70443c3

SHA1
1fae354a2e2bfb95bb5f8b71901ed3bd5ebc7339

SHA256
4c28f57be6ecf8568c9d2c1509ecc2cc194a2961e2d2638a70842f0315e5a0fb

SHA512
b190d47b8cfd9c482f445afaa9e9e2e112a3ba83110a897da024de476ebf41e14801d29daaceed26f1be12a398d50f7ee9ef558f0f2e706daf894cf93a9c0f83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
19KB

MD5
7839475063d3404f334ae1e5c3eef61a

SHA1
b36326d60b46b46c612719b2171accf17ad1be0e

SHA256
bffcf0cde0eee913389cdd1127ff1f227c53cb69ffdebad139959617d90b8aec

SHA512
85d221697161d714f7aa296b78bd3f529f7cca12ec5bf320d61faa2b6d5100a3fff12ad0f5856ea0c2f69327ef76b2f0750ca60752e2b0714796cbd9cb007cbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
98KB

MD5
82934e4d876b2b0d918437893542c869

SHA1
3499a9827c7a4922d801c64ee245fa30110e9a4a

SHA256
a873c919e4a5725e9fae2f5c856258b53b8d9007799d63c90eb2e9b55167d386

SHA512
d68030ceffe52527f8dbd092a81633c5184414cc52960870a0aa0ba817ce121b965edb666d3abfb5817e12bc6d9e4540b4580e71cf324e4e48b6a9c4bed7bf3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
f76b00117a471bd5986e22034678a719

SHA1
71f6bc2894e27660219ded43f9cde12ab193acdb

SHA256
051c1a54a4e85994fa101373ad1636376ab79a2e5bf0bd96fca061e609244728

SHA512
d03c1fbf8405c4854f43a9f58b9de881e677acfd0a16d4a9a982ef8ea87d1649501e7c66fd4d771b085068237b27fa5f089851a223cba4661e1d5e5178c47cac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
92e7122e8afb83e10191cb2d997998a4

SHA1
bac7749be36fb1be670d5ae044626e651ad45b3d

SHA256
6e66b296582cea7bd314bc78bdf5dfaf6b01cfa7762132c7854be8a85af7b00a

SHA512
3fceae97a761e3f10fbc1db301b60746929d514548fc49e7daeb5986504f73f0ae431778a4673e233f4ef98044ed3521982356ed2c2e8f480a7e4bd57eb0b3c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ae627b7693d611a813fbd60614ddea9c

SHA1
7a9b89b756144145cff56fe19c99451e8938a317

SHA256
02ed3e79375f1054e506722c89216ba233dac802a9ff1b1b69b4f4df5e2e2f3c

SHA512
ab77e2cd2a4f56a7019e2e278d9463d1eae9ba1caeaac3d7af2d0dcc01abe9a218bc935381de015f816e2878b30f5121b550416ec3897b835d1b19150b444dc2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
99cbfad068f97a1a5351b2f0a2a8b3c3

SHA1
1f1c0243a3185f30e22fb3b72ab085e295c3ded3

SHA256
cff3b361092b8620cab43bf6bf2579bfd146b7164c4a195bf70dc0c4744aa188

SHA512
9ba64f944c476f6b98eb087cb3f790e9d89e1afd38172b7480b723b64a9a141808871a9c4adf896c1f45051810ef4f97254cae50ffae9458d32633999b45353a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
1948d53b0f47338b6e0d6b3809803dff

SHA1
9821c34f144be5c4f6217bb1d5bd6875c341c310

SHA256
545f4e4a89041f2a8704443458a9026bebb8546191d1df3b8ce4d485aaf0d9fa

SHA512
cdc33d3a0fd08ebb54b690ca062ce04b8e191c4cdb59ef898a3a942e8a74cb2889493e187b79c733a141aa2deaef68ee9fa5e686c285ff84c7f86afdfe2c6852

Download Submit