de672a44b62f7f4862b94d14c74956cf91346312f8227d6a5aa1b0d509fa07c1

Analysis

max time kernel
145s
max time network
136s
platform
windows11-21h2_x64
resource
win11-20250217-en
resource tags

arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
submitted
05/03/2025, 20:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/linkedin/login.html
Size

43KB
MD5

d229935db6ac40e26f9cd0363ec68607
SHA1

0dd64e9662932dd5e62202b948693b4aa7a4a30c
SHA256

ea9ff92d82654c353aa8f241dadfd68e698907f37d7415bc6bd0cebde4f201ad
SHA512

7b50e48fb3cf145fa39f294fd9c7f75e027a404b48dc8e0becb88fdb3944c3263ce561dee8224a215a05a367ec6a4c1e80346b26a091895c5d8e2f07a8eee34c
SSDEEP

768:aZRjo5C5Ele2s9pcuEre/m4+jspyChNiZY+HPZ5alQg9+dddl41uOn5DGXU4G2:aZRjo5C5Ele2s9pcuZO1jspyCfia+HPb

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4052	msedge.exe
4052	msedge.exe
1968	msedge.exe
1968	msedge.exe
3112	msedge.exe
3112	msedge.exe
4624	identity_helper.exe
4624	identity_helper.exe
1268	msedge.exe
1268	msedge.exe
1268	msedge.exe
1268	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe
1968	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1968 wrote to memory of 2720	1968	msedge.exe	83
PID 1968 wrote to memory of 2720	1968	msedge.exe	83
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 2688	1968	msedge.exe	84
PID 1968 wrote to memory of 4052	1968	msedge.exe	85
PID 1968 wrote to memory of 4052	1968	msedge.exe	85
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86
PID 1968 wrote to memory of 1384	1968	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\PlutoReaper\PlutoReaperV2\PROGRAMS\PHISHING\linkedin\login.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff99ee93cb8,0x7ff99ee93cc8,0x7ff99ee93cd8
  2⤵
  PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2
  2⤵
  PID:2688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:1384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:3912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4396 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3112
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:8
  2⤵
  PID:4792
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:2916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3840 /prefetch:1
  2⤵
  PID:876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4516 /prefetch:1
  2⤵
  PID:4156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:1708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,2067658190714092726,18187003331145221182,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3012 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1268

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1544

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2896

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fe68444a298dfe7ce3afb15e1e04dc2d

SHA1
ce8500b8bc9f8033bf5f6b28174d04852e996cde

SHA256
4fa17fcbb66e9306869abf881cf02c7b890bd34c34852c8a8f0e276bab375ba0

SHA512
ed3aec46de266977a45e00363f3e258e53e9763fd5304861d2a7582344f6364f9dba20d5a13e6c2eee42e6bb875eec2f3e900f45cc64bf911e7055008c2374c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
648295913e8e74a91d84a0bd6dfa0efe

SHA1
e42c17ec7e237fa16204bd204ba0d47c2e7aa057

SHA256
3f46ccf49be312c1e7b3cd94ff1d27970975d6a80e052769daf31c772adb260c

SHA512
6e3f03fade65388ad14c2443300f79d028986a7863d32ad731a3b1aef4bc4937e7cb150c814947befdf4d2a8510f70368ad35621ae854b9037e46488df7423e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
395B

MD5
01b77df7e7b79be965627d580988bd7e

SHA1
b00995cd4b390a195ecab8adf773f2dea8dcac8b

SHA256
f327cb1269fd54e38240102e0878c0e67409f216277141c3d777b76f81ef5f88

SHA512
cbae74a292a0c300cd5b50c3815eda489d89e2419c12dc91827e2cd386572ce72ec042a580afdcae276ec076c861e2edb32a93e7ebca6c22bd5c5fbd81fbb2fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
78a876bcb8f234f94c34b3ff2eb3b1cf

SHA1
756f5b2b7a26307f2f0efa0f124e360be8eb9f50

SHA256
d5ddf12dbb9d4aec8f80d01dd67fc3ee7d9baa6c077c9d8e57e0fa2d1f09014c

SHA512
c58088e0cf6684df7c362c49a2eea63f44de20492e3bb536d4c68e7fb1722088cd047a31c3da7778705edb1a0814e8a5ac6b211bc90ccc45139d8b5c8714dc5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6fa7e8c88998e80f03b8f579145e819a

SHA1
d927a7ec4daeb4c377f60813463bcb6bf50b75b1

SHA256
a6488b2eb253a7a49e1fe356ef5d491840e54762ca18981442920b3713aefd2e

SHA512
b02839031b1f269f3a8835e68a126b95eea19b55a3035c007c9bec0eec41b887a97291be77fd1e06569388a30fb5768871708fa32a789a0b94cc4052d5601aea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4aca89764beac8c09bcba356426b352e

SHA1
50d35606fd8c09fb6334671b1120ff59cd2ae1d6

SHA256
1778b7750221eefafd025932c1dd3ac56f844de3e055a254d4420e712908e09b

SHA512
e612ab1ca3900ca1067634122baf6e996070b491d95ecbdf16804a5f583f879db47e2c34202ee6b97356105062abee811c4d2101d2089c1cba6e6abf4ba86f68

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
47f69eb823c482794bb5caa3c99791e0

SHA1
378ef62a0cfccc0b18a72e81eaa444e6598a9f37

SHA256
42ec9f83c5f9c8e95009934dba6dd496fbe8ba3e6172b7c49a57b2b98d0966bf

SHA512
5f8d73e4cac100c4cf9b738b1dcfc5be989062c6e4237c4e5f5561440e2d5a31adc63107b1f32bf8a1e5a31ad746eef159dc1cfb7d67ddc2f01bbde39ce58789

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
cbab12fadc9f64adabe49fa42358ea76

SHA1
c213f18264a04e35423b10e4bfd79d4a09c1fb41

SHA256
9014d6067220d31014235bd6689ab86c1d170983c11842345bc5e011fc1ca658

SHA512
4c0f1295e67bba95a785d017a4149e44a04e734e782e27288a2c9e34603abd0ec48694d7005934190b722d7bcbf800c2e060bdacb599828e015fae407916eda5

Download Submit