hxxp://newexra[.]com/campaigns/pe148ps2l9c7b/track-opening/ym8784dv2tf52

Analysis

max time kernel
69s
max time network
67s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
19/04/2024, 14:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://newexra.com/campaigns/pe148ps2l9c7b/track-opening/ym8784dv2tf52

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133580104464183925"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
864	chrome.exe
864	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
864	chrome.exe
864	chrome.exe
864	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 864 wrote to memory of 228	864	chrome.exe	85
PID 864 wrote to memory of 228	864	chrome.exe	85
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 4560	864	chrome.exe	86
PID 864 wrote to memory of 5084	864	chrome.exe	87
PID 864 wrote to memory of 5084	864	chrome.exe	87
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88
PID 864 wrote to memory of 4876	864	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://newexra.com/campaigns/pe148ps2l9c7b/track-opening/ym8784dv2tf52
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcfd76ab58,0x7ffcfd76ab68,0x7ffcfd76ab78
  2⤵
  PID:228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1584 --field-trial-handle=1896,i,8538859463766188099,13655814972863879566,131072 /prefetch:2
  2⤵
  PID:4560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1896,i,8538859463766188099,13655814972863879566,131072 /prefetch:8
  2⤵
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2232 --field-trial-handle=1896,i,8538859463766188099,13655814972863879566,131072 /prefetch:8
  2⤵
  PID:4876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2984 --field-trial-handle=1896,i,8538859463766188099,13655814972863879566,131072 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2992 --field-trial-handle=1896,i,8538859463766188099,13655814972863879566,131072 /prefetch:1
  2⤵
  PID:2808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4296 --field-trial-handle=1896,i,8538859463766188099,13655814972863879566,131072 /prefetch:1
  2⤵
  PID:3908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3356 --field-trial-handle=1896,i,8538859463766188099,13655814972863879566,131072 /prefetch:8
  2⤵
  PID:3952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3276 --field-trial-handle=1896,i,8538859463766188099,13655814972863879566,131072 /prefetch:8
  2⤵
  PID:4284

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1352

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
49138f7e4de619af48088b488cd263b7

SHA1
71c6baa8a908e673ce9320a7042d7b3c61b59ad0

SHA256
d3fa76eac159c0e691774f1c8298e855cf8d7efd4bef4611ab3a7ffd39012f26

SHA512
f50cd82fb849162f5cf3afe752a2744be75d35f146dd9c0deaaa1d9c3d5835ee99a9df46d0c6e5cbba213fead0f6cf47d721e7cbc06bd9f18407743b828edbbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
3d92c1c4f68ea463d91aa5a887c3ddd6

SHA1
9dfcc50f28b38e427ec0e7ca5d4f650211413ebd

SHA256
ea68712d62c82e08d58974dd9a15bc87a99224d8a0e33c4331e2d26b2ccee98a

SHA512
97d001b17d0d2f91da4ffc838fab659502d09d6508e624aadec2ab542bdd19391e02243c5fae170a8e805b0299116f4502f008b0df8aac1e084f5fb865d2ef98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
42bfb628c7b8e4e37ec6b2130b49d2c5

SHA1
2e0c19dc031181225f514916bfc9b0717f62cd74

SHA256
39416dc2c5f76083d208a5e3e9f36e1e89f78d244fae079a3f114bf2ab52ca7e

SHA512
2d264b0203eedd4d9e84d4dc469831b6b8dfb098bd6d2b17d1f8c2cbd8e1f4818c8c5af7d9552b7018112f03721386c49e89d66e9011ebe3dce2009fdbfe9ad1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
af96a07f23950906f9e8eb6e7524243d

SHA1
fb42027bcc4c0e54ebb55b974e470500dcd60749

SHA256
9f85e76159c897b4cfec596e07eaccbd2f605b12bd918e4fe45b4324832b0b16

SHA512
a6f903aa4904dacb52b41d6aa79b6dfaf92811fcdd5c83fb28ccb3cb42a98624b1c88e7d9daa5f55947c071c3cfac17f2802eabdd713102491519e2c3049e865

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
fd0bd8ddcd03ccfcdfc76134854dd79c

SHA1
707cb472440b025f6e56b9c6f32039aa42f61e80

SHA256
dd41000fdee647cfd18fb6fccd3aa1f3ad0df5b9efb487f9568f11a03c9e856c

SHA512
b9bc060f39d35be1ee531e9b57e8f6af6dde9145c70cb794ac88e3572967e9ee3fe4cf6ded3da4b44aae3ec493acca3563e7f26099c9d8025decf8ea6ebc16b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
1974afcb0dde7a15a88caa2c5f42fcbe

SHA1
61a707d9e12cba1b5e1f5f065c3eebc3dc95980b

SHA256
c388af4be561642a738e0a8e5c8e7b684f18d65fde69a05a3b4698a4411fdb4c

SHA512
235a3fe57b0fabb35d0738a115b2480248e47593868b89912f49da600b9fa16b64b08f7b0c6ddc37153307f9983a7d49a8c48b02756171ad9792abb48dc33700

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
6ef09d41079a60d0670acefdc9bef42f

SHA1
0441050244adceebf5917ba5b2e9457557802f11

SHA256
f132885caae7024b529fa23f00a51b490ba74e235f2f19c76e4d0f47437a4e9b

SHA512
b63edd2a5b54313ab18beecc5d332d1d840d563bf96a7b1548af26b87e56c1b12abe849d031a73841e2c3560b2383c87854b8b4078f68d8aefd9f5761882af7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
3fea1d515d1dd9fe5e261f4085c4d134

SHA1
d3b879ecb43ee183f2dfd067e23c3232cfdd30a5

SHA256
4ef7dcecf63c9566d0cc2c1b68d48ead211c4f7614af241e92b8aafdd4df01e7

SHA512
36be58263cd666147cecfaaa87f0b49577a529b50746958a66c83f3d8b8c496fe8b2f6b0aee6bf379cd58abd30178739d7a57cc7e401e70012cd058875ee2b5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
25215071447dafcb362a6554741d002d

SHA1
eef1001aef6abede098e8cc707fc8cc363f0e2e7

SHA256
c40092ec13bd4c7fefbc5bda23d9b66143a90642edebc3515321a9131fe67fc8

SHA512
526b1fcdf3c89f4dad44cc0d5918a47c853e6650aae5b120b863070e74a6887fcbfd50c306f3c77de67e2d24e53cbbb569632d68f37982dd4ece5f50041c60cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
9b0e11138ac81ac83b184e65d2b849ed

SHA1
dead2a5e16af3b256751670d3316697a9f185c83

SHA256
4b9cd3312729c9d2d756e654f5554fdf629803558d7c075bbc2a92b037b3d432

SHA512
b7d2a76a33095be0f7246c4f15097b71a42e4748a885bc2bd62b092d7ea65c2e44f56ef850001e44653745370c62fff386d18354eec39b63cc82738bc9028bb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
250KB

MD5
946f7ceb78e952d6e258ed59623cae1e

SHA1
9d500783374a71f08e5db78cc00e6da191fbba5f

SHA256
6df5683a0234e51ebcc850e1facdef025d65ba92c2908816d2ec22c58ba5df01

SHA512
2e99007a3bd7990a821a20f30ea2074e6a587e5954cde271f17a3d8ae976aa6c410aa7769c7da14d30ceae721d149dd974ae9149671e47edb6357a5d21381c08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
250KB

MD5
58a595e2474c8ec1343eca462be5d8d4

SHA1
43e12b3cf05c7df76cb1f9f838e3a2e8f0f8207c

SHA256
f666de07f9462b658453b240ee2ba163f3f46f6372bfacf2101778bb4a268328

SHA512
9156985b6bf2e7b1e64d2186a618b8b7fe44f2f68f0848e8761829ec0841e1e860e8f53179872a40036d2792b4e7e60dab72906eabce02dcc7859a03efc695ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
7c3303a4eef06e1cb337a412ad8e7ee5

SHA1
5bca20ae9f51f216e22ab9666265b86c19842cfa

SHA256
97eff304268aa5e34bd2ac92cc4361b244c055ba8e348659330e0b8c65ea9f2a

SHA512
2562d576f343397ca66b22f549b880ebd860eae19c44635ba26875cc63b35ed25c66d453b6d176a6a0d04a43e58fa930dd387943b847af9c89440311774bc2a6

Download Submit