hxxp://www[.]idealsolutionsblr[.]com/

Analysis

max time kernel
36s
max time network
39s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
02/11/2023, 05:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.idealsolutionsblr.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133433755255936397"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
540	chrome.exe
540	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe
Token: SeShutdownPrivilege	540	chrome.exe
Token: SeCreatePagefilePrivilege	540	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe
540	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 540 wrote to memory of 4452	540	chrome.exe	45
PID 540 wrote to memory of 4452	540	chrome.exe	45
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 3424	540	chrome.exe	89
PID 540 wrote to memory of 1352	540	chrome.exe	90
PID 540 wrote to memory of 1352	540	chrome.exe	90
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91
PID 540 wrote to memory of 1384	540	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.idealsolutionsblr.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9c0479758,0x7ff9c0479768,0x7ff9c0479778
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1760 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:2
  2⤵
  PID:3424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:8
  2⤵
  PID:1352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:8
  2⤵
  PID:1384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3024 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:3808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3032 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:2556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4652 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3440 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:1780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3348 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5144 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:8
  2⤵
  PID:4844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:8
  2⤵
  PID:3860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5340 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:2776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5504 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:2528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5792 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3868 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5656 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:2852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5540 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4048 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:8
  2⤵
  PID:1684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6044 --field-trial-handle=1716,i,15176011506644564499,6118127420805934626,131072 /prefetch:8
  2⤵
  PID:440

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3396

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
274db86f0aa08d1f9f9ba03f141f0e20

SHA1
36712e2afa47d13b5fdd2be3091adb53857b26ce

SHA256
0a82da3470b2381f9c85c33d201a089b4110b2c70ad336794b9573406b48281e

SHA512
4bdf734bc6f0dd2b86a99af9611a1579fb36d6e9bf9916f5fc708567622a0b9ce2983171741712117ebe8fc22879e0fce0abee63ab69bfe2c361b3566fc17f76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
b3f7421df7080fad8c3c5164be2275f1

SHA1
d1b49f4a72648e40a488cd0441876812b4173d83

SHA256
01553f0413b5d192fec446c6f9cbe5012135795fb224ec8b42da57500d376d76

SHA512
9b49345e27dbf4827a1e2f7fee83173c231c4127d74a4debeb9751df40d4908b8a79679677b2045d000c61db9cb7a7cd56aa08ef6137ccfc3627642e9c716df7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
97a999ba13e2bc4394915978a34628dd

SHA1
3389bd7534e50ef5c575d3da9b54ec3871f5bc41

SHA256
d03f1cde85b2eb69a59237bac55d87134964ebc86f9244cada0bd0fccb27c689

SHA512
410ffd395511749b6591c5b74dd15201eca34b1fb440ee2a727461818731a1c7b729c4fc75d19faa70195cf2e277ea85df39e633448dcc09dd23075b74cc1467

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
3613f1fbf34be5e499cfa3c007b8aa83

SHA1
1be775fa4d5991632666f57da8392aad2a4b2bc9

SHA256
d28656224b7cae43f19e625c396b55358a61e6d2efab55e48020924d535faa70

SHA512
3b6fb299fa9d7a28939697052c28127a7e4d737dd748d6ebe52ab8dd928cdb238486512d8a3dc84350487009dbbd7675f8a0b7031254562b73ccf7f85a7dfd97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
2c43766add891c7864a5a6514f8d72dd

SHA1
1c6cd86d30effc6e41ca588a991e6cdac6c063ad

SHA256
ab9955277482ffbbd612ee77c29cfdd989bab7ae3260dc099486288978927865

SHA512
372e205b0c3d82f5a80a4660a2b87f02b803f62d191cea3f99154858396f1d4160a9eb58f533f4528129f8d7adb13e01135b4b232a1b47b8c05330aaef85c2d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
9883b42bec7e26a4a8b8b69fe8330d6e

SHA1
ab7094835979b5f6ce4c04f9476b70da4e05cbd3

SHA256
34ac5a60a5c48abd7f26095d3a8c2278ea098f97c49289bbf9f1d8ade6de26d7

SHA512
9f445f6dc85dd69d89c38fc79b72056e9df969ccfed0f2f8da132dc25ae9885b277a6d31af342edbeaae6f6b036ef66edb2ea7ef2ffd6a97026f2bf6080e48c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f28e.TMP

Filesize
48B

MD5
3fd945295664768828f73a46705b19bc

SHA1
9e36bad7e8c2cd1fa3533cec6a326262edf47b7b

SHA256
262c84eed290ac78da451317fdc01009fc653e5fcff9b7a5173f8eec6b77b649

SHA512
2c3024837aab34e2eff77ea9a8ea51f2b457e9db5d49435c21929ca82faf8f7577756ef5c352f6db6a443cc74f1bedc1bb2c7a35ae053c4971ba21aeb7a81d64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
214KB

MD5
2919559e3b824139a324be00cf230e02

SHA1
05584f44e22a6a62e1fd89e46ab1bc4707c80612

SHA256
e24181f563f521fb7f0547f3743a78cb4656ff12df1e2f38d95309ca57604d37

SHA512
7948b916345a8e3a68d74b27d87ef67959ff6baa229619805de4eae39e6f904fd45e0c5a6765f8880f55215e2963d3348493df2f90e3c2c05d2863f66dff35d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
214KB

MD5
cd7ab4a5f50cf26a59330bc08fcf4455

SHA1
1d97c021b8583ebcfe3c522fe4060bd893c213a3

SHA256
ec4354e1aa63a6ece1dc53bf0292cee66be544f323e4229feddeb145ff7eb022

SHA512
517c1684b8991934067dca4efa26136158f4889462cccdbcf133a94f99e0da418163e15b284cac20613368e70c74566bfbbc71c4a1b61536efeb225801c58c56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit