hxxps://beggwin12[.]z13[.]web[.]core[.]windows[.]net/

Analysis

max time kernel
40s
max time network
43s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
02/05/2024, 00:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://beggwin12.z13.web.core.windows.net/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133590825812997157"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2140	chrome.exe
2140	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe
Token: SeShutdownPrivilege	2140	chrome.exe
Token: SeCreatePagefilePrivilege	2140	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2140 wrote to memory of 964	2140	chrome.exe	85
PID 2140 wrote to memory of 964	2140	chrome.exe	85
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3980	2140	chrome.exe	86
PID 2140 wrote to memory of 3628	2140	chrome.exe	87
PID 2140 wrote to memory of 3628	2140	chrome.exe	87
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88
PID 2140 wrote to memory of 2784	2140	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://beggwin12.z13.web.core.windows.net/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9fdeccc40,0x7ff9fdeccc4c,0x7ff9fdeccc58
  2⤵
  PID:964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1944,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1928 /prefetch:2
  2⤵
  PID:3980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2160,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  PID:3628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2244 /prefetch:8
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3140 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3148,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4444,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4508 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3304,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4468 /prefetch:1
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4788,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4828 /prefetch:8
  2⤵
  PID:744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4396,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4488 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4672,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4688 /prefetch:1
  2⤵
  PID:760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4720,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4032 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4992,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4412 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4496,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:1532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5032,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5092 /prefetch:1
  2⤵
  PID:2580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3172,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4680 /prefetch:1
  2⤵
  PID:668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3160,i,11572633154477513355,1261589128868812857,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4032 /prefetch:1
  2⤵
  PID:4264

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:2580

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3860

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
e0a3bc1f143cc00937e18e2d9ab6a887

SHA1
4310b4a9f90786cf4b1c84600e3f2b38283743f2

SHA256
32559c6f249532f54ead810134cd32059e6137678f7bccff1d84b8b923d7f9f3

SHA512
a73a527f7a6c2e20e0a385cf752ed4235c0773b323cce4e2673807ae950027d0b8d2fe105de2de8eb6949f2a8975832a8f12a9133cdd5cceb65abcb4f752814e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ad2210f9467a7a863249b5e0cbbafd25

SHA1
c104f57c2b302e9179fa27fd130112d3bfc652f0

SHA256
938a5e7f283da6e0c2eee5fa2ea97031854fa4b8bc2b31ba632db619477519ba

SHA512
ea2ac1c88665e8d1bfb3c1e51ac2991e9bfefdaf5b1ce07f2906bb02d727495e16c40f2dff8ee7da56c979f0f5c2ef15700008d889693b5c537ba845deb28e5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
94ebf4774088918dd1ca170cee98d651

SHA1
963fca59eed2b22484bdb65b017870766bd322e7

SHA256
dda8efcc2707c6487a9c6b94a9b18a76050ac00100e4edbb506901fff72be69d

SHA512
3760716fdfcd9dc1ecd85cb175b22e89d921bd599470e7b870c0ff44a380da382e613e80466dd1af3fbf4db742d7b84e35338592ca498b7c6e40a34f10382a89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3d82be147201ce6825b4008b91d5a161

SHA1
2482f3fff6c4198ef91a7149d9f39f95f6bbd2c8

SHA256
3f34bce1f2bee8ff0658ef25a4d50558b6452833508418563f6d42a7fab3a344

SHA512
a55dffad0fbaaa921a499293222e5522ad451ebb5266031ad455b68b5b6fa3588734c0026a7c2a754e7c8e8fd3ea9f6d85b116348eb9a9bf08c736b497a89799

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
77KB

MD5
95942b6102d702fbd585ccca43a70cfe

SHA1
97099c2371380e68f6ad6065f8fef88f9a7c9070

SHA256
f46aad04ba93e67a040120ea8c6f2f1cc210f67baf17e237fbda85c42e582824

SHA512
d77e123012f75f2872e2bc333cc8ad71bf3d68ab3e4f1bab2d6bdb41993c18a22eb51244bfce82bcc41769eed8d3fe628018b6883f2a3b897fad43374bb5782e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
77KB

MD5
c97823eadedf82bd632613e994382e28

SHA1
40c8160baece2bc6546d2f30ea20f91c1f229eae

SHA256
8c5c430faea138d76b7dff8e62463722cbc5f820ebab28d0b1560af2ebc656a0

SHA512
aa084bbfe1fc2a46890f6729f9a97de45be5e5d531b7077352447aedc83dd8d00dd85f0f66a36ad491d29f43f167ee37cce8d26da2e265d313004e4b71264cfc

Download Submit