hxxps://nts[.]embluemail[.]com/p/cl?data=%2F7yOuYbl6neimxty%2F9pwlUGT75ApLRnz8BYMHKHo%2B%2BZfCrK9L67avPWpPRQ3suZzEsz0zqe0G%2BFWjwwFZkYUQw%3D%3D!-!8j[:]fl6*-*8c3go6,!-!https%3A%2F%2Fwww[.]experta[.]com[.]ar%2Fart%2F%3Futm_source=emBlue%26utm_medium=email%26utm_campaign=Sistemas-Mail-Triggers%26utm_content=142_RECORDATORIO_VE_SINIESTROS--Novedades+P%C3%B3liza+460748+-+An%C3%A1lisis+de+Siniestro+%26utm_term=none--2--none--90-100--TRIGGER%26embtrk%3Daf1-R-40303422-R-8j[:]fl6-R-5f4bma%2C

Analysis

max time kernel
24s
max time network
151s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
11-01-2024 18:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://nts.embluemail.com/p/cl?data=%2F7yOuYbl6neimxty%2F9pwlUGT75ApLRnz8BYMHKHo%2B%2BZfCrK9L67avPWpPRQ3suZzEsz0zqe0G%2BFWjwwFZkYUQw%3D%3D!-!8j:fl6*-*8c3go6,!-!https%3A%2F%2Fwww.experta.com.ar%2Fart%2F%3Futm_source=emBlue%26utm_medium=email%26utm_campaign=Sistemas-Mail-Triggers%26utm_content=142_RECORDATORIO_VE_SINIESTROS--Novedades+P%C3%B3liza+460748+-+An%C3%A1lisis+de+Siniestro+%26utm_term=none--2--none--90-100--TRIGGER%26embtrk%3Daf1-R-40303422-R-8j:fl6-R-5f4bma%2C

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2072	chrome.exe
2072	chrome.exe

Suspicious use of AdjustPrivilegeToken 46 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2072 wrote to memory of 2104	2072	chrome.exe	28
PID 2072 wrote to memory of 2104	2072	chrome.exe	28
PID 2072 wrote to memory of 2104	2072	chrome.exe	28
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2748	2072	chrome.exe	30
PID 2072 wrote to memory of 2624	2072	chrome.exe	32
PID 2072 wrote to memory of 2624	2072	chrome.exe	32
PID 2072 wrote to memory of 2624	2072	chrome.exe	32
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31
PID 2072 wrote to memory of 2612	2072	chrome.exe	31

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://nts.embluemail.com/p/cl?data=%2F7yOuYbl6neimxty%2F9pwlUGT75ApLRnz8BYMHKHo%2B%2BZfCrK9L67avPWpPRQ3suZzEsz0zqe0G%2BFWjwwFZkYUQw%3D%3D!-!8j:fl6*-*8c3go6,!-!https%3A%2F%2Fwww.experta.com.ar%2Fart%2F%3Futm_source=emBlue%26utm_medium=email%26utm_campaign=Sistemas-Mail-Triggers%26utm_content=142_RECORDATORIO_VE_SINIESTROS--Novedades+P%C3%B3liza+460748+-+An%C3%A1lisis+de+Siniestro+%26utm_term=none--2--none--90-100--TRIGGER%26embtrk%3Daf1-R-40303422-R-8j:fl6-R-5f4bma%2C
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6e79758,0x7fef6e79768,0x7fef6e79778
  2⤵
  PID:2104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1164 --field-trial-handle=1224,i,11926414738339487569,15146558505374218381,131072 /prefetch:2
  2⤵
  PID:2748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1612 --field-trial-handle=1224,i,11926414738339487569,15146558505374218381,131072 /prefetch:8
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1224,i,11926414738339487569,15146558505374218381,131072 /prefetch:8
  2⤵
  PID:2624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2272 --field-trial-handle=1224,i,11926414738339487569,15146558505374218381,131072 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2260 --field-trial-handle=1224,i,11926414738339487569,15146558505374218381,131072 /prefetch:1
  2⤵
  PID:320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1164 --field-trial-handle=1224,i,11926414738339487569,15146558505374218381,131072 /prefetch:2
  2⤵
  PID:2352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3344 --field-trial-handle=1224,i,11926414738339487569,15146558505374218381,131072 /prefetch:1
  2⤵
  PID:2824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3944 --field-trial-handle=1224,i,11926414738339487569,15146558505374218381,131072 /prefetch:8
  2⤵
  PID:2932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=756 --field-trial-handle=1224,i,11926414738339487569,15146558505374218381,131072 /prefetch:1
  2⤵
  PID:1492

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2932

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e189e7923c5202d40c850629db8aa12d

SHA1
2d0a67bf7d4df1eec311293e50eeb429ab7170e8

SHA256
234a9d1ba00552cfdd398e394dbf1a009c92a5241060b1adeee84cfe0485b124

SHA512
9b2ed3ce7c0e6ce192cd003cf6e4c5685ecb5d3c310f388c83b0b9e4880516f72d69fce2f1bdf9e27778063ee0997d678b68796d475789bbc675bc26bcfaf2ca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9ba30a6ce47204907ebe3a8a3a8e3177

SHA1
54f29b6d9696ea70a883daa7d2761b43fbad3edc

SHA256
df785163ed375f824dfee9e165ecf96dad3fcb3e5848aa9234ab68e494c384aa

SHA512
621e1423a815af2aab5bccfa5091ee561805bdbd9f16745b58b934bbfc214c9d48e2e995aac2746ac27c12b34fd9313f86d63eac2ca8e278423d12a22cb1197e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b5ebb4c2b996a1cf62c5df6b6d7c2848

SHA1
3b0e737b62b9b0ae99153663ff25bdd5158ad661

SHA256
1e7a5edaf5fadc8b0d517a6aa0ac84437e257298dd5ebe16a468a254046b32b8

SHA512
435fe45b782a6268cade23184f882ebe71d838f15d69b50130d4dbd98bf2494916edd7a163f8c4fa16459999e073a01e676fff7b2c48ebcc80be35a7cbd885a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
21ea29b18dfb59ebce4cea63f3f85960

SHA1
92a69b28c89e4a5f7ea3a1d93d29fa177c322363

SHA256
705b8f81ce237715c08b474ff79d508bd04da388a41c388452361f2a849f1315

SHA512
49504b64bf847eedd211e871a50c18e00402c177ba377e868a3ca4ae1099aa4141c0db88146522b09509660e697219ecfa5f5d6a75d721036d2fb624857bfb4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
216KB

MD5
29f3b5de369947720b2cd5574ecb1ea5

SHA1
7cf4373d4471aea8a5f3511893f8155dfc194577

SHA256
66be19b433b653739b10c257365d71d110958c8a150dc19c0948c27fec3ab5b8

SHA512
b0f82658be4f39f41579b62dccd4ac860a1a385a2b4eb3aecf91998615ebb4c34e95845fd565067d295ab35c47eb8287ff365a6505a663615dd75669f453bd59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c6ebd1e353d2d700460601af9a8b2d0f

SHA1
0ab1f9b21a11248aa72e4c4c021daeff0a505286

SHA256
cd4eb55daab5c6b5bd96acc6c9f80df7a4802dfd13766a1ae8cc65d093c8cab8

SHA512
c969b4c9c5114bde77443414692c97411ade42e0ff3905c9b3e7cf010b916e41d1a8d746238f4c48184a36059eda1e642b158ffe9d663a5d966afd23084ed5e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
527B

MD5
1ac8b8e5050089aef27a51fafabb1cc9

SHA1
ac22e7ae9483b2e1671c0196bfc03e712d257533

SHA256
1e7f1adda742d0071faf32dbcba67955918491107c8fb41202c4a92fb54da6b5

SHA512
d3a19d264985aaff6575fbd40fcf6af06b0dd9ef425dac67811748d9f2bfb9f5f8c47ad5866d8a17a88364eedb39f8481bcc4d9f09c5a273345ae599b7fd08b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1010B

MD5
eb11228fd96c8ddf4def26ab30c53492

SHA1
902996858e2962d8c82fde8af71c88285ed75f6b

SHA256
6f67eae80c9308f76b312312446a90e9389714db314e8324f2d7eca2b0724241

SHA512
664f757f3eee769394a95fb7c633d59b93564f3c5ce3f3b4771be73f1becf11eb93702288288783ca569cdebff3b4572a3a73583bc5408fe6d874f775a3bb76f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
18589031f7b718e6d3b9c705e5b35109

SHA1
faa03c964cfe25bbb88aa0c9df77909a7a0268e5

SHA256
286394dad4fcdd96addd6f2ff2785d6b8e946beea5977b6cd86d603d1feed412

SHA512
9482ebf860b5c6ebcb0f078a2a14aa2b263a633dc7e28956d8ba38735d31730c61f3970cc0085d307ae1438a043a8d1256ac5e6a4bb95fd5ec7e4fa6b4ba7af8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
371bda61d8f3235ca7291559a1a178ed

SHA1
abe9c2e341bff2a1eaad122e64b0a60606ec1a05

SHA256
d07b7093a7733696dafcc7fe6f6be329e78cc6090c33d178f78d0541b68b30a7

SHA512
e2f19dc010e8d735b77f9fbff4333a16c7c552f337b700ee5740aa59d2d99172a05591ddc5259c744cacc73c08a96d78cf77ca7c03f07471296dd8c2517f9426

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
bf6daa2d602b42090ae8777c92483208

SHA1
9cd3a2b2ab6205d0fa225913e675ad398732d18f

SHA256
8cf461ff03e0a8a82805ca8a22483df6be93e651601910ae1a0751f7eb8f6330

SHA512
faa0d589ed5ce5e7d6a9ae2f887bbe0562460bbe5783fe2871e466a84e0f19b4a8fa594801f0e6785ae2d6d160c1982f6b51f8d972207404e659cfef618efb5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3F92.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar3FB4.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit