hxxps://dwdey[.]royalautoangola[.]com/post/creating-a-priority-matrix-in-excel/76434645

Resubmissions

26/05/2023, 03:16

230526-dspz8sde75 1

26/05/2023, 03:08

230526-dm5thaeb7x 1

Analysis

max time kernel
120s
max time network
109s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
26/05/2023, 03:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://dwdey.royalautoangola.com/post/creating-a-priority-matrix-in-excel/76434645

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133295513403169192"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe
Token: SeShutdownPrivilege	4516	chrome.exe
Token: SeCreatePagefilePrivilege	4516	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe
4516	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4516 wrote to memory of 1092	4516	chrome.exe	84
PID 4516 wrote to memory of 1092	4516	chrome.exe	84
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 1068	4516	chrome.exe	85
PID 4516 wrote to memory of 4380	4516	chrome.exe	86
PID 4516 wrote to memory of 4380	4516	chrome.exe	86
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87
PID 4516 wrote to memory of 180	4516	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://dwdey.royalautoangola.com/post/creating-a-priority-matrix-in-excel/76434645
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc2fd79758,0x7ffc2fd79768,0x7ffc2fd79778
  2⤵
  PID:1092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1784 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:2
  2⤵
  PID:1068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:8
  2⤵
  PID:4380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:8
  2⤵
  PID:180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3172 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:1
  2⤵
  PID:3604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3184 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:1
  2⤵
  PID:5108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4768 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:8
  2⤵
  PID:4272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4920 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:8
  2⤵
  PID:3252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4856 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:8
  2⤵
  PID:756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4816 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:1
  2⤵
  PID:444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:8
  2⤵
  PID:4156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4484 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:8
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3884 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:8
  2⤵
  PID:1728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4792 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4668 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:1
  2⤵
  PID:820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5092 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2804 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5196 --field-trial-handle=1832,i,15564110627314597077,1752120621484323008,131072 /prefetch:1
  2⤵
  PID:4668

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3844

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
baf7125f13de114e1284d5dc2a3787bf

SHA1
5d2c60dff085225a992430caf20281d13be1b540

SHA256
881f0cb9e85ad99603dcc7ce54d1b6805b43d2fa3e645032cb48281f4ecded2d

SHA512
f296a8257a11fba523b4d6234c26edb03b221153633d6a9f19b84346e9b807732dd4d6c1c65fa04a9925fb7a88a8545658d098424179068c9b2a1d102138e7d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
53a67fb3fde9e95a33329d921829ac5d

SHA1
206d91e6c54184a82388fab0ce628b11701fec4a

SHA256
ad7ba91149dd97ff72d8160fd3b2e6bb2700e4a8cabaa9bac466e0ed0f9aac2c

SHA512
e84c730cff7af2507dfa84ce2bf8a365e28c031e7b28535352caa5ef5692b212e634890edff6c222468b0f9b533a3bbf73e8df41c0191b044a8b8b22cc85b3f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7aa56f4dfb6699c2d8b8fd2ccd99cc51

SHA1
138e029c2c81bfff56e68464afaddc5d02487cd2

SHA256
1ea1e572e4f5e1f00f80617297c738dec2a126e0c75cf08d8d22f46ac570bacb

SHA512
34b84182c66972edd2fa9d99b8954a8d769b352eed14752cf8a7b4354055b294a35e85e4434c74b3b7bb803e8fc63cce1aded1522c6e966f74ec7568205803c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
be91c8607196a43db18206210d079b6a

SHA1
df607ef342f845734ecefee5d39d11e9c3444ea9

SHA256
ef7af25c8b314467f602ec9e5af430cae2537a3bf72c6f764ae23d1a3cf5f4e3

SHA512
830d12d85ffa198ef5378b0bf6b5b63a499deaab3157a11c35106c2195e7e75a82823331e3a190ad37b7b5c561b4f78691158cd66752a2ce959abba30d6057b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e05550ccfeaa1f1f92c8e20662073e83

SHA1
e20f0ea38342a9d2fc6a38a017b9055704562736

SHA256
9ff6fc5c73aeca7ce569b6e5a05fac5cfb560c4969b7a79c087e158ad645ec69

SHA512
5f16f563996227f4d35ffa195d4618e6e5fb099a0229f6587ae3717d24f92150160fd0be9fa511e2c9cba43d4bb917746eff63138b52f30206978719f3628355

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
09e847b4cd503826d2f4b3ac4f439f0e

SHA1
5343e7c00aac9724fce94fad3aa3109ccdd29a9a

SHA256
6f09c3713ac5e9538d343db9e7a42a494e8d6110b2ce9eda2d09b73669ea44c6

SHA512
1a3f33d49af310200bcc7a6937b27d3b0c50a5df8ace947d28344374b26b9e957b0ed885f2548db83ef996c276f03e5c633e2664ba22022ee1778af4e292c10e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
437a9c2d33b86df0499168a191b05648

SHA1
e7b0c8492a2a658dc696ee9b7adcaff92413ba8f

SHA256
60625a7cdc4d260c2b1eeee08d02908b54be594fce7a637f73702efd0f43e6f9

SHA512
cb7d7ec2cd7f9897a6782693a5d2b6058ca68defda6f54aec77933e37573ecb8d4bc242b37c28f70e46ea16b2d830690a5476ee70d728c5ed83ec6555f537178

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
625cf8141cb0ef87d92ab666bf3dc428

SHA1
1221bb78cc2087f970c5d810581eaa8d254d9578

SHA256
a27c74b2808c223ad756a8cf487fef9d771e537a845a037c7b55804bfab8f8f0

SHA512
e883e44d6aba875ebf9c7cea06e0035bcdd3e2a31067c58f35e3274e50ed923f241ac67de1a9788e6d44af49e2576fc3bc9e05b699838e9c86574ddbec155188

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
c3b75af29c8cf0849e52dae67c9850e3

SHA1
b65697cfbc51cbc7f2149434997dfb9078cf5548

SHA256
02d5f8a3aaab69bc23d7d39752782588e585e10c74c5bf43bbdfc600ee5da5e9

SHA512
e95f34671f4c585199082983f3256d109caae373736a0197397545baf70fbb599885b86d454cec2c81fd4284e2a63b89d02cbf3515276515bc44bdda2405c846

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
4da01cf9f3a02d6b44a76f5d835498d6

SHA1
51497edc85f0b86d6d8016a04d8b6c57077c0d0b

SHA256
9e799ba7f8f9e1d94a05fa09c3fa84dd5832605451366a2484030cac66cf8a11

SHA512
f438e71d414d56f81cf6816f30f630e303ef8be5c9dd9f6d7a7e26d8f09c651ccd7a54da0660188560f05771debb917acaa2cfa7dabe4c336e27b5ad5f85ceec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
7c54ca02b9aad5c2812ffb86405b16e3

SHA1
68fdf0d3f6c16661621d52e713132dacd92b63a6

SHA256
e3a74c7969d8abf4138f55835f2f66a1ea85fadb7e0f6fc5552c35eebd53e20d

SHA512
b7146546af68a9a9c38111f0197119ea4a333cbb79c2d5adb34398167f9d2a46d1bad4dea0d6ed1cdfd963901c1cb2e4ea0de2a84d7bf65fb658cc101c089bec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
72KB

MD5
462df34e22c3c5cfc584bd9b43532543

SHA1
d040a1deab3186c803d6b3a0dc03a2c5fc8b27c1

SHA256
5191e0b32342f61fc01aff35995db66e1db5d3462b519ac9d8e20fac9defab7b

SHA512
8650a7e14ba4f1fae7328cd7abaae1e9e7536286201cff6e2eefc39766fe88c416f908aab9f75d54b391efeb86926a949fe146641105d2d339055ff9a7c80aa0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
100KB

MD5
ed10d6a846484277243cad3216b4e143

SHA1
990288141354b6431d831357aec2e9150744a7b1

SHA256
bd614d038d7ed2c7c37b31de518f39beb247193fb31b0789850b75980e8d6495

SHA512
740d14351b269178a682465133a9bb5db7dce0b35bfe3bd480c8e947cf182b0f16459d499e1f892e0044cbf5c7e66ea089408e857bacc33e3a825d5da491a224

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe571220.TMP

Filesize
96KB

MD5
34f7074edefde07ba607f7dd66c85927

SHA1
9136d007acfa0301396ff0fc51336f0300a7d3d3

SHA256
72faeb9ab3b23d16e96a31f7238381404e69daa6e16569cb73cfa7f12b8e4a72

SHA512
e53204efba4e33843d7e55ae10c18e33179c7b2ae8f7d2cca0312ae925547154f27cddec7254e83aa42e79cfd248c2c86ae50a5f4cb170e2f87ad1607abc5324

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit