hxxp://steamcommunity[.]com/gift-card/pay/50

Analysis

max time kernel
41s
max time network
43s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
16/12/2024, 05:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://steamcommunity.com/gift-card/pay/50

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 7 IoCs

pid	Process
3068	msedge.exe
3068	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
2660	identity_helper.exe
2660	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe
552	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 552 wrote to memory of 1468	552	msedge.exe	82
PID 552 wrote to memory of 1468	552	msedge.exe	82
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 4680	552	msedge.exe	83
PID 552 wrote to memory of 3068	552	msedge.exe	84
PID 552 wrote to memory of 3068	552	msedge.exe	84
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85
PID 552 wrote to memory of 5080	552	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://steamcommunity.com/gift-card/pay/50
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff927b146f8,0x7ff927b14708,0x7ff927b14718
  2⤵
  PID:1468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:4680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2592 /prefetch:8
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:3788
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
  2⤵
  PID:4036
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3636 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3656 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:1
  2⤵
  PID:3008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,3680444274286001727,10654852632477789136,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
  2⤵
  PID:1076

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3416

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3692

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fab8d8d865e33fe195732aa7dcb91c30

SHA1
2637e832f38acc70af3e511f5eba80fbd7461f2c

SHA256
1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea

SHA512
39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36988ca14952e1848e81a959880ea217

SHA1
a0482ef725657760502c2d1a5abe0bb37aebaadb

SHA256
d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6

SHA512
d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
36KB

MD5
80c484a058ca2ae0f9bc62a38223d496

SHA1
8315360b781e7161b79df6bc8def9a66db7530a9

SHA256
d7530b224b4842c08b3bd6e33a059d33cff50653f06b3080504785c6c3997c7a

SHA512
5b3aa4494da9bed0fc7e7fefe00e8343e3e63322b7923bbb959a0d274716da283cbea5ebc4b59f4e508b8167c32479ffa3ce8b36465c6563bc20101aad9f8608

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
2cd9352bec2fa5dec55ef99302bfe5a2

SHA1
b24d76cd835f6bf2c6b5b8f99c28567c318d4404

SHA256
2d90f1fce99e8b7c7449f91a3d9db5efb1f06223e62d2c825ebda8e762cb4ba3

SHA512
f8235ff84cef093ab95270f97a9ea2bd457d5740bf94a59be47b97f32c837fcbb1596cce933fd587c839dd9e2bb81b6c1f40697d474786825aa04c4a9dbab98b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
819B

MD5
48b08c515ee792810e2f3fee0577f443

SHA1
fb34b2fd5271ce99c38f1ae7e572d5a822c0979e

SHA256
097fe88bb43e293bbd1367abe7da89094bc0ddea06eff707de04ed7ac7c2c580

SHA512
0c69c4b12999e40f567915dade7d4541b4918a514fdd8643dbf7c73faa4c31fed99b34e45929d2808eb77eec19d2fa6d961739510718db3092f30bf7f8641a34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
243da108c9e71010cdd72fed05386d37

SHA1
56b29185ee0ded6a85a1c24904a1a10366d633ac

SHA256
999bc5745364e58934f818ba39e081dffb10ca5f731c30cb0ee25fa748210771

SHA512
3b331577727a24ca4750731af529981d35fc0697dabf7023bcfa51c8c8b79ba0056d98e49a9156c22934ae69e23b67c5a97e2638a6534a6d89b31a48c2d36ae5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
eddccdb12ef7571a921452aeafa95346

SHA1
e769fff1f0bb4671bf2fe0c101eccb3735502511

SHA256
f78a9da5e828c94d30f26132537896c62cf73f7edf46e2636e034c4d9d6dc588

SHA512
05830ca29dfba0320f22d85469056044f840160943a1d6fd3c2afc0453469847fe41a28de525542c4a3bf2a68d52192ae045b9c757f4b6d56b7ff14fa9385f65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4ab1620713b462809c478fc9a422752c

SHA1
2e97035cbf5a8372ecaeb6bed2653182e1f6193b

SHA256
8b1aedd5880c6018e089888d61a2dd7a626dbe6e40c3f6bace687f312fe276da

SHA512
3f919f12ecfaaed86475c68a5196d76c6427316d9e6fa6106393c8f9c7d6ba47918c60753d8e2102ab0080e14912c2c688f795cbab48bd41e530f6ff8233699e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c455dd3a4a992095e5864d3af87a692f

SHA1
f9e55df0c0457559e73bd5489c16b230c32625fb

SHA256
a8206ddaf9380c4dc1f47779ed9bebb45e4b07024d315aedccae587dc8271499

SHA512
9f7e63655da8c07543ae1a2d731d82cdc59a298fff8e85b714d68cba574c9ec69d06ba41a19e3c07917f744826cae527b87c70b2dea297827cb36058a08dbc69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
afc950e1da142c030c87074fc07388c7

SHA1
56a4c3c89f08da833a2086ef57fb91288da49f65

SHA256
c1ef92c3f452c20e710a64e4e4cc45393790ffca8d0d733cac63dbbc16a13835

SHA512
101a728bea55dfc6396e665a017176c749514ee70d331b66c1241f58e684aa98d6644c65a76fea4b81e096a0f7fab1276b3f714b2fe960d90018edd5e2046933

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
96a115142781ddefc4cb4b59bf4d8127

SHA1
a98f9eaa00cb4546fc60299638d683f8981b6c63

SHA256
82ade9e8aafecffa2c4bc35ca9b6d783b032fdb2f09379be6d9b1b0217c4727e

SHA512
7ff29197e6e64d027f76b6560c8e9b061af92e2f5a9818619f7fdbfedb5f074e54406b6f81f389eed41f7648917be85c5155871a9083a9776721f1c71cbdf2bc

Download Submit