hxxp://saocaetano[.]ginfes[.]com[.]br/birt/frameset?__report=nfs_ver15[.]rptdesign&cdVerificacao=FU7LSXWIA&numNota=2943

Analysis

max time kernel
150s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
03-10-2023 14:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://saocaetano.ginfes.com.br/birt/frameset?__report=nfs_ver15.rptdesign&cdVerificacao=FU7LSXWIA&numNota=2943

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133408156369394956"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
2472	chrome.exe
2472	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1468 wrote to memory of 4124	1468	chrome.exe	48
PID 1468 wrote to memory of 4124	1468	chrome.exe	48
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 4704	1468	chrome.exe	88
PID 1468 wrote to memory of 1712	1468	chrome.exe	86
PID 1468 wrote to memory of 1712	1468	chrome.exe	86
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87
PID 1468 wrote to memory of 4520	1468	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://saocaetano.ginfes.com.br/birt/frameset?__report=nfs_ver15.rptdesign&cdVerificacao=FU7LSXWIA&numNota=2943
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa72c59758,0x7ffa72c59768,0x7ffa72c59778
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:8
  2⤵
  PID:1712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:8
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:2
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:1
  2⤵
  PID:2508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4128 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:8
  2⤵
  PID:3516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4584 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:8
  2⤵
  PID:1544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5104 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:1
  2⤵
  PID:3012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3316 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:1
  2⤵
  PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4624 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:8
  2⤵
  PID:1724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4860 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:8
  2⤵
  PID:1228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3968 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1908 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4780 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:8
  2⤵
  PID:884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3732 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:1
  2⤵
  PID:1512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2024 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4924 --field-trial-handle=1828,i,16808094143653321443,6959694528708568664,131072 /prefetch:1
  2⤵
  PID:4768

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2156

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
956ca82070578626fe99cbd3e669e0f2

SHA1
24ea31a9c58d3df58d162873a0b0d2b497658a95

SHA256
116900730cd7c139cdfca8a5aae8d0d5b1fbab19c17c4e9f9696b3c5117ef042

SHA512
5a2a9bdd9f08efe224b84a85c2598c9c4e197c3cd064121848b2e6e80962d0c04a16af093b3cf6103c2c6882338a9990838351a00f0aaf432790450db02b666d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
8b940fb87d68cbcc930932f3af5d4ab0

SHA1
66a14b7745be1ee9ffe72a4099f3cf914671a242

SHA256
64b27f4ee7542a594c101a232918c858aa7d4a58e1026f5986da387d29d0207d

SHA512
1571a53de5d1f3b7773b4143439d99e9801cd8778d5f574a46059300e411fd95d72fb68b2b43455255275645b3ed9d678c02691b97bda2440463df8817a14d74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
f90272f06b7df16bc09df431b9461f88

SHA1
a50067dfa497968b187a7f64ee6e392f763151f2

SHA256
007fbe3be2240a7e72de01c31ff1ac64a5740b3a1635c69ca726c62f1182a587

SHA512
4b7083b3628e72166b6c23ffbe7a6ca4b6be38c2fdd26306b505b760e2a6605eb48d34d288353a70a77b7324ba1c6d34de26587d95562e11b63e7e39e36316eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
122KB

MD5
3fc28a32e6a615a1b52180f0f0ca7d23

SHA1
d3540832e3f2168bd5f9ee28451bb8e4c7825072

SHA256
e57a425841dc46aacfac229cdbacf8ae1d02fd7b95424d19e7aecb668cc905db

SHA512
32bf9d239790ed86db56053b0ef03a3a194e580e6d5f16dc643aa249f5dc666cfdceef43281650778d0fee45490d177c1fa73d8ea87e15b6213f081a1346e1e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
103KB

MD5
5dd37581a812c3cb09582870f591e96f

SHA1
323976563114ba5c03ab24ae166e804fd9057384

SHA256
aa2278c205175a3ce45c1b9d9aebe5bc796df108829204226962adb602d791a3

SHA512
e8e21aeb3d13cfa9adc9ffd5b95dd9b25eb8474634036c8b036171ba4025b451e412169b3487d079ec23b3e477eacc0d1d029ff553477360e7349517beed84d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
104KB

MD5
1697a2b7adfc344da224dda975b21c2f

SHA1
d2a1c05f4251e36b7c37607c0aca9d925571ea12

SHA256
c5abae97e90f2ee21c4eafdfeef3fb6175e8f8f5a7792434e3ebf4d164cda461

SHA512
3cd2635fa7e6379c1772dcfcc243988dffc0621e6953d6e877cba44f98eddc136c3ba53868c9326f9c4f746d3af85abcacc72a9f4d4c754f8fce30d2f4fbd903

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
104KB

MD5
cc6236268d291208c6808116de5a10a2

SHA1
617d0c2eda0b0200088c2bea437298e192f4a1a9

SHA256
263f7c223c144899f59a65ef03439e3092c8d34a9280ac6b0d5951eacf262f7f

SHA512
b0939286ffa05cd02e6d2fdbd081ce31c84b5548b11d5f3cd23800dd2c4b6ddc5fb5d51c118daddbb4f9b35cb417c664306e6f951c4c5e894dcc4cd7707a7c05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
121KB

MD5
3e9a4759d01efb1a4a66ae85914003bf

SHA1
b79e70f7bf1f9b16bfc1a7625660680dfc0f422c

SHA256
0a4d75fd4c309f781675a6bf835f19c844d4df4e27b715d511171e1566bc704e

SHA512
2f3c67c6842f4dd894103b24fe46ab42e9159d2376df3f42e203e45baa65ae72f6e8399966718ed9abbd66d7acd15dd41a3665a5deb30f4a6dd30006d3efd9f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
103KB

MD5
6dd7ea668a58b3e9f851dd70cb400e4f

SHA1
d0c7d728b2f6dbb5454f5bfbc23d26c196f4b57c

SHA256
c626948065524817834d8b21f406eef2855aa36d6e58de15f300aa5d81d879f4

SHA512
e8b3038b1c503e5521aacafb129f914ed05115db066db2672e469e73a27698e81bcc190a5556cf99d88c45dcc74d95cbc0b89363d75063f5a9af815c0395c6a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
97KB

MD5
d74c1718ffb1e68b91939a67e8550eed

SHA1
6645457522a96f6a6465d9011760fe48ba96eaa7

SHA256
2cbba4c346e65b9c65cc3227bc68c4ecea0934b24cb91476957691f83f17166e

SHA512
730d8c4762b8537db917721de4567730d0e1a40a4cde88d341cbba8c173e8186a1133d4cdc5a0489f61eb12f8946fb4eaff08dc7ce17e1c1be3f564ec34719ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58eba3.TMP

Filesize
95KB

MD5
9b5e134bf8ed3d4e7ded472ff190a983

SHA1
c8a28b16f44aec93278de0d3b5dd35e39c56d7c1

SHA256
c7ed9195c34538610ebe2f1b7e70ff2672cb6826073186441de5b6311b048066

SHA512
618431d8c153b14e94066e2ec505e95acaa8e8f12230cc16fa8e398d2b03e8edbcbee748bfd94d579e298512f876110306ec3e70936529e9661ed0208ad49b0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit