hxxps://indd[.]adobe[.]com/view/26b7d1a7-b688-4e2c-9152-ff918b3a94b1

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231025-en
resource tags

arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
submitted
22-11-2023 19:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://indd.adobe.com/view/26b7d1a7-b688-4e2c-9152-ff918b3a94b1

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133451542289468557"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3312	chrome.exe
3312	chrome.exe
5376	chrome.exe
5376	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3312 wrote to memory of 5028	3312	chrome.exe	57
PID 3312 wrote to memory of 5028	3312	chrome.exe	57
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 880	3312	chrome.exe	88
PID 3312 wrote to memory of 2572	3312	chrome.exe	92
PID 3312 wrote to memory of 2572	3312	chrome.exe	92
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89
PID 3312 wrote to memory of 3368	3312	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://indd.adobe.com/view/26b7d1a7-b688-4e2c-9152-ff918b3a94b1
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff2a5c9758,0x7fff2a5c9768,0x7fff2a5c9778
  2⤵
  PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:2
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2176 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:8
  2⤵
  PID:3368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:1
  2⤵
  PID:4560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:8
  2⤵
  PID:2572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5064 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:8
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5140 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:8
  2⤵
  PID:3076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5104 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5080 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:1
  2⤵
  PID:216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5540 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5652 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5212 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:1
  2⤵
  PID:3012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5708 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5756 --field-trial-handle=1028,i,8978915033957638952,9402764784979990296,131072 /prefetch:8
  2⤵
  PID:5288

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3076

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
767a73b823f98fb6bbb3c7c7adc7b834

SHA1
bd47de4d587db20dd0fd336f5bb4442fb98fa1e7

SHA256
5fbb5e142ad70aadd3e723984c9e6ee5aaf4fb15d46de9637a4835ee0f5c4026

SHA512
59d937d586559491be65ee10a24254c128f06bdbbeffd19dcd9d95ac0c1036241ee6e9703cb8295cf715578b3207bb08dd83024510afa5763358dd1818a7a466

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c9ae69a8db5b90e1ac325bfa11f04161

SHA1
84cea9815ef0ed97a203417a407c900f51414f34

SHA256
1aa2e456e15849c28cca975cb0f0749274086beb49429f84347365059be68ac6

SHA512
014c6e80534ad0b75ebcd53e9d283291f49458fa8770c0add53a11ec4558feb560f8b5cbb39fc6ff990d8802d454ea5ca07fc585e6445ca071bbe5cda2cb27cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
9f1c0e580de736615d1bed92b12e2bef

SHA1
0afcaf1689dc2cdff3563e173e5c151701be4bc4

SHA256
98fb89ad086c12c4683e9903c47f3b09a91e17ccb06d2683df36d32885a3376d

SHA512
7dee7aa88e470501bb22eb77f4a1f9126b4c4deb1a7ee0dbc89fe54a70e9f5e5b0aafac4ec5aafd75024e80c0d78b699d0efd8de36ac6afce0cfbf97cde524f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7ae27c70f2b0c57f45e84d44c5e4d31d

SHA1
f1b1be7ee3228ae4d1c34365f017fe0a7722045d

SHA256
467a5651b25e7e8b35cdfad551f2ca05e976b3fb77f96dde1ecc0fddc0389aa6

SHA512
337e1751658fb107245926334a0931858e83f90fcc36f25221c7cd0b455a49c77d9f8bb475bf354a9b20137101e3b936c2f7cb4afe37325a8a38d2db8f44aeb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7ede9a97d15ff1651efc89cc77b16c13

SHA1
47a127f9592393ce8774a6901ecf72ecdecede15

SHA256
42a6223fda051af730a9c35a99e4feae5a0031994f0cf266aeb78f4ddfc553bc

SHA512
dcc6407ea428c705e34b6c4f190804281f384522097d630ac969879eeaaf3ed8447410a2b531a991d655f13d0ad1111a3e00198e339ef0daf39a9f72eec51e48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
40868fc18101c5acced3aab6514e8089

SHA1
9590cc38cd2055b8377435fd295628157b2f33cb

SHA256
02ba468c58ba29d60250028f4c28fa5d80cfeb7e317d98b87ba53935d94aebb7

SHA512
ffd6353c3fd4ee64f1d2b5cd111ee8325470c7c646982370fa6ab9efda342257f5a412db4e1b1060512bdb16fddab761a1c8be431df4302abfd97c01c34db436

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
be6e6651c23a7346bb8cb46862cf80ab

SHA1
7fffaa62223fcad5a8d9eafc2f240308ed871e0f

SHA256
0fd02f29acaa984412d3626d8df967ebdfbe20e23a497cbf2db14a3610c8b149

SHA512
20d47359ce04257f43ff325bc3d4117f9886d88ba2d108557af006c116c2712f4d44ebc2af95c484cb14a00ae4169976515ef20e10ca1ebaa576d4b887704668

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
215KB

MD5
7745c4cda830571d02c39eeb5f80fe54

SHA1
5cafd3e536598eedb804a61295f907e2af92943e

SHA256
f98e0e9bde2607ac3e4a1441bf9a7cf407d2dcc155d1dc9d84c0503adfba1cbc

SHA512
457e982466fba83ad25af57b1d7211f1102ac255dad1c10e81ac3d13cb5cea30e30899ad44ed6d4eb1a4ef8b4523b193b71c92b80004fd8dd28a097d91ac00fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
104KB

MD5
748ccf954317ce8a38bee0acaef58666

SHA1
b42ef93df4bc2e44f3fba208e2b53f940e5310bd

SHA256
b1f22108bc730ba499cef21c7d53ab3238206f21a25849ad7c90ac81da6154c0

SHA512
c90a714597a5fc47db5483557569a953d0b66e1b3dbdec19a5648f1fab5958a12d7e46a7ca34450f27f752b53e8707f471ccbb480ec40b1f175b0ca3f1112f2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59769d.TMP

Filesize
103KB

MD5
cad5d0e1180a8e27b9ff58c7b8404ebe

SHA1
ee3c964f5c2e298b85eb9d87beb8e4cfd9868025

SHA256
af13a7c7867f48f0e0f8aa3f22e83b12b2148511cb7af49d16b54a83b3346b62

SHA512
833f01ca6e4f2b507d3814fcaed0e843592395c81ccec04ace37cea5b8dcd0c930a922ad6b2454dae0393babbc8429685c824db6b13a04858dd2478fbc552731

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit