hxxps://playmods[.]net/download[.]html

Analysis

max time kernel
600s
max time network
516s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
21-04-2024 12:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://playmods.net/download.html

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133581745584354593"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
4208	chrome.exe
4208	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeCreatePagefilePrivilege	2688	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2688 wrote to memory of 4824	2688	chrome.exe	73
PID 2688 wrote to memory of 4824	2688	chrome.exe	73
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3952	2688	chrome.exe	75
PID 2688 wrote to memory of 3652	2688	chrome.exe	76
PID 2688 wrote to memory of 3652	2688	chrome.exe	76
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77
PID 2688 wrote to memory of 368	2688	chrome.exe	77

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://playmods.net/download.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff815e59758,0x7ff815e59768,0x7ff815e59778
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:2
  2⤵
  PID:3952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:8
  2⤵
  PID:3652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2080 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:8
  2⤵
  PID:368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2992 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:1
  2⤵
  PID:1504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4460 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4396 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:8
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4340 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:8
  2⤵
  PID:5020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6080 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:8
  2⤵
  PID:4192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:8
  2⤵
  PID:4560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4840 --field-trial-handle=1652,i,10825616567550407138,4184854003001730795,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4208

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3172

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
c6226a26fd21b3cff8972391b4c05420

SHA1
dd0916ddc199180d9beba051406e1f66b4ce5fbf

SHA256
264441b4a8019ab69a265ecfc80236ca243cee683aa14dd4729190e922bbb112

SHA512
e5ab813ce743b35b960fb3cbe6827a9e1a01b21c6080a8f1c05c7c87a66087110fc75d80804db1a6dfb1b85bdbf7ccdb945f875d6efcf3456211d25b0f444f16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_playmods.net_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_playmods.net_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
7f72b1dd2d5d00d05f5ec02874ff8b63

SHA1
964e034b2970265c02894a3485d25f7cd8d0ba77

SHA256
62aed7e406ec08eec52f20e4ddd4c09ed00ceca9caa6f5a3354e487af636acea

SHA512
c0846e12bf3807f8b815682ad36976ed5261c3233c6ae53e2afe3f4766bdfb5006b1257f384ea2a4cbca12efbae43890e8e990c9b99bd0760bf772de27c3db18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
7ef50f3b5c51c11fd56a3cb65eb2fddf

SHA1
d1be89ab7f7d241008db8b8fdb8a88cc9715275b

SHA256
02f0ac13066fb2ffadd05502e508ac2e8b688bebcca4814aab56351937b39bff

SHA512
1c8767d5ebe389c60b1d5e979f3f6530b5dafd752a374e6db293b782e97250a80a1aa6e7425d944eb7fb29c561e65876a58cd637bd79dce075ce85ac4ac4fd58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
987B

MD5
d5863be06c922939b5af430829fa2ac3

SHA1
64fbac17de578793cc050fc0f13644bf063ccc8b

SHA256
dbc40d7192472ddcf95076ce79ae1edfa5c2e51d69342fe552937c07637d7dd7

SHA512
13d8a3158c2848e5cd8a55190d741a01a3806629d1d4e1083728db95359c834cb720a7a234a3e22004607b9843036a6a58187bc0f7ec16e70ab1fdb93e69fc3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
a85048df744660ac90fe182a572738d8

SHA1
249ebd45ddada2a8db7a62c6a48b6ddaa2f6d9c9

SHA256
a66ddb02c9fcf122a4a09d6cae7945117b368fbcb4aa0847691fad69d9ab74c6

SHA512
f16bc9fc7a6d78313e0cf3217f909653964fe7cfbd2b869453ed50792b1cd01fd2ff8225b6c6500b33769f27ab89515093863082d12696ed378ee5e3455e2903

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
88a215ce74d260c94c3e05a334a661b9

SHA1
862daa584600ba9b8d24830923df880c7c9aa8b3

SHA256
616427d29a7f944de9f942723121fc93fdb73830ae8f12eb7843c54e534b40e7

SHA512
78e874d5dcb7175aafe79ddd718e4760bcfbc12b2b66713c5ff4568274c9f972dca08f8ba3311b1bfb1800f15122fd21988dc97418500383a0ddcf3cffebbb2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
94965e04a06e6a9acd55ff90a3e88b51

SHA1
d8b1e63a66197c95c310ff9e4379a514f439992c

SHA256
f7674bfb1a2c8b6f2bf885d63658235190ca660f7b7f97e28642d4cf80a8bacb

SHA512
68d883de35a3b6b032c01f73a00c3d937fc5b774a456692fd7947f8d1d1cb22064e282ddf8eb906eac403189d79c7e11ab1a8f77d5c3000020f38c23a1b92d42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
e143c6a7d799ace94e133173662b23d2

SHA1
15da1ec13fe8e824c00163e3bd1660bc491f38c6

SHA256
2adb08b5e68d0771574fbd6a2fd7f1887d4140ff9541425a2162ce078ec51011

SHA512
e844794378425443a88ed927292d52468cc7f4baf60757b2a5dc03ad6715b3dd5864e273928b57117eb43bdc620758d70a96b6728491f0b391f0922bdbfe4381

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f3601140c0700140af803467621ae791

SHA1
3c3d30e2d69a67c1cba774db4b20788b2f9ded85

SHA256
c7d9e62ebf2d9a9c602ef451f8b5bb60775473459cc23f878cb95cfbebb8f1ab

SHA512
6d2b13261f103d1af31443bb7cbfaaee600bd0bf4cc01d6a539648e3cee1658fe9c07708e7a26c11a7a3143de6a9bea9dedc42e959254f8092cae35fcc977516

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57da62.TMP

Filesize
120B

MD5
6f0b4fd9412327c2b8a9995ae4b2dd40

SHA1
9a1071c0e108ecc4e2d9ae750b43cbbddf9dba2a

SHA256
2163577927879cc875c504d84ecc5ba1848845468068142288314dc67716b502

SHA512
ff562968eb370e59b42bb8f28633fc7b36404ca70239a33ec1c3e6e793c797dd44315e1e6618d8d7c6f3fa1b05045f681f404de29f5ee3e5a235bde2af1f92c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
136KB

MD5
714d8eddf4e20718f7dd5decd5dd6f9b

SHA1
ae0257a4a1cec1c7f2d5e06cdc4dfa7e32bbfa40

SHA256
ad2f21af2d04f9d102bc9aa647fcb9100478935a3fb899dcf56c90957aaf645b

SHA512
ad6ac4d7c59a218996f9711f64a7280e528277b9cd83ed0678fe8e86ee2f46469c1cb89eab628c84234f7297da397242bb1167fe00d87323f9e3e4009878d807

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit