hxxps://drive[.]google[.]com/file/d/1PKmaNfGpThpWz1c75qJ-Hu3d32FTUFnm/view?usp=drive_web

Resubmissions

25-04-2023 17:01

230425-vjzazsde7w 6

25-04-2023 16:50

230425-vcmzdabf29 6

25-04-2023 16:49

230425-vbprksde2x 6

25-04-2023 16:18

230425-tryhzsbd73 6

Analysis

max time kernel
45s
max time network
41s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
25-04-2023 16:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://drive.google.com/file/d/1PKmaNfGpThpWz1c75qJ-Hu3d32FTUFnm/view?usp=drive_web

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133269222969753598"	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2228	chrome.exe
2228	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe

Suspicious use of FindShellTrayWindow 49 IoCs

pid	Process
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1524	OpenWith.exe
1524	OpenWith.exe
1524	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2228 wrote to memory of 2152	2228	chrome.exe	83
PID 2228 wrote to memory of 2152	2228	chrome.exe	83
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 100	2228	chrome.exe	85
PID 2228 wrote to memory of 936	2228	chrome.exe	86
PID 2228 wrote to memory of 936	2228	chrome.exe	86
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87
PID 2228 wrote to memory of 2564	2228	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://drive.google.com/file/d/1PKmaNfGpThpWz1c75qJ-Hu3d32FTUFnm/view?usp=drive_web
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe3b3a9758,0x7ffe3b3a9768,0x7ffe3b3a9778
  2⤵
  PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:2
  2⤵
  PID:100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:8
  2⤵
  PID:936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2164 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:8
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3184 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:1
  2⤵
  PID:1248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3192 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:1
  2⤵
  PID:2772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4556 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4960 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:8
  2⤵
  PID:4768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3992 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:8
  2⤵
  PID:876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:8
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5400 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:1
  2⤵
  PID:1468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5328 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3960 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:8
  2⤵
  PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4472 --field-trial-handle=1816,i,17101103728806555080,17356466012036979849,131072 /prefetch:8
  2⤵
  PID:1744

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5032

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1524

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

T1102

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
ca3a46afabe3069dac1d3ea6bef44062

SHA1
9098fb2e583165ea614c89c85fce023791df8524

SHA256
0082686814c02d2e40a51a82248449e56c4860b199e4f63ab7774da9364f6acb

SHA512
5632cf77022600322221f3b8f4a3246d03321929904f9a81daff41d5c14d03e509d2dd7784871fedfb925521f4595b370c7bdede3d9ebf0b5b708b1f3de8e55c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
e3434b72a346fe2438cfaa20ade65bee

SHA1
576e6be63fbc120460d16e408e532d46edfa03d3

SHA256
7f34aa58acb071daeb9a18d09c05c8e6232f6afda259020266d358b8f16a2e8e

SHA512
b1be2340fa33e3abf382e11a580526d9ee68f9c0c333ea2f24c4d143d253d96b1b3e16a9510bcd4838894c88337dd1091e0af9dd36a2f99acb1f58ba8eae1e72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
89dae7dbc9ff709c6bba369d82575f09

SHA1
7e723dc4691d9d8bd52447687152020123286524

SHA256
b0d981977fc3d64beb0c614e99b6e8b24ffa843ed823d07321269661673a9560

SHA512
952f5a404a7d0b350fb8fa0d9f108e8a140ffab23a4649d3c605c35a928b53ac1bacde2a43dd8148688eb3d157f3f361dcfd3bbce47c575fb358ece4932c1dc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c002e21f7f69e91bc057631d89358317

SHA1
7e2b6f498fec1de56bd1de63555047a2f68e8ac8

SHA256
2a7901da9d67bc47e814ac2d2514131a1b0cb6d6ca750c7cb33f2367ce5d5408

SHA512
b48aaffb1d9db8888abd3f27d9ae14cafeb8b8576bc44a59bf356623828eef9d301d8c1043efb079591861aa80b0aca6a8f1c8eba71c46078ff1a1c99b15ce3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4b3fd23e5d576f19ed7dfc5492865b39

SHA1
28d66d36a79ca4d8c3ddc55a9a82d288cdd62b09

SHA256
7d387084e70762e075871ba64326fa039e753b1fe992eff4ff158248d6c0d511

SHA512
6edb07cdac5082750cbef06fc38ef55ab207ed9ea9cd6236aaf1f2e7d71ff21ca7a900dadf6fc62f84fd48022834e6fc87189b09826b5c64ba30272ec9ca1bef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0148eae19fd9f2967dc8c93ee63bc1dc

SHA1
c79d6df878bf2d5f7e4cd66373639a3d107b7ba3

SHA256
70d79c1f69a0de002771ec66e7944dd051a3970b64755025705c0c5cf1faef36

SHA512
dcc0eb4f87ab4293918475f3b5beafb528e960d4bfd4e9b4051f42753a15980f8836cf754b876868e7129efd513d2c88db232903381a15737d3cd4824e657631

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
f00762e441944c73a74f75dad483328d

SHA1
e6ec204a1b3c313a844aea4297618ab60ec5b767

SHA256
99062912662e18d84a93419cdbe1e0d7aa6008a7434555150c9d4fc7f8db04e8

SHA512
74e1465bc931c731b5c221a3075b13a7199aa061af56a8b97a31a75c7e2ab710b498f84307748572d2af9fd9697a8933483b604e83c9f0c7ff535572ffaf2af2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
3890e69580dfa8e479fa4d1e58731ff4

SHA1
0c2315ecdb7cedc4cd42bb0c0d55fc3abdff39ac

SHA256
c60b247882548f648082a271a0feabc70dafa6a3fc01b69c3c252a50600bb4d2

SHA512
6a9274e8c0ddeeb558e7a067dd48af6186792bdc403325b7054f433cae2ed5b6b863f1cfeb1810aca2898bfed6faae2666db9efb60cc70eaa79963446b4f718b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
3c261e6c054642baff067d6a9d17b5b3

SHA1
ece948673dbfd40907b84a3f0adb88e03f15ff91

SHA256
0235adc11c93357f635cde0f7cd9e39a36ae363b0994587fa6e411f85f7511ef

SHA512
74daf1c4bff0018246a244b4d7d53d73afb31813a3a35210c1514f35e2c189cd49ddc0e8947511504982db6eadd1a2a81b60f48ca84cf305ebdb91a1cfb3c80b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
107KB

MD5
1973a1730498891c3ee8bca58029a596

SHA1
961ac471102b8a07d81e00dc22a1754ad67d968a

SHA256
64807e5d1fd335eb324616026e06b18b8d5b45b3de844f64d8e781e3bbf1aec9

SHA512
d5b8f9042bdf71c975c5416abf1755540bc82421f8335df081e4507ab371ae273626f44d93da830384d1bc232c2ba30ec0e63de16b9d69488b91a9346af75950

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57255a.TMP

Filesize
103KB

MD5
6f78d29e09df8adc1102014e18aa6ce9

SHA1
56ad936ea4251d4d593a7ca157c4b6a141326dcb

SHA256
810e423be35e7d771905a446abff71c3360e02b2f3eabbd97291bc126ddab757

SHA512
4435d2a0827b45004a5c717851cf86321f2d9a09a8de750f0aa438d6ab6c2d677dcc1ac41b3a852b8c2bdd9b1f4ec69a5c886e5d83a6d282278a8553a9195b56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\Cotizacion #20232.rar

Filesize
2.6MB

MD5
983c4510eb56b030ba2b4fa2936a7e63

SHA1
7dd218d7eccc0cd76dedab2fa1653c58b92eda3e

SHA256
c96f4c4d201383d70c727d75927192d60a0c38a1911b4de4b3d30164ff7e14bd

SHA512
f3a2ec5c172fe2d57acf684169ca010917bbfa3011ef9c05689543d80e98a5265bf6540eeb25ca2c3fe79aee3824ad77e054451d6ee5ceff50a7192e3155e1e2

Download Submit