Analysis Overview
Threat Level: Known bad
The file https://creditoscontinental.com/ was found to be: Known bad.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: [email protected]
Browser Information Discovery
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-05 20:41
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-05 20:41
Reported
2024-12-05 20:46
Platform
win10v2004-20241007-en
Max time kernel
94s
Max time network
208s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://creditoscontinental.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffabb3246f8,0x7ffabb324708,0x7ffabb324718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16383729956648226938,13046809189873819589,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | creditoscontinental.com | udp |
| US | 66.235.200.147:443 | creditoscontinental.com | tcp |
| US | 66.235.200.147:443 | creditoscontinental.com | tcp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.200.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | fonts.bunny.net | udp |
| US | 8.8.8.8:53 | i0.wp.com | udp |
| GB | 143.244.38.136:443 | fonts.bunny.net | tcp |
| GB | 143.244.38.136:443 | fonts.bunny.net | tcp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 8.8.8.8:53 | 3.76.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | maps.gstatic.com | udp |
| GB | 216.58.212.227:443 | maps.gstatic.com | tcp |
| GB | 142.250.187.202:443 | maps.googleapis.com | tcp |
| GB | 142.250.187.202:443 | maps.googleapis.com | udp |
| GB | 142.250.187.202:443 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.130.81.91.in-addr.arpa | udp |
| US | 95.100.195.139:443 | www.bing.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 139.195.100.95.in-addr.arpa | udp |
| GB | 142.250.187.202:443 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7de1bbdc1f9cf1a58ae1de4951ce8cb9 |
| SHA1 | 010da169e15457c25bd80ef02d76a940c1210301 |
| SHA256 | 6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e |
| SHA512 | e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c |
\??\pipe\LOCAL\crashpad_2676_GXXNSUFGLXRHYNOA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 85ba073d7015b6ce7da19235a275f6da |
| SHA1 | a23c8c2125e45a0788bac14423ae1f3eab92cf00 |
| SHA256 | 5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617 |
| SHA512 | eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1768f45a6a921a6a6689d39e0d7d9271 |
| SHA1 | 7670750642fa5fae4b1c95ab556d7dd2c0a1ece5 |
| SHA256 | f2dd05b9b225be82d215346e94e9cd36f3e02d32803c507c7e4d47afd1515a3f |
| SHA512 | e8a8bb0806817989460e8709850abc164523d6afad1ac7007e7686320ba9edce729abb9589684525733b646a37fe92d493da3887d9ba7a8c1d975dcdf947bc1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 55bb4d8de064797c5fdf7c751390a1b3 |
| SHA1 | 97ac6fd172985f9f46dc014ed4812cc20c3774a8 |
| SHA256 | ff82ac56918cce0a693ab613bfdd3d5e1ba03e841a4035574ea23c8653e55c04 |
| SHA512 | b3bd3945f26c9bf6f90ea28fbc1f4294444427e6c7f0cce02dc1f74be91c40be06e70772bd69c60d7c9921acdaa747a5870e40d953935471cf21e27cb0b6c1ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 60fb9d54976f116a72a1b7ca93290092 |
| SHA1 | cb3e54dadaca224e6d2dd90e6e49be59d65d2547 |
| SHA256 | 414b9dc5de6683066231932dff2a619fe038a150b4f451b2fd33faf053795c9b |
| SHA512 | d57fc873bb9542e38f7782e804ea8b4102f06316424439accb071ff0b4fbe9f3bc27d9226eb7a0113ac1e9a6f27651764873a7b14ec91b7c0befec4bda0d6b9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3acfce3e1a6bedbc2bc27b3d78587487 |
| SHA1 | f0a302be9b3943c1cf8dc9005207447a3309ea61 |
| SHA256 | 6ef910e16e57278e6155a0e968e9629c1a2707d054b26e3e8d496408f343473d |
| SHA512 | 53399bd3b3ee11b94159567cff0b5439fe18d5bed349564946e1b1f0943111e8c0616a4b0e9a4cb32210d0f595ad8155dc5f769315de6a8a3a12dd14a53930d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1f636e1dd85576a7a6a2a6f83325ff6c |
| SHA1 | 65d8467bed45750f31cf03d5a0413696946b0fd5 |
| SHA256 | 494a5db8890111d07931908437c05a76777dbb956ee0830a727e4440df4cde21 |
| SHA512 | d1b9e171bb9d915818ee68ffd19813b0052bfa8a59dcb46e4d29705d67aacf0ed3e06f86f3bb02da0a41e9688a94c6ddb83773a11ef685430a22657a647e195a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581f4b.TMP
| MD5 | cf3c3aeebdbd17575a09477dc0783485 |
| SHA1 | 368a3d3c2107008c81a95297a34b6b9171c7590d |
| SHA256 | 98644c55953ff51a14184ee48ff6547a704abb4b41ddbb1863357dbcb17e0936 |
| SHA512 | 99571c888a8cfb703df923af5ba75a0336ed90a877d088094cc567a876ce3824597c60399048a1f02878765201f8be830354d0d5cbb58a0f4f98351c56c8bda9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 77349c4520f247e7908ff7d5fafc6095 |
| SHA1 | 071057d33730fd309006058fa5024099c36cb339 |
| SHA256 | b7d797d36708fd3f71e77d2f529b86e60d25608eca96fcd24d82365d7792ce7c |
| SHA512 | 876d8799fff78347633fb5a4c865d16d584899df46f0a4d80a4351993137b68b0b8348d0289a285755b653dca83ad7e685ce09bb2536dd86be8ac641bf1b7bbc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 94e6d65b5fa62e9bc909c064a891dc5b |
| SHA1 | d5d75aa06e8a3ff04602a4f9336913cc60c117e0 |
| SHA256 | 82c070e5bf758fe6228409443b832a6d711afa9b2cadd73966581fa7a463ad0d |
| SHA512 | 43c7d95b1230e87b1cff77003420cee7fcc127d957a4ec73bb720ff4b3b28bfb4ec822a7baae978d4cf22132fafa59145720f77f1629be7069a0754cb4cd8f12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 48522172bf19615c14d40f810bd5c45f |
| SHA1 | 12994e8cbb6d1e4ab1ad0d5d90970a440cccf749 |
| SHA256 | 1e9e1ec028049e171f8c395a7729a9a8857b6b2b13fbe8a17bbaecd92df300e3 |
| SHA512 | 7faff58b591aa1a54cfc5fec8aef6f0feb09b2af9c0669e6b546d77d307534137131bf6058f66f0144cb94da09ba8b42c1efa586ec6304671c783a17dd3166cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | eac8acb24bdb80dcef73ff95c4763cbf |
| SHA1 | 9b728ab5b99aef0faad89fcbdab47d51e9399de0 |
| SHA256 | ba06db153214c67ec76a3afa3ab5b7285c6db1ce96b070727b7f8a522ee0e290 |
| SHA512 | 108b59090d32df39c3de8628af2fc44378ce398a6fac5071afb548d3ac88c737a476837847ac9068b4417408e0eedd9171db4797850fe5c4812739167a847bc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ebe358258070515f3d0cb98a626f3a80 |
| SHA1 | 673808d5e4220e19690d46431fd232abeaa4acaf |
| SHA256 | c0f200cc8a8a15aa55e55d55023a99871c26493a3519971c6a2f61b082de8e1d |
| SHA512 | ca46e08e96f44e156739beef42cf2aeb00385fb8d13a5a9e97622d675bc5f977026da6f6165800905c67d5c1e8cb334ccc896a2db7d61f3325bb7f1d2ee99e5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 176f1e6e6ec15de7c4e15fbe63c68106 |
| SHA1 | 1838438ba0b4f1cf00815e15df1cdc1a6cc8bd61 |
| SHA256 | 6a772c3f3bdf87208b5ff5fa6e895f5a1ce12baf24d115c417a7f1809585971e |
| SHA512 | 4db914304983d60efc35fb58917aab36b3f60d51a35b338b08dbe1809bfe227d0e648e32b258248d7ed04733a58c5c9d23312eaa82f58493753723b34ce81e27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 82d7ccf50556e33c18fe0be6d8951d5a |
| SHA1 | 278dd29cdd1d641020fdbbbd923ee738d4efc417 |
| SHA256 | e3ce00a0057d08c8a418094693259cd7e847c9e00dfafb488a6628958055f30d |
| SHA512 | 08f8caa4127148b28f6e69893440e9348c7fce50a482a61b5d5e0601fba10311e1df68d7992e234c2d0aa64ab8285353c44825bdcfdd3d9d0db2244ff6072012 |