c21996d9bf78dc7172b5eaca6d2dedbb17ef0f86e9b23a6363550183e52778d8

Analysis

max time kernel
146s
max time network
154s
platform
windows11-21h2_x64
resource
win11-20240214-en
resource tags

arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
submitted
20/02/2024, 10:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Autosofted_Auto_Keyboard_Presser_1.9 2.exe
Size

1.0MB
MD5

e60e845933d747c615286b762630919a
SHA1

948d219d89dae0a277519978b751cb70991eb577
SHA256

c21996d9bf78dc7172b5eaca6d2dedbb17ef0f86e9b23a6363550183e52778d8
SHA512

7a4210fd3a5e3542057fba5a86735ca69dc80b43cfc38c88d62423c6d297d51d8a150a97acb75af6840862d098168f711fba218124c8271ede5961e1e1e26907
SSDEEP

24576:VCdxte/80jYLT3U1jfsWakzyFaBT8t+0Q:8w80cTsjkWakmaw2

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133528983864413920"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2892	chrome.exe
2892	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe

Suspicious use of AdjustPrivilegeToken 38 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeCreatePagefilePrivilege	2892	chrome.exe

Suspicious use of FindShellTrayWindow 36 IoCs

pid	Process
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe

Suspicious use of SendNotifyMessage 21 IoCs

pid	Process
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
1924	Autosofted_Auto_Keyboard_Presser_1.9 2.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2892 wrote to memory of 2332	2892	chrome.exe	79
PID 2892 wrote to memory of 2332	2892	chrome.exe	79
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 2160	2892	chrome.exe	82
PID 2892 wrote to memory of 1764	2892	chrome.exe	81
PID 2892 wrote to memory of 1764	2892	chrome.exe	81
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85
PID 2892 wrote to memory of 4520	2892	chrome.exe	85

C:\Users\Admin\AppData\Local\Temp\Autosofted_Auto_Keyboard_Presser_1.9 2.exe
"C:\Users\Admin\AppData\Local\Temp\Autosofted_Auto_Keyboard_Presser_1.9 2.exe"
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1924

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffca1979758,0x7ffca1979768,0x7ffca1979778
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1864 --field-trial-handle=1940,i,16229476239869576019,2205605989066355239,131072 /prefetch:8
  2⤵
  PID:1764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1940,i,16229476239869576019,2205605989066355239,131072 /prefetch:2
  2⤵
  PID:2160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3196 --field-trial-handle=1940,i,16229476239869576019,2205605989066355239,131072 /prefetch:1
  2⤵
  PID:2908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3168 --field-trial-handle=1940,i,16229476239869576019,2205605989066355239,131072 /prefetch:1
  2⤵
  PID:712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2040 --field-trial-handle=1940,i,16229476239869576019,2205605989066355239,131072 /prefetch:8
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3656 --field-trial-handle=1940,i,16229476239869576019,2205605989066355239,131072 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5008 --field-trial-handle=1940,i,16229476239869576019,2205605989066355239,131072 /prefetch:8
  2⤵
  PID:4776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5104 --field-trial-handle=1940,i,16229476239869576019,2205605989066355239,131072 /prefetch:8
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1940,i,16229476239869576019,2205605989066355239,131072 /prefetch:8
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5284 --field-trial-handle=1940,i,16229476239869576019,2205605989066355239,131072 /prefetch:1
  2⤵
  PID:4912

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3116

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
194KB

MD5
ac84f1282f8542dee07f8a1af421f2a7

SHA1
261885284826281a99ff982428a765be30de9029

SHA256
193b8f571f3fd65b98dc39601431ff6e91ade5f90ee7790bfc1fba8f7580a4b0

SHA512
9f4f58ab43ddadad903cea3454d79b99a750f05e4d850de5f25371d5bec16fc312015a875b8f418154f1124c400ae1c82e2efd862870cd35c3f0961426c8cd82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
7c13b49052635807946da172d8da02cd

SHA1
d1706505c43c327d0bd7b4836590e7cc59e06886

SHA256
44807ba66dabf74393ccfb6ea7150d48138994a15b956e51a5341ca885683c49

SHA512
4a4ddf0ffbfca9af83a7220f3dd644aa5925cafae42b07c096c839554082f73818b61006cd9dfb9e4e0cfc4dee985b7ce3da119d4c82c561779a83718ded5140

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
222f852e812b34843c7215a8a4a850f4

SHA1
b17bcc4b03054c82ab7264f055b8c43b0ee5ec71

SHA256
dd14a925d797c7852a07079a0d0920aec8ff448d33a8d645c4d90d55851221a8

SHA512
46f0f477646ffe157db70980d93d340c9dc4cc740b25b6a5936195e10bf0e78d4b66581c67c943d66385b2e41f1418e5b16344a7cc9fc334004fa82c5a4f6298

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
a137987952a6fb19db461a63dc20dccf

SHA1
9cd74e54fbab1227e575d8b8fa5a037e0921abc8

SHA256
17489797d1d71ae74da83561d2e1191465cf56d7e4b73e8bee6623f1355fcf11

SHA512
d17616d11ef937ae20524625fe504ce6dbff07cdd8ca446a25c385e82654e2807031827de3d9852e4a199cf74527bff65a1fb4aaa77dd38e8a8c3060e1c719f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
6dc14e02db1af2d4bfb43ec40a8f1278

SHA1
09303a746d80663296db3566ea04739d1e371ef8

SHA256
0a2f248997dd5e72684c2dfbc57ec723a023d535e4dc74498c9533e100d3e79b

SHA512
f6c003257ce74d233f80ab5f1f58db0293833bcecbe47881760302ab905292df5d3b4af2796a4b87a35559c24870103d11c65673be35c42a1d9b0265bd0e8167

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
95312de6c86741025e4d75538174e2b2

SHA1
b07408c68cc4f418e0e3a4285e9e2bedf94eadd5

SHA256
67f1cfafe6cfb7cf2f5b3046f59e4b5ba9cb9384665f8c049229845780e39fe6

SHA512
305fb6c67afff6f3e1a3e2cf409b03971e6266ab35dbb5f07ba49650594cf6ff12e30c2f6e4e6bf0b38698495784dabb6f006301495d54f52b4a178d44d8da5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6cf0e7f886b2fb67ebf3a6965c12d784

SHA1
f40d892d3bed815c811651f5509a261695c999b6

SHA256
3b3adc85e4384e73190f3ef444454162537691fc19384e8602f777bf722fba5e

SHA512
d2994379bf8d368585bf8b60ce07e20215d5deb757c8113c99690514e1c871c6f0fc2c9513710b6aab0bc676d59f195e7832d8f7fc05823caef2ded957f1e91e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
03fe79ca35d4168e465fe8450e20686b

SHA1
7148d417171293d7431cb56ae6f72c3dab687d19

SHA256
61c3f26f536be5c8f9f26e9f3f5df6a215a8d01e878a1661079564964d2b6511

SHA512
ac1ab191e801598297a82520ea99dbd2821ed311c45169502c00571d6504919f8de45266917d69d47d6e3483deb0fab7052c6b578759fe7e28db149b5f32ccea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
bea7515a633abe432b810322082123b8

SHA1
37b09f95d75c0d11434a0a5b00ad0e668873f90a

SHA256
e774b2220274210ba5a3891bd5a23f598acacb81f751c779be64fce9b2b11d49

SHA512
c2b286f62b393ecee3054ad8a1a888a79fd16aa5853e527652369f0a11040758019daf5ea4d2e9f6381ecf43c9d0ca27f621da586ea11edf26efdbc089662442

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
cee2292693d032c30668b6e064414acc

SHA1
fb9350e38f2bf81990ab29e7575e67994702d2af

SHA256
bc083e20bfa5a6d424ae82a6db50e1d49d142c968605673afd98de0d32ebec10

SHA512
a0fbb078de06b4b92088d43a1f69f59f95cdbf4ea53133e6d1361e8b6ee3bd777d69048448b9cab2be853981548249f4705c78ec713a9f568cab8161b207c0ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit