hxxp://pentestmonkey[.]net

Resubmissions

01/06/2023, 23:34

230601-3kjwpaha22 6

01/06/2023, 23:25

230601-3eed1shc81 1

Analysis

max time kernel
300s
max time network
293s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
01/06/2023, 23:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://pentestmonkey.net

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133301427458439328"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1572	chrome.exe
1572	chrome.exe
1840	chrome.exe
1840	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe
Token: SeShutdownPrivilege	1572	chrome.exe
Token: SeCreatePagefilePrivilege	1572	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe
1572	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1572 wrote to memory of 2416	1572	chrome.exe	84
PID 1572 wrote to memory of 2416	1572	chrome.exe	84
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 4612	1572	chrome.exe	85
PID 1572 wrote to memory of 2276	1572	chrome.exe	86
PID 1572 wrote to memory of 2276	1572	chrome.exe	86
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87
PID 1572 wrote to memory of 2576	1572	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://pentestmonkey.net
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffec8919758,0x7ffec8919768,0x7ffec8919778
  2⤵
  PID:2416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1816,i,5868055141460021564,447302939118200156,131072 /prefetch:2
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1816,i,5868055141460021564,447302939118200156,131072 /prefetch:8
  2⤵
  PID:2276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2144 --field-trial-handle=1816,i,5868055141460021564,447302939118200156,131072 /prefetch:8
  2⤵
  PID:2576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2952 --field-trial-handle=1816,i,5868055141460021564,447302939118200156,131072 /prefetch:1
  2⤵
  PID:3112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2956 --field-trial-handle=1816,i,5868055141460021564,447302939118200156,131072 /prefetch:1
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4720 --field-trial-handle=1816,i,5868055141460021564,447302939118200156,131072 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5012 --field-trial-handle=1816,i,5868055141460021564,447302939118200156,131072 /prefetch:8
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 --field-trial-handle=1816,i,5868055141460021564,447302939118200156,131072 /prefetch:8
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2440 --field-trial-handle=1816,i,5868055141460021564,447302939118200156,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1840

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:660

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
96B

MD5
586189bfd6fee9dad2ed70fc69742191

SHA1
c0098c855d0d7b3aeeee4264ac064faeb4eca780

SHA256
9527e7e0ed89515d5500de468eaac7a213ca2dd6e62871201ff061bf828d8593

SHA512
861c9ca752bd622d514a3c62ff62cdbceada5f9b9646bcaedf340a0d8b5fe13a733c1a523c6b683c53a92e36f76acb57de2a64f652880dfb6946882065161217

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
34be0b07592132f28682fe2f438c6287

SHA1
7a8ad531aeaa38b708d2b20130f7e4813bdd58f5

SHA256
585ed1f80feb06379367a2110dcdfe9c586a8e83ea18e32b1e3c1df92e3c8688

SHA512
48ec9b136594c44c103263ee826dbadca147b0e3b3cb19db1c1bc849c30b3f8ebc605b8a11723e7c156b0fd7492cdf122b4d4710100ead05e0712488cb11a8c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
bcce89bf91c311226995564ac9c3d837

SHA1
5e3ac0c8c171c901856631dcd2508df0fffd5b43

SHA256
a1e0f00ff4869c14cf7ea35c874eeb5139248d9e38f9bd3d1c7d88b4a24c0817

SHA512
531ea19713efb3874e8c06eeb1b9267950fc9cd4bdba7fd8afd5617b437f5d9b9c933054f9a71ec35e311698590432b4395c1499cb109decec8c5d174295f60d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
624130f370848f328b3242bbd4623cf5

SHA1
cc9be7ad9e8a1daddee43d8b08729c9c64c94478

SHA256
9d55485344ffe76e30ab1808d1f61f3340c4c64575ad87fddc6b08284869b246

SHA512
afb0cda3d40df51bdf568ba073d28ff45ba286de6b908a61b587d350404093da098e7b61c4e319b334dbe8f4f0d9babc06f8bbddf314ee197a00f095d3b1579c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
64aa2e4f1e81cc8b058ab9570566c6d0

SHA1
63bcef2a0d674c427f756611d9711f8c6db3fbc9

SHA256
80d79d9d445e8bf8e85dc81ff781d848bf55c0c5110022b8d86e56259e3d6104

SHA512
48cbdf56f6d1241be5f4c1f1aa20bd45760fb25b83a7f93e6682ee6a241a16dfaac6d38ee4a398f3bbf50548aa3306c1a3739c3c4176858e0da3207f772a657e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
83f9f0ac604d39b47522dce373b4df3e

SHA1
f8d27e99c17feb97cc6a6d568f879f36a26f8f20

SHA256
a84b39af0710fdeca37799590730862d0e50112c9b6c4fc078e7e40404557cf3

SHA512
734e7ee35686b121b7540f59d7609f3fa3ca7b47b009311382711309a1f920adf8fc1ee376d71f32b2f18367589736160802aa545e1928c72aac331c98d35523

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
f2d685e62eada35ea9e7b56b556974f4

SHA1
5ff0e3bc61025f6dfcb0c46db8d363aea2723eba

SHA256
c80f393455b6252eff209456a90258e73b0c3d3e8a413a6f7fff467038e67e26

SHA512
83af28aa66687f730dbbaa6d4b533e41487796af32a73d31553c6029639b65db46e65387420d127d930416734f533765327c50e2abbb0979f2fb2e0eb8ab7c0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
d4c51a54e903a31398bb7b33b6c35a92

SHA1
a55ef22848b7e21349522ec4df3ac79692627b0a

SHA256
ea821fb828920b74ec95fbfd62a3be968884dc4989240bef681d1a4678565f42

SHA512
596008fa931257af7e97a314bedf1fdeff97e092aebdb0d2fbede7f58cbecf32b18b583a254f3732017c5823eb6b6bf1d4d64e0908ba99c84b07d74e7220cd30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
0c996bfa60e4d7d8a28d4f5310dceb50

SHA1
62aed5586b4e66637ed5e0a2eeb6327cc38aa1f9

SHA256
a6674416ede363d5feb0bc9c1bb254f9b6f1865769d75157ddb97beecf1e64b2

SHA512
cb2c5b45852d925356e886fd712cc380adc336d77575555efe5cdc6f4ff7773c9801b4619ff6c76be1116132b0df9547b8b0ea43e7524dbd021a8f05a06eafe7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
52355c9466a908294005adaee0f4cf7f

SHA1
ac32bef3407cd7536d791388d97d8a86b7b14135

SHA256
c6fef06c88896e3c88ba3a4a98982fc20747828f406dc8b089bd86ff68e5d3e1

SHA512
533e1baf4d095e967dbf84a1d8f76298bfff42f121fa3f9584930fc5b7badf33301dcaf779f5c64d9b64263a65e5ee2616e9f2c9a2f994e6fbfac82380a3b9bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
7e04d51b6c98e160ce67a47a73f7ca76

SHA1
6aeb0fb80dfd3cfa8c1ba539e224688eeb077b68

SHA256
600c3b4ed771a37484bae01a337ed79847ae9e47fa4e458a1b77353d23a9f93c

SHA512
02b62a31da2321beeeaa1c8b0302ac3848f04ee879b8e022f01930a3b3f419c835efa2a6de893f71f3d4718ce1dd92b123b9de1f04537e7e83c40fa6f777386c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
a0d4c9bf361e383f6e2a8b887d35a1fe

SHA1
9888bbcda665794191560f116fce9571049f3dcb

SHA256
4d76e19a87fb1c82884035ca24a001f183e2845695f3c9b913305a7d27d06c33

SHA512
b0ec74c7e8297cf733d62007ec93da0a4cb4456cbcdb901f33593b1ea9c2ad3082d9e68d00021ea497e23da9606eb7adbec2b9e9fd57b59f929fbfe4c249d5b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
157KB

MD5
be39921a50d7fa4edc146e040f69fa44

SHA1
c5b487e7b360658e6eb7e46d6be740f23759e30d

SHA256
6dc015e3d59a8fd076c2dccbcb0c18da5918fb8c3b3c1cde04ca2f32604e4460

SHA512
58d69b57a75cd6b8e88ed891c66f07d24f01bce3a262c309ab170b2939b2493f0143908ca287a5482c5c7472ebced428768c03e322fb0e272d75b2aa5d516127

Download Submit