hxxps://burtonlumbers[.]com/10a78b69bee3cdcb47be1889d13bd92b65f9e8be5725cLOG10a78b69bee3cdcb47be1889d13bd92b65f9e8be5725e

Analysis

max time kernel
150s
max time network
150s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
19/03/2024, 20:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://burtonlumbers.com/10a78b69bee3cdcb47be1889d13bd92b65f9e8be5725cLOG10a78b69bee3cdcb47be1889d13bd92b65f9e8be5725e

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133553520638686558"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
1868	chrome.exe
1868	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2520 wrote to memory of 2948	2520	chrome.exe	80
PID 2520 wrote to memory of 2948	2520	chrome.exe	80
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 4348	2520	chrome.exe	83
PID 2520 wrote to memory of 3432	2520	chrome.exe	84
PID 2520 wrote to memory of 3432	2520	chrome.exe	84
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85
PID 2520 wrote to memory of 4904	2520	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://burtonlumbers.com/10a78b69bee3cdcb47be1889d13bd92b65f9e8be5725cLOG10a78b69bee3cdcb47be1889d13bd92b65f9e8be5725e
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb39eb9758,0x7ffb39eb9768,0x7ffb39eb9778
  2⤵
  PID:2948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1532 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:2
  2⤵
  PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:8
  2⤵
  PID:3432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1668 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:8
  2⤵
  PID:4904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3156 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3184 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:1
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4484 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:1
  2⤵
  PID:2884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3904 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:1
  2⤵
  PID:3588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4672 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:1
  2⤵
  PID:3244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:8
  2⤵
  PID:3212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4616 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:8
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5368 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:1
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3408 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5116 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2276 --field-trial-handle=1776,i,5878730379219430430,17733764046927389938,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1868

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
384f0c31fb6e35215f86888fca93ed2d

SHA1
ba9a372c5a1947abc9945618533d96b866c671c9

SHA256
6d247ef1f6c5bae359a214c53dff2ae445e91cdc7efcf0698ea69c32f3e472d2

SHA512
5c42ba1f028772364b1650dbe132e8b1ceec4a19f1f206c58d1b73c64eadf4c7a8b5dd8e82de79e08e1f69431e2d138cf89ae191f2869f11b2c376d682d12aac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
2d7e5eca4097b3d086da2e1f5d680c30

SHA1
858ce3a67a89f5dc07040c857dedc112c697860e

SHA256
e0b213d860f12f6e1ae992b3b3815cb33624e39a86c86e913f58bf1bdf13daa9

SHA512
10656fdc7b30c6f7a0eff23371935fdd56f7cdfe8376a4c5957d45e946a09a3de36d06e7d576525c733a60d45b451b5ec7e485919bf71651a63013cb0974168d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
57e1ee057cf9c998b874b5ec9f6ad84e

SHA1
5959b05ac4f0d8301ed837e6f69aebcd5470ae8e

SHA256
c8f7fe986ffff43d9ffc2db75a7b907b2145a4e0fcde0d8340c8a544d74f86bd

SHA512
944f2b63d262dc60a3648be2adad0194adcf8b7ca01f7c329d596d24dadb14b3ebe83e8da3bd69890b3bf974767d3110c373cb84cab1eef1765ed55704055f6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
297733775f8166acc107de961ddfb2fe

SHA1
a41691ac28eed06be2e61027d1d063c433fe2866

SHA256
1e2b976a2987020c121c391d4405b77115576c99c3a959ee3f539ffc6baf4f9c

SHA512
db460a35e509fd978478279f5cba6d451376b9c284f19d8de71769a232dd6711394ba83e7e7cfac73fe32ea43ca53bfde137b6f852bde5d4285ddbb50a2ed572

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
79b94ff6c0b607b56022042551029bbe

SHA1
c564b6f9e0be836a314b7cef6809de20d8b5aed1

SHA256
e1021d9e54e478ec9dd277ff9b604144001ead3d58d3de4c15435d0b88103035

SHA512
5fbf196a359e8f1c0bfc0d663afacfd8bd67a077fd4b2d4f6a4c3868b148d03b75809f0d86872eae869fec7fded0d5b375b1309a0e5ed5dc48e00a43258216be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
76ece1b4ec08d370413f7ae5640b121c

SHA1
95f78755f0dc36d086cb475c24bbea835be07247

SHA256
71d0e7f8c7b314ba19d33efcba17c8cad3fef1a7a35f23a13b88dd68d4894f23

SHA512
068e2a33c7bcec255cc28a7e52d6c15f84ad33b67ff905610d1d974f42fe0a91179c0d8df94b1483d457f0fd33b9346fa85370e9a929c7780eea193cf153a84c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e77744bcb4593b926969cb5737b39982

SHA1
8eb927bcb0a66efa0fca2a6f6c0fbc9cba1bc02c

SHA256
4c2faaff14fb9fee68fd15f764221a82af35d396e275ce4febc5b464ef0c6a97

SHA512
1ac088b7920240a087a855b491974e696fcfe7700e8a1d3f62b7d8d187aeb66cbb9be5fd9042530fd242ebf493c8d56f3d2cba926e072b711c6b085ae04ffd18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bb01d5c1dd567e6329f73c19c8c9f4fa

SHA1
82409843271b3ec2c5326a32ca17cfd1db4c2fbd

SHA256
e74416b5efa0c73bf9d2e726f92d2fdd251a304c4eef5fcb382db8287f2d04a6

SHA512
2de9bfe40634f6ebee212d93e2618707fe9f312ae7049a14af0e88a2ab3b3878d9bd2d351e1021024e01c6bff6d7bb1e278642e3da27413671c2cf13aa8f2c2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ef47094013af7078fc870575ffec3e62

SHA1
e902f60dc2be22b084e3d28644cc29456523e20c

SHA256
c02c67874adb9979d6730f0978d8f87722ba73b0d3a83ce923ef7844f2302d63

SHA512
dff63afdbeb6a78d653c104e3cc6cdfca9ae29a9b76965651940c1c8333a0d04b9147430077c587909ec4a2b2e8a7da6193794ffbbfef7e3f3a02073fdd90e26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
5fcae84f3458dc233a3bbab6afb2861b

SHA1
4cddeca0d56a6903668818fca649ca22dc763f96

SHA256
b00aba6a2975411cd1643da2f0193e4fce84c0504f9a806fd2ddd668b7a4bd43

SHA512
ad9ae1110438bd4111f8321bf1dc24adc269450f693756265255049778291c48978b7bd9ed7afa1a70f1aaca7d746b97b677b656bdfe52f2618067cb3b079127

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit