de672a44b62f7f4862b94d14c74956cf91346312f8227d6a5aa1b0d509fa07c1

Analysis

max time kernel
145s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
05/03/2025, 20:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/dropbox/login.html
Size

67KB
MD5

2ff95476dfb7e366d81924cb8c354a22
SHA1

fe08dfc8b7f99c0ba5702ea7b346606e4078cc29
SHA256

7e5bc50905ba754480a3915e127095659132905c9f674c51f8f8dde70990e903
SHA512

13118bfad9ef3a7e14f3f61ca95e97f666d915d0e00434e29f640228f9638ee68d073343fd69e14082169d66b661fa59df58c29296210d733810e5dd6d5f4885
SSDEEP

768:DulsKt6IebM4hKmbKTLm0+SPNGEyRbyiBchgZYYq1YrWmR4iOmeB/MISJvKlJjJT:rnIqM4hZHyicckiOmeBap9h6LyZPiJ

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
44	dropbox.com
45	dropbox.com
48	dropbox.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
976	msedge.exe
976	msedge.exe
4604	msedge.exe
4604	msedge.exe
3684	identity_helper.exe
3684	identity_helper.exe
4912	msedge.exe
4912	msedge.exe
4912	msedge.exe
4912	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4604 wrote to memory of 3960	4604	msedge.exe	86
PID 4604 wrote to memory of 3960	4604	msedge.exe	86
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 1784	4604	msedge.exe	87
PID 4604 wrote to memory of 976	4604	msedge.exe	88
PID 4604 wrote to memory of 976	4604	msedge.exe	88
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89
PID 4604 wrote to memory of 3368	4604	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\PlutoReaper\PlutoReaperV2\PROGRAMS\PHISHING\dropbox\login.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff3da646f8,0x7fff3da64708,0x7fff3da64718
  2⤵
  PID:3960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
  2⤵
  PID:1784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
  2⤵
  PID:3368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:1936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4504 /prefetch:1
  2⤵
  PID:2680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5972 /prefetch:8
  2⤵
  PID:736
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5972 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
  2⤵
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
  2⤵
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
  2⤵
  PID:3500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:2460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,4739082438477506613,7195089609128872004,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3164 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4912

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1548

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3492

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
395082c6d7ec10a326236e60b79602f2

SHA1
203db9756fc9f65a0181ac49bca7f0e7e4edfb5b

SHA256
b9ea226a0a67039df83a9652b42bb7b0cc2e6fa827d55d043bc36dd9d8e4cd25

SHA512
7095c260b87a0e31ddfc5ddf5730848433dcede2672ca71091efb8c6b1b0fc3333d0540c3ce41087702c99bca22a4548f12692234188e6f457c2f75ab12316bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e27df0383d108b2d6cd975d1b42b1afe

SHA1
c216daa71094da3ffa15c787c41b0bc7b32ed40b

SHA256
812f547f1e22a4bd045b73ff548025fabd59c6cba0da6991fdd8cfcb32653855

SHA512
471935e26a55d26449e48d4c38933ab8c369a92d8f24fd6077131247e8d116d95aa110dd424fa6095176a6c763a6271e978766e74d8022e9cdcc11e6355408ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
753ecd6a0693576bae63885f2183e545

SHA1
6c67f57729820dc572247fe04242961c5b7dcafd

SHA256
ba439e1b40b263fdb61454feba7c3f4b915d584ba44a87a33876d8da71144748

SHA512
e86ae84e1a3c0db15e354c28293ee6820e136473cfb91ab6651f123c1aaef91173a5bfe8a2db0b2b89d48b0e7d6dd83fd7ac1f4d8b044cc6143f795a2c6ca854

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e1a2279e8b904ef07e426a8f6f9d4cf6

SHA1
fb6faa1cd806811f184dba8fbc3888261f8e1e0a

SHA256
e94343d6074b739637c8f8c7c6155ba575fa76af7e210887fa57e69ee73cce55

SHA512
2e7c11f5fa72cf9156aa43b7f99b635f5414a4e78827fbaff4a2a4659a17fa22531aeaf670c6f517e95b7e21788243353f90c282c1551c486a7ed58a56a585a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
df3a9886c711f3c645ae5659461f7eff

SHA1
df78edf311b5f06e14617aef2b5fe03be6774ad1

SHA256
86ebe3196341b776c53831b5603db8ef9b79a4cfcd6c0c7f34e3e4e95b8fe577

SHA512
453e3c13ae7be4d32c6ba81b516436de87921beef25559c5a6e6cd6c314300989cc84087e95970d99e160cd0127db42475010b7660adda841399b292f0234dfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a74f12a8-aff8-4bf8-9c4b-619cf7ab4968.tmp

Filesize
5KB

MD5
60715e080348cb15f04307a34705a519

SHA1
c5698324d61dc5e677c4ea8d35aff536acc49db7

SHA256
6df852ffb97cd71c5037e42ca8936cb2857211399a1d4d814741f69aa2503e92

SHA512
43582ecfb41c1612d137dfb2024b4c91d4853790464b0f6953d4f0b03bb245e6b09f064845aea18a0caf3a7de80c261ab81a64084e58ab0b1f6810106afb6d3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a5605511d3af3aceef73ae6f5824e26e

SHA1
69fcc8376659d0ac5ce500646cdc8547f7f1a1b8

SHA256
a2ce6a3ca155bde8a79ce3af532e495c652578e48c55e81f8167d9f741fe6e72

SHA512
f064af37f49f2cb0badaa1eca4004da35338ba06453c8ff0b96280a988b99a1c166c35d49a15c892ac616e5245e4e029f28e117f43452fa47e563d3619dc1de7

Download Submit