Resubmissions

23-05-2024 09:35

240523-lkmh5scb37 10

28-04-2024 14:29

240428-rth5zahg49 10

Analysis

  • max time kernel
    214s
  • max time network
    214s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-04-2024 14:29

General

  • Target

    LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit30/builder.exe

  • Size

    469KB

  • MD5

    c2bc344f6dde0573ea9acdfb6698bf4c

  • SHA1

    d6ae7dc2462c8c35c4a074b0a62f07cfef873c77

  • SHA256

    a736269f5f3a9f2e11dd776e352e1801bc28bb699e47876784b8ef761e0062db

  • SHA512

    d60cf86c0267cd4e88d21768665bbb43f3048dace1e0013b2361c5bfabf2656ff6215dfb75b6932e09545473305b4f707c069721cdde317b1df1709cd9fc61c0

  • SSDEEP

    12288:CzVXpdg/1MB94JD7RfaVT1hG98P67PNV3giFH6J1VjR3L6dpbQrQyEpInmwuRUfB:CzxjgdRpBq1hG98P67PNV3giFH6J1Vjn

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 2 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: LoadsDriver 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 20 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\LockBit-Black-Builder-main\LockBit-Black-Builder-main\LockBit30\builder.exe
    "C:\Users\Admin\AppData\Local\Temp\LockBit-Black-Builder-main\LockBit-Black-Builder-main\LockBit30\builder.exe"
    1⤵
      PID:1624
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:2916
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffb37f6cc40,0x7ffb37f6cc4c,0x7ffb37f6cc58
        2⤵
          PID:5096
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1832,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1828 /prefetch:2
          2⤵
            PID:2928
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2192,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2240 /prefetch:3
            2⤵
              PID:4192
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2292,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2256 /prefetch:8
              2⤵
                PID:2168
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3184 /prefetch:1
                2⤵
                  PID:3284
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3312,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3332 /prefetch:1
                  2⤵
                    PID:3436
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3752,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4612 /prefetch:1
                    2⤵
                      PID:4132
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4924,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4160 /prefetch:8
                      2⤵
                        PID:1908
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4040,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4792 /prefetch:1
                        2⤵
                          PID:728
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4844,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5132 /prefetch:1
                          2⤵
                            PID:3296
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5144,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5156 /prefetch:1
                            2⤵
                              PID:3720
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5152,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5408 /prefetch:1
                              2⤵
                                PID:548
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4392,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3384 /prefetch:1
                                2⤵
                                  PID:4804
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3672,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5448 /prefetch:1
                                  2⤵
                                    PID:4676
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3296,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4776 /prefetch:1
                                    2⤵
                                      PID:5108
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5512,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5464 /prefetch:1
                                      2⤵
                                        PID:884
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3268,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4656 /prefetch:1
                                        2⤵
                                          PID:1536
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=240,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4048 /prefetch:1
                                          2⤵
                                            PID:3776
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4488,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4584 /prefetch:1
                                            2⤵
                                              PID:2160
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3288,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3320 /prefetch:1
                                              2⤵
                                                PID:4868
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5224,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4912 /prefetch:1
                                                2⤵
                                                  PID:1160
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3256,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5132 /prefetch:1
                                                  2⤵
                                                    PID:2116
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3212,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5240 /prefetch:1
                                                    2⤵
                                                      PID:1332
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5508,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5372 /prefetch:1
                                                      2⤵
                                                        PID:4884
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4556,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4060 /prefetch:8
                                                        2⤵
                                                        • Drops file in System32 directory
                                                        • Suspicious behavior: EnumeratesProcesses
                                                        PID:5024
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=4520,i,9061370758608342725,10831042453266389222,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5412 /prefetch:1
                                                        2⤵
                                                          PID:1872
                                                      • C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
                                                        "C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
                                                        1⤵
                                                          PID:4128
                                                        • C:\Windows\system32\svchost.exe
                                                          C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                                          1⤵
                                                            PID:2828

                                                          Network

                                                          MITRE ATT&CK Enterprise v15

                                                          Replay Monitor

                                                          Loading Replay Monitor...

                                                          Downloads

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                                            Filesize

                                                            649B

                                                            MD5

                                                            2eb613228bbcd202e59e6194d6116bf1

                                                            SHA1

                                                            fc965f2060540027277c7a9cabf67d05572ffea6

                                                            SHA256

                                                            8e69bcca1aaf9ee99eb7a23a2f005a6a0b04e0d71c72b3f5460c11646c4d8392

                                                            SHA512

                                                            95078334df69eb23f7b99a2873a23dc0fe02840068b09540d1710128678d6fff42c64ce741afb7ef8e30df61cbf4ddecc36d0405fce32a41c100042cb3ca0419

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                                            Filesize

                                                            2B

                                                            MD5

                                                            d751713988987e9331980363e24189ce

                                                            SHA1

                                                            97d170e1550eee4afc0af065b78cda302a97674c

                                                            SHA256

                                                            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                            SHA512

                                                            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                            Filesize

                                                            9KB

                                                            MD5

                                                            4bac518ae8035e50da75119fbea02b79

                                                            SHA1

                                                            c154263325e121253f3df0192d4c372b92a40441

                                                            SHA256

                                                            927ca4f54e3082898838a8378d52038b9312c5fc1c5e3e726810766006860095

                                                            SHA512

                                                            1d8b969615c2b14628993918643ea50eb2158642007c55719f630210bd17985616a1faafda7dd839a3edb177cf88c312e3361c0fb6fcf0c1805166f7826213fe

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                            Filesize

                                                            8KB

                                                            MD5

                                                            36bc5f34f63848f7c2abcb65cc225c7a

                                                            SHA1

                                                            536e72e96d2133100f0c8882682e48220906139d

                                                            SHA256

                                                            c5badb82e151605cd01a6c5dae5be31f658bc69cce276d9dd4dcb0a22d43b39a

                                                            SHA512

                                                            b9cc5c5848c84ce27a4879a81bed6db8a250d4efb6f8c99a8d24b2935150ac4144329e11ed16346e297db185f5399fe6900aa21f61b142d3b7302bc771188c04

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                            Filesize

                                                            9KB

                                                            MD5

                                                            9120aac582eea5c0fcefa0de150b0f2b

                                                            SHA1

                                                            ba9b0f156d791cafb4ab39aac5c93b8d51d94b05

                                                            SHA256

                                                            20b250e7618db4a3f8c4338b8220f0a6e98e49ac0180d66336fdbe412e2ac13a

                                                            SHA512

                                                            f9743f1e837da49b61e4efbf7fad51199289d4c56b364d85e25b6154bed3ec6220595d3ccbe72157a2630bc5d2ca9ab11536ed92b465cf68e22ebfe65117959a

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                            Filesize

                                                            9KB

                                                            MD5

                                                            199da7b84711563c18510814a79527ad

                                                            SHA1

                                                            dd21f0af18a1dc08f6b53e703bd81f4114121fe9

                                                            SHA256

                                                            ddc64ab74c473e604337507fab6629688496ffd6cb62507b315f7b95a542a002

                                                            SHA512

                                                            bc4a3200550d2e2230b41c8139442f575f517ebe3be55e43fce9b4283b1dd2b623f7b909818005f592a65800f9b265ae24c9241192b7c3d504e06d9e45118df6

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                            Filesize

                                                            9KB

                                                            MD5

                                                            1d107c5cde74edde6f533a796c272b7c

                                                            SHA1

                                                            8323bec9bf15d7b3fb674e0617d940c1fa41bf4b

                                                            SHA256

                                                            4be43c0e78634684ff774ecaa7d2c23d8aba40c120160d4fe68924a2e6af9fea

                                                            SHA512

                                                            0c0da29c2e873098dfc58ef8e654830678477fb0682dbaa088e7816d76ef7a5071202d0334ea2a3085b7a6fca5c1fea2e4fef686c340a56ba1f56d59c73b350a

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                            Filesize

                                                            9KB

                                                            MD5

                                                            d1221acd6c8c2d16732d2c38c6371c39

                                                            SHA1

                                                            7bdbf1c5adbe6a96f5c6b05771a245b61c77f078

                                                            SHA256

                                                            51d220a9b4e4f5a976d27a9c8af84d0a8d4bd62c242359fe5f5aef0b9c68a1cb

                                                            SHA512

                                                            c4f52f7bcee2bce22cb97e1618038e3986f8bebceb9ca3af3d12b61ef3643c694acd518cb76a50729483c2bd610c1555f4b63a86e5b6dbd1bc7fdefe50352871

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                            Filesize

                                                            9KB

                                                            MD5

                                                            5c317dd13c185a78fd17af0afc626549

                                                            SHA1

                                                            9c8ef747bf37e015a1c4b78fcf5b29da945f066e

                                                            SHA256

                                                            d64895f1fb5313b7a184918e54303b0767af9b2c9a46b0850ed925fb3daf18cf

                                                            SHA512

                                                            34dd3de526b8ec680128de912118e8be7d8284dcb69c1bcddb21ef9d1a736a4e0b696ee3cc2ca932dd30552084a5fe5b7ad903f7c876e15a3243300b09102783

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                            Filesize

                                                            9KB

                                                            MD5

                                                            8f03329152285872a044f24848956c1d

                                                            SHA1

                                                            3bb94eecc7da26ce5ad95b29b1c18473812bfcbb

                                                            SHA256

                                                            47fc11a45f9279cd80654cbabd878fd7087bdea173b8ff6812ae3af64a55a0d0

                                                            SHA512

                                                            40768087e774f20595679e766690e8f5266dc6f5bad8e9947cec999c3797909129dfea084cb13c9fbf1563c5634e3126fd76fa8b9f14d288a524e0694205c1de

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                            Filesize

                                                            77KB

                                                            MD5

                                                            f52b6de1fc333c58ff7088b0fd8a0796

                                                            SHA1

                                                            0798d93031d8dc792d83879902ae3218368a5cd8

                                                            SHA256

                                                            dc6a793ad945699dcb7af7af0c65717a311390529a6413a27307fe59e94e464e

                                                            SHA512

                                                            e463d7503e16542ce1672120c0c2fd066ac0eea587b4d50194344744dedf0f40ca135c3c5e5e71518dec389e898593b11d3c7ed0e9b3167fd49bef059e46e8d2

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                            Filesize

                                                            77KB

                                                            MD5

                                                            f47cac93117f1ffe1bd2b6b05c3130ff

                                                            SHA1

                                                            2b0f3e389bea756707d3635570b7e2b8e9aa068b

                                                            SHA256

                                                            fceb3887cdb0c14b74525c1cd125917ffbd6e13c93b98dd1452a37db94c657b3

                                                            SHA512

                                                            ba437e888c5cdd93532001bc5e275fa94243b698f5dab41f6c0e0a02723c51bdc425eeb5adbafe31d9c0f943b6d9510a1db1af481e5d34e45d54944f511cb722

                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                            Filesize

                                                            77KB

                                                            MD5

                                                            6ad94f0020db4379f2978c5bac4de5c0

                                                            SHA1

                                                            0b4e2f514e05bb7bf0f82765fa16874089f0a9e0

                                                            SHA256

                                                            a0699dc864f687862c8be33fd608bebbaffeb4408524c47ab7179b9808d7c82f

                                                            SHA512

                                                            65ccfdaafc41fbefb9f13b2064e630470590467d5a97f2e7d2fcb56ec94f950fe5e18505905a9a31d6a8341fe09d3fbc7e9d060b0f506886d27db8312f36b534