2bf6d30054054ade5233f7c5327d83d933a72d63e76ab715c07bce7f1d217089

Resubmissions

13/04/2023, 20:01

230413-yrkdksfb71 1

13/04/2023, 18:18

230413-wxw88aee8t 1

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
13/04/2023, 20:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

REMIT-RNP88746 ‮‮‮fdp.html
Size

7KB
MD5

811587001084e4123c846022976be819
SHA1

56bf5bbc35c6441219e42a7c90c2fd5e9759bb0d
SHA256

2bf6d30054054ade5233f7c5327d83d933a72d63e76ab715c07bce7f1d217089
SHA512

62e12eac25defd6cd4215f8cc8e2b2a86b246d7f08a7beb6bec331dd67acff8c693042f228efa1e8058f786edea09c67cb4bf783dfa3affdca94a6d2615fbd20
SSDEEP

192:r8JOoLgnAl2XZAth6m/y8kodpOqOAMmD5bjneB9mEp:r8xLG4eZ+/y4VOYdimEp

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133258968963064139"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4332	chrome.exe
4332	chrome.exe
4576	chrome.exe
4576	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe
Token: SeShutdownPrivilege	4332	chrome.exe
Token: SeCreatePagefilePrivilege	4332	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4332 wrote to memory of 676	4332	chrome.exe	85
PID 4332 wrote to memory of 676	4332	chrome.exe	85
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 4920	4332	chrome.exe	86
PID 4332 wrote to memory of 3388	4332	chrome.exe	87
PID 4332 wrote to memory of 3388	4332	chrome.exe	87
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88
PID 4332 wrote to memory of 3380	4332	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" "C:\Users\Admin\AppData\Local\Temp\REMIT-RNP88746 ‮‮‮fdp.html"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ff90cff9758,0x7ff90cff9768,0x7ff90cff9778
  2⤵
  PID:676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:2
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:8
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:8
  2⤵
  PID:3380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3120 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:1
  2⤵
  PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3140 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:1
  2⤵
  PID:4944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4500 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:1
  2⤵
  PID:3888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4744 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3324 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:1
  2⤵
  PID:1208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:8
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5244 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:8
  2⤵
  PID:776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4880 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:1
  2⤵
  PID:3312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1612 --field-trial-handle=1792,i,4997055166608665406,4571264696486074629,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4576

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2336

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\3ab176db-d932-4c79-934d-cdb5522e7426.tmp

Filesize
4KB

MD5
bf381d92e05c16e965009ba13bca0875

SHA1
6d5e42cbe018b7d0be2a99619803e02a99879341

SHA256
e4d1bfc216eababeb161691b1644983c09d1741ccf86e06acdf4d9744fdf309e

SHA512
12336610d7db619ff3737b578c481ef35deb09bc060be71a91951e7927251a26aed77a8f06fe12abe112a39f200c88a32c406108b1e65b97cf709e70b167eaa5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
8a790825568ad39dbd570f78a6ee1bf7

SHA1
f9ed9655a619f7eca981dd5cf944e0ecb76f53d2

SHA256
55b358a45fea09fc54388359dfd9f5c6a250a24ff7f14d31292ba80ed00fa5ca

SHA512
59041469495c7ba25a790fbc99751c07a20a745021cf8713695fe11d968a27d6c16fdc0e3383f733a836abf8b55a430b589f3f47826e0e2a59251134fd94e15b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
580638c5368d3c03b33f224e1a16ffe3

SHA1
f33c7286e975d7c34dbc34d52db37a2c1a7a1a86

SHA256
16b02978085323e00acc9de515651e272ba0c22a2fd7112e2eb86344d57f9a0f

SHA512
6dd563e5925a09eb8a9d8ac3a43fc96f7eb947c5536ab880050edc9bafe912c57cdc51c74da2653e00e08f41a3d1e0e2d7db79bc9b3a9cd37ea91bf4de0f4f4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
12a8a18d7c04d2de0e24a187c1eed0fe

SHA1
6bdbc326f0418fdd893ff2105c7ce36394035c0e

SHA256
7f5c0da388cde9e468a7043e2a796e0b4461d93d069d6c24ecdba997fd525f71

SHA512
9f3fe5e2c7b42f4f7924b4fd98a8610f3119d1e4714c6a39209fa8872a2063a70442867067dfbc7993b331ff907eb441b88c445e5df92eea9495d8fe4e165179

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
2f6ec0a8e62b62e8c146144d65739f54

SHA1
18a36e861fb99f86a0dc64c28fc524a229def8c2

SHA256
d3a2770b787c88db669d1b71a45e533b12a420f1e8d62ed13c0c192b6a3aa50c

SHA512
2b47778075ccc1fe81d16246d1039214a74b4bd9eef3fb2049d3950e27d26fde5e7be218710c440d4688a08b471176e67c729c32f074bf6f6abdad85ba902d4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
65c59cccceaec5a18b3a35fc66b985dd

SHA1
dc67a633a4a6e25d6b3a591a00cb2effab11f206

SHA256
84c3db483cd2dd64f9bcdf44bb886c3cdd2c8cdfbbe194a8212f8cc004bdec95

SHA512
bc9f20e1506cf2ad01012cacc93ead53a24921b3f5aab6972817b5b4d9b232627ddc261fb07a986dc40885c0b5288bdbc84dc5bc5c60b433c1baf8a9a16b7f36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
cc9622c81e3b199fe73071262637fee7

SHA1
dfcf0c6d35e9d4960b2d8379a89368f3f54d9984

SHA256
f73fac22ac13cf9d3709fc8c1c203c9519359004b4973ce4eddc5df26d34f42b

SHA512
0ac51fa05797bd7b6d26f142368f12cd80939785ef255d2bbdd98c7f33e4c15d5ef0dddbf5db5dddb40d3d30d5fb4f4ff7dfaf02ec362e65141cf4d888fcd808

Download Submit