6b38106b2717e509b0c1a278e2ee586f873e677da67f1e123b31d8a35ddff1d3

Analysis

max time kernel
1799s
max time network
1685s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
12/05/2024, 20:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

file.html
Size

312KB
MD5

58565d405f80ee877a14e3d6447ffcd4
SHA1

7a476a9a9ff0d84539cf701de3a48726c0fd1ff8
SHA256

6b38106b2717e509b0c1a278e2ee586f873e677da67f1e123b31d8a35ddff1d3
SHA512

a039c00e7b495db99ca99e2779ab2436a3ae6ca382b271479e3d1241798764084ccb7f179ea1a44af021374b78065d291e48d2c8ee2836854846d04f11d7aeb0
SSDEEP

3072:wihgAkHnjPIQ6KSEX/mHgPaW+LN7DxRLlzglK+41C4:hgAkHnjPIQBSEeAPCN7jB+41C4

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133600381262568701"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
4704	chrome.exe
4704	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
368	chrome.exe
368	chrome.exe
368	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 368 wrote to memory of 4876	368	chrome.exe	83
PID 368 wrote to memory of 4876	368	chrome.exe	83
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 3828	368	chrome.exe	84
PID 368 wrote to memory of 1124	368	chrome.exe	85
PID 368 wrote to memory of 1124	368	chrome.exe	85
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86
PID 368 wrote to memory of 4232	368	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\file.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff98491ab58,0x7ff98491ab68,0x7ff98491ab78
  2⤵
  PID:4876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:2
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:8
  2⤵
  PID:1124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2220 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:8
  2⤵
  PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3052 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:1
  2⤵
  PID:3772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3068 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:1
  2⤵
  PID:3368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:8
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5104 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:8
  2⤵
  PID:2640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1556 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:8
  2⤵
  PID:4600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:8
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5108 --field-trial-handle=1936,i,899808141215869963,8447199456577947930,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4704

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4172

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
599bd41da801797796720be445f305de

SHA1
70672f0028135c19cc993370f22704e65a66c3f9

SHA256
e7f0a10d30120965e7b578b2c8276ea1db5d18cece7e4389db79a5490b327ade

SHA512
05e9476a3f8348cd1d924c3c188539dfad20a7ae34d460cbab92abe0307e9ae9cc9d2c5ef020ac8bc2a9f83783bd6a48e13c1ee8ec77cb3504ec394e07ecf5d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
51e996b4b320aa5f143e94d47c8ec5a8

SHA1
ec299b04ea78334d52f2394ad61822150081d387

SHA256
d58bf6f748831198eccfd51e8d04fdbb0965c6f93885bcd9ce1037502b3073c4

SHA512
8c46077896bac8360338902d144e19426b9088d9fb1d77ec52d9b2cbb1e534d16173b6afb7329431ab42757903b9dfdbcf847a8fab1916c3197fc42afff4d8db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
3efc4154da3dd5b32e119fd8e2484872

SHA1
e51e11fa86202805e24ceffe0db41e5094a51385

SHA256
edb86a9c21feb488c60b49774a5098b1a4fc865bf568b4bce7892c61e4557876

SHA512
40fce70367836171a6318b2befb0a1526a217e4050f51533fde01fcf98007044de3d74a6b822316cbf183c98ecf96ceec2f6e947aa7ba6dc30a5546f8adda39f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
25ff135dcfe6791b16c1632582fef215

SHA1
aabeb9bcc7d52b8fc70e47b0cc66d993680757d2

SHA256
8c20f2e85a74a16236b362ae27f947237371a6645403afce96774edacf33bafb

SHA512
446264d7e7ff7697311aff4a5ef7fe853ecd9cca6db48d64ca5f29ef1370c53129db17ce5c3d38f6e16880336166ac50fdec7c3a27d275f38103c0edffa9334b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
84324a38caa857ca8c5678dd0119bb85

SHA1
3f59c120477b805baa0276cda738184aa25a3bfe

SHA256
1dd49d864e4e82c91043a980ed11254ced66fd9a83d46733d5195482db7414e2

SHA512
10c4b7c97d2f69d47e10612fdbb125c7131c365ae12fceae91e917bb0c723b3e699c116202618dff339430b1b3064004f87e47a875ce060fe23b5bd73f3488ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
23eacebb8b31f1ad98078c673313bdab

SHA1
4c398d13270a6f64cc968cb7e107d4f1e48bcbec

SHA256
1748bd6386bc116481844921935d6a5d7c839e085a0038e987eaba351192389b

SHA512
ac36d1532f7583ac3eefc08560f1f1be10a50eb451035099288a861b1e6c4027c8db8dc81cb79924cd38611b226ab6918f75e8737aff8f2129034b3525965f98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
132KB

MD5
d3fb27b15407a9afe5c412aff974a118

SHA1
7e45a2a4b471732ac82d709e3eb19acf06c7cc53

SHA256
eca5b38a12f49eaf07e6e028e5d10249da3de1ccb696bb460c82d9959246425f

SHA512
a7774a8ddf7860b0fe912db5499ed0bedcc4deb0e22f226c9ba292540de791b652021a6a5dc040e2372ba22e9ad6c1e7d10d575808e987a0817fb7025213b3a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
524cf5bdea1c61a59c772d9ed5e1b519

SHA1
36afff6c26fa9e89a81883256220234c8091671d

SHA256
bdecd0f0dc0479e88e73e938909c79f7471db78abdb3baf8b90ff36678cdafc8

SHA512
f13e5a27dc7989b6a581f5684dc724ae82db228bcf283f6afdbd98f5f443d9925218c6406742b0fdd550f01ab7cb6aa2332c6f72f365bfa353ffd41ef2fa523a

Download Submit