hxxps://cloudflare-ipfs[.]com/ipfs/bafybeihzbzuhit3mvkdeavb6upuq5rtspzpon4htujweirok67yjhojftq/inboxs[.]html#enterprisecare@jio[.]com

Analysis

max time kernel
599s
max time network
588s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
23/04/2024, 04:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cloudflare-ipfs.com/ipfs/bafybeihzbzuhit3mvkdeavb6upuq5rtspzpon4htujweirok67yjhojftq/inboxs.html#[email protected]

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
8	cloudflare-ipfs.com
11	cloudflare-ipfs.com

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133583219479300421"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3568	chrome.exe
3568	chrome.exe
2864	chrome.exe
2864	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3568	chrome.exe
3568	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe
Token: SeShutdownPrivilege	3568	chrome.exe
Token: SeCreatePagefilePrivilege	3568	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe
3568	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3568 wrote to memory of 1928	3568	chrome.exe	85
PID 3568 wrote to memory of 1928	3568	chrome.exe	85
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 3444	3568	chrome.exe	87
PID 3568 wrote to memory of 4804	3568	chrome.exe	88
PID 3568 wrote to memory of 4804	3568	chrome.exe	88
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89
PID 3568 wrote to memory of 920	3568	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cloudflare-ipfs.com/ipfs/bafybeihzbzuhit3mvkdeavb6upuq5rtspzpon4htujweirok67yjhojftq/inboxs.html#[email protected]
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff89638ab58,0x7ff89638ab68,0x7ff89638ab78
  2⤵
  PID:1928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1588 --field-trial-handle=1740,i,2459831232957371430,11925640454414592124,131072 /prefetch:2
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1740,i,2459831232957371430,11925640454414592124,131072 /prefetch:8
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1740,i,2459831232957371430,11925640454414592124,131072 /prefetch:8
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1740,i,2459831232957371430,11925640454414592124,131072 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1740,i,2459831232957371430,11925640454414592124,131072 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4412 --field-trial-handle=1740,i,2459831232957371430,11925640454414592124,131072 /prefetch:8
  2⤵
  PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4564 --field-trial-handle=1740,i,2459831232957371430,11925640454414592124,131072 /prefetch:8
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1004 --field-trial-handle=1740,i,2459831232957371430,11925640454414592124,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2864

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2516

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
956b6a796945e4011be63b7414cb45fd

SHA1
2dc49e6df6c6d8f5fd398da8d9ee73df2f256200

SHA256
9212d31a98eb74464a96fbb6cfaec6f8a22472d65c579eb63f13abbb4df730b8

SHA512
5dfc74f96ef4a41ab69bfe38761dfe354b646804c204ce52c1e138d2b869019766007eecc93aab8380909191bc36a8e9f510821232b35437e45f2c9f3afe698b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\0a9038ef-b1eb-4397-bf77-148e58f61c62.tmp

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
7e60ac32b722519a825b24d51754e82a

SHA1
2eef7474d9dd98b53241a71934655f06c8adf5fb

SHA256
557361dc2648cc873f38093e6a2b1bc3f38cf1bbe8e5b49aef98d9f00693d0b4

SHA512
c9a49ff65ae8c0a8c255e24b3ed2bec56266d732a4621679bc91370cdfa3a06f392c5a5b75104708365cfbd292602838440c879af92e5a349f782bb327b9a555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
01e58f4a8f443962ed8062641d858159

SHA1
f5d3dfe943691b46268e7ec6b4c44dde52a88c4e

SHA256
5a1aa01c75a96cefac323efcd39c0059ae31e9ef9406772889f9a605f0712c3f

SHA512
902245c3396d454fc50f93b9aee984a2dc6db060fd5b65e698a76b39d4c6522f19a8e96bca904af77c0d9e6751a17d6da0c531549517bc4f01c37a84db10490f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
2122da5b66aa9afcefa41e02a9beebc2

SHA1
7ba89ff729023e9f47085cd18f8fbc2cd3e2bd8c

SHA256
c31bf419595d2623aa843eba94c8850d2277f0e47eee53631cacbc6ad0d2406b

SHA512
b63b90be46973ab00e91f2372d71640bb6b46e7129149505311e17b8ba2a2a60abb78d7ea0441fcd16cf000f4274e3d02baefa5a49e7d9ba2b165902efbf6fe2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
7b5bba6970908da1096d5c14c6eb27ca

SHA1
5e334db7e2d698b930c789dde26948ecd3480609

SHA256
f055f45ac6fea31c1e7c04f322189a97170e781e4486b149a9e1f91284bb3d53

SHA512
358542536fb2163ffe98c7237682c62ea181f0aa65a298fa315722808ded17e155169a733223e8252a1163f5ef0d75b35e3f951417ba62709741231f12cd1348

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
0123c037f6b74c82b99820cc6e5b4a9f

SHA1
1308436ce07544343746050357ab455c5b3ffc8a

SHA256
7c8900fe4febfe5b32de02c94b41fbc635d1007e71312e17594f3a57aa76e66c

SHA512
7c66fc3d13557e429355a73a53d6ab8821ceda9ce0a06d08ffd03af4fe54e68948dd382d3d92978bfa1b8124a08052e181323ae6061130e08cb859298608741d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
7a67472ce5861a396589327ba7f13c5d

SHA1
7a61dc01db29fbe3fe52d526ebd5f68c19ae02a0

SHA256
0414abe65b76854cf5f5d822c6b50cecbeb421c27620b3827d1c568213d6c67b

SHA512
7b9b7bec4376698cbe55114b1547ef1a8c64a7b7f3d568f4590810344ff33c4612002e97c6a2951bb213c8073c901a544156d51a1919b27b274f0d589fb8a42a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ffd84f66fd02f14e580167da48899860

SHA1
3a4048dc642a8c57124f2ad3a4794c27da535cfa

SHA256
1ad3f453aa16404ce9c7b5d93e2eb10ec6e4dea56267ed7d9d14bddb77802aac

SHA512
e4138495c8b74c1f403bac2453f3eb40785ecba89bbacc79eb282e4411414423e75f0ca835fb1855be58e040600165d263ddd44bd14ac6bc7798d9884342a56b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
250KB

MD5
ecf0516b4bf8119a16348ef2f6f9d139

SHA1
4d68ad233e7b8a6dbfa389b633c7833e09a64ed8

SHA256
3f6e0fd9f330981ce16756cbc4c79c57e6dca27e825f55bd06ec7a5aa52b09eb

SHA512
e7d57c6eebb42365c79500544086314e57d58331c2ea62c2c0f5b46f1843ee3cb2084ed08bab89a15ac0e265b24ff5be6285b9adccdd45541c68158b73d75d83

Download Submit