hxxps://app[.]smartdraw[.]com/share[.]aspx/?pubDocShare=A82CB85E2D34FA3A0342CAC2A1AB699295E

Analysis

max time kernel
33s
max time network
32s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
13-05-2024 18:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://app.smartdraw.com/share.aspx/?pubDocShare=A82CB85E2D34FA3A0342CAC2A1AB699295E

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133600988450859758"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1224	chrome.exe
1224	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1224 wrote to memory of 2016	1224	chrome.exe	77
PID 1224 wrote to memory of 2016	1224	chrome.exe	77
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 2716	1224	chrome.exe	78
PID 1224 wrote to memory of 4548	1224	chrome.exe	79
PID 1224 wrote to memory of 4548	1224	chrome.exe	79
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80
PID 1224 wrote to memory of 3644	1224	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://app.smartdraw.com/share.aspx/?pubDocShare=A82CB85E2D34FA3A0342CAC2A1AB699295E
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcf431ab58,0x7ffcf431ab68,0x7ffcf431ab78
  2⤵
  PID:2016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1504 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:2
  2⤵
  PID:2716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:8
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2156 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:8
  2⤵
  PID:3644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:1
  2⤵
  PID:3172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:1
  2⤵
  PID:2976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4644 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:8
  2⤵
  PID:3168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4208 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:8
  2⤵
  PID:3820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4680 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4400 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3252 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3084 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:1
  2⤵
  PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4364 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:8
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4392 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:8
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5112 --field-trial-handle=1768,i,15255626548885135610,14248054876562248599,131072 /prefetch:1
  2⤵
  PID:4492

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:5004

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D0 0x00000000000004C8
1⤵
PID:636

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
15789c177bb1f8101b16d9d325093601

SHA1
0ac6eb065ccb9556fc44ab926b3c41dbb282a55a

SHA256
a27fd50e2321008b5c0291caf390f89901cd1a0f16cf947af91e4e43245ce40c

SHA512
c0e7cc2fa8068f0472f8fe61961e4a0dc87a722d5a0f87c7ad7b9930bb3cf650da5925fea793a09df2bd3db959468f12a2c5149680283544718d7ef2c01a4423

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
857B

MD5
72b8dcb0c28dba6e3b0573cb31d0c37c

SHA1
1affbee632b269b352bf8f27d7dda24262d8c608

SHA256
e9df634a59221b3a09ca32dea732e64448a7213889e8b45529ceda6754033c8f

SHA512
fe65952a3e393ba343f93dde43bf47347eb4bd730b67015a41d09d66312794ec4e879360a812c60955765806e87f7b921d90d7917f057c31c3f25875d6166c96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
857B

MD5
3f66d7ecbdf47b2c839a975013debb9a

SHA1
44161d00044a7f361aefbf5389210befd5602090

SHA256
7fd86b17e9ddd3f01a63d2e2b8c1e7cf48657f23f32016401e2bd67abb16e8ca

SHA512
be911a95827fe461a96f541fa4ea9f7ff8fb70b226697755659201dfa78068ea12f54f14c39fa4374c6fa65e6148aa1a5de6fece198721caa1f2583bf217fca0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
857B

MD5
929007315bf3699734b4a157f9b60de1

SHA1
1a18eb49c06854969b907d1052047b8a74f4ff39

SHA256
a74e31cd9f20235b01091241ac88915eca6393ccc88ee9aa5e6eaf1055c35e17

SHA512
4ce5a0aa40928575742ba1a3c4236e4859488ffb95f06ea313cc05bddd40052f155d8f468332e7b93c8295024fcd239310aea4d1442399db749193d25c0782de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
f78c56c5ff074743135669d0cd7dfaae

SHA1
5dd40fe7bbf43fef323a2c8762a477c82ba40c9d

SHA256
e9214f78cd428535a4cb644072a9cf48e03d116c752fc8f988a64a47c0dc838f

SHA512
3383349ea0409d07a3abdadf3348fdfd42affa687854e15543de4d9e4c5fbc9cba27722a88b5a81b4a63f591c87689275ced15bde4a21988e94dc8cf7b379dfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
40942ec50f81d160135262fe8a28aafa

SHA1
c62ff7bfa29ee4c172f736a9388b3efb3a09d534

SHA256
f8e9c4eb8829b66f99d5e2a0a446345bd0cee88d564025952ce4681a2196c646

SHA512
f71ea4c1cacf0ffa3326979579e833364ddba153e010a53b2630d2828d4a759d12673c098568168cded6cff7a420f070192b60580d47a83cc6140ecdbafe04c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
94be0d8f0bea230ef8e8950bd34ec6b5

SHA1
8c4befcf389306ccf63e85dbf360790db840cb74

SHA256
25544f48ec94efd82e931fda3955e709a9e3929ffcdacb1f750dd5a518d5c243

SHA512
f9d307d2f56142bdcefcf41dcc9bf734787ef30e8e1cd53ab5f1702554ec87eb4e0d05e86dcbf63e712acb5602d3033c7ee4c4881f0b5d23f94d76b6e5111e7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
ff3bc9989e14abda0dfb3ee0cd86330b

SHA1
a3c61d19005b29b73f289197010ae221a881b124

SHA256
faab16452deafc8c858865a1f066e0dc312d81980631828c7a1efde1ebb4ae73

SHA512
8822a35c9d970737653136be88f16bb8bed6fbe1774605effe2539f60120b0d87993c5ed4c7eedc2c33c32c1fafa165c3db3ce094ae9dadd3ac4f0ba7095c0ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
83KB

MD5
05f2024e769213e963c4c9109b5134a4

SHA1
f083e6e2fb7a332a8655be5a345e107e0698afb8

SHA256
9e7c233cb461552e268e8eea43c9a4ff60ec40ae09e07fe1ca965c6b771e547c

SHA512
04b38c827b8981f6d60261e7e73bedfd1af6152fa04c87d101ce2de8072ddd47655ed1f6183d9496d8369f25c40db8757ab10e0f6e756dc420ad8f497819b3ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f23f.TMP

Filesize
83KB

MD5
aa403f4b5c115fc0ee73dfcbb865ea4c

SHA1
969a55fa6c96a1d7639484e7af91bb09a5ea7bd5

SHA256
81039f104821225167330e0ebb2d107b3c55b0158dd1fe0f5b9f8d22b4d0f403

SHA512
a97243452315f00104c443ec579def3e4a40ca413bc07f3fda61d6f2e9af8efaa32c2b658a64e328faaefb7e1213f4bac4e85ed47e8bf56d8c08ba24eb8d510e

Download Submit