hxxp://dewer[.]collegeustoday[.]com

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
05/08/2023, 20:32

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://dewer.collegeustoday.com

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4824	chrome.exe
4824	chrome.exe
3272	chrome.exe
3272	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4824 wrote to memory of 4108	4824	chrome.exe	82
PID 4824 wrote to memory of 4108	4824	chrome.exe	82
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 2136	4824	chrome.exe	84
PID 4824 wrote to memory of 4788	4824	chrome.exe	85
PID 4824 wrote to memory of 4788	4824	chrome.exe	85
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86
PID 4824 wrote to memory of 4876	4824	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://dewer.collegeustoday.com
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff867169758,0x7ff867169768,0x7ff867169778
  2⤵
  PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1752 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:2
  2⤵
  PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:8
  2⤵
  PID:4788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2196 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:8
  2⤵
  PID:4876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2952 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2984 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4572 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4904 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:1
  2⤵
  PID:912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5300 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5652 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:1
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5868 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:1
  2⤵
  PID:232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1724 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2516 --field-trial-handle=1868,i,16990634961022188671,11910104066354932692,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3272

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
74e73a3f279e67e9926fa4f42896c6f5

SHA1
304c1aa63d2fe33b21a5bcbb182c400b7e732c69

SHA256
0cf92842ba5b6cbb4d9c4ef844fe1f1f3928f2b57fd718ad66677c1895ba3aaa

SHA512
241f2ff0aed9c33aa26d36d330917cb6a6423edc4436d227f7021b86e2d4487aa7a7dc0834c365cd9ce7c2f37a1240bf17267bba935bc1519ffe2f05949830cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
dbe5fdd2371e1b6a4d6ceeb6f5d1989a

SHA1
9c4959cd801f4727f6a8eec313e996d1aea0c75f

SHA256
05e56d90e46d6c141b16bfcc906d5ed960a827f3bc566f49793e630135791761

SHA512
f345cc7fbf90e751188143d4c41dad246bfe7d46a7f2bbd7ab299a7e307e4677e839e969b5520835c6155f0b8e659c3289cf19add35539dd33f55e6fefe38227

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
0a5d8d13a841666ba9fa10970299a6a7

SHA1
1676f94335392f268acccfa05bc58ad4c03743de

SHA256
45b9755465636ce7631bfeb6aff9de17eacaad89600075192f89a53c06f65b4d

SHA512
23df6b3d68e439d6737e3b96144bc894a9f3b6ee8b6cc6425a6263f74e7e978d1c222d7fa1e6ed74aac1af86a3ceef2c33b279698a31004b96df1ff33c09c878

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bcb309c78f981aa99690fe6fea1fde2b

SHA1
60a70afebe9f93d988a07348a84a114ee1ab9fd5

SHA256
2c3d8c503b41a7adb3e84627c68ffb6d7b9df9b2aa2172706583c32c494dcffa

SHA512
fc6c611778d375ed2021670d63961cecb97b432487be5b852c98e197badb7991cdfcfeb3472306d5e4873e8d93928e8b79af9ba9ea4f88c9b5fb21547cb5ea8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0d4e7edfc9405b9398ed7e327cc57ddb

SHA1
44272d207fe8e97fee9c709ec637c317173a118a

SHA256
1b4a580b4ca5ab3e3ff1c1c2997276e218c147c18581369e4c18395816ebe434

SHA512
f98d40e348713f391356e64b224383de4aad1148002891bacca533a0b8da5df7a8c80694ff0d0d588bc3dbcb33781746bcb2e19358fa94fcc073316a4e20d595

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8c21369e23684a742eeed2cbf5698967

SHA1
f1b52ebb0c032636e24b4d8f722c7901c19598e9

SHA256
0f4406d17ce8371a228738c163f97d47d223d68d9649089c893dbe0d1f029d7b

SHA512
9b705db7edc95bd62b6cb0f6cbb855b145bb3d769eec898771bb64deb7e31b4048fcf3300bed8a12e4fdefb0f60d001a3cd6d9c041573a4e7e91c26a55584437

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
4183322400dbab0c3644025746ffa5a7

SHA1
3d21812b48354e1552de77e6e42b50ff014c89c9

SHA256
8afbd0298dd01503d27111e685d04fda44ee7aef5d2c75b90791584f026f785f

SHA512
d11b37b49d2f2e38f924f20ae3fd1d57b2d35da27ac1ea4e2fb4ac284b77cb2b6d368deea4ceeb1c0c3b5e6ebe20f57a08f0614c57b6a84b24d903053f53e917

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
20f675bf6e110662208c520d9e595983

SHA1
0d167ca23452f6c097f7b684bc50fc02111d2023

SHA256
39378b26a3c200309f12a45d025c80c409370decfa8cff383fcfb1b238c0d335

SHA512
eceb60809c5a418b47b9df2f1f968e5a535956d64b0b3f0bcd793019b4ed19ad1a682d86c2bd8a18907075f35d70f531a4c3a98231856b124e1bb1a82e66a57e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
532a3fd9bc43a3405fff7b57a657f3de

SHA1
a8ef096384d83cabc01982048cb4e4aecd39e07d

SHA256
3b1c16bcffc15dff7e9e5ce15c84f48403ac86d14c436be462959fb6d1c66084

SHA512
1e266c5dc0dcb6f410239f277dfad23a4dbfa618a8bd13ae26b959d124c4ffca1777e6dfdba4db7c3c0941ee4e5de26a968fd9184934448a9a5033e6e1e451c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
4ec9f1b23cb5e08d8e04422e3e7b6259

SHA1
dc1a9a6349f6113e50a30a1659d0de56352186b0

SHA256
2fc52ed8e5d1ee1668f0790909cdcaa5d273bb9e10ef759686cf104d2ce935a0

SHA512
fcea84ec2f45737999cad81980b325b436a45faf3a6dbfb6b4cfd3eeb8a4a77fd8e3ec6c0059403fba66d7047ab53b106e376c91b7fcb3603a028b6b59ae8237

Download Submit