hxxps://latamcapitaladvisors[.]citrixdata[.]com/f/fo61d62a-63bb-40a6-b4cf-8b5cf4d77202?a=c5b21cfeda475e3c

Analysis

max time kernel
299s
max time network
301s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
24/05/2024, 21:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://latamcapitaladvisors.citrixdata.com/f/fo61d62a-63bb-40a6-b4cf-8b5cf4d77202?a=c5b21cfeda475e3c

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133610594874224629"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2208	chrome.exe
2208	chrome.exe
5044	chrome.exe
5044	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe
Token: SeShutdownPrivilege	2208	chrome.exe
Token: SeCreatePagefilePrivilege	2208	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe
2208	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2208 wrote to memory of 2544	2208	chrome.exe	83
PID 2208 wrote to memory of 2544	2208	chrome.exe	83
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 5028	2208	chrome.exe	85
PID 2208 wrote to memory of 3048	2208	chrome.exe	86
PID 2208 wrote to memory of 3048	2208	chrome.exe	86
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87
PID 2208 wrote to memory of 4868	2208	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://latamcapitaladvisors.citrixdata.com/f/fo61d62a-63bb-40a6-b4cf-8b5cf4d77202?a=c5b21cfeda475e3c
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe1ce8ab58,0x7ffe1ce8ab68,0x7ffe1ce8ab78
  2⤵
  PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1852,i,16921789646376765661,16554844276818449531,131072 /prefetch:2
  2⤵
  PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1852,i,16921789646376765661,16554844276818449531,131072 /prefetch:8
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1852,i,16921789646376765661,16554844276818449531,131072 /prefetch:8
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3056 --field-trial-handle=1852,i,16921789646376765661,16554844276818449531,131072 /prefetch:1
  2⤵
  PID:468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3064 --field-trial-handle=1852,i,16921789646376765661,16554844276818449531,131072 /prefetch:1
  2⤵
  PID:4128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2360 --field-trial-handle=1852,i,16921789646376765661,16554844276818449531,131072 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4944 --field-trial-handle=1852,i,16921789646376765661,16554844276818449531,131072 /prefetch:8
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3352 --field-trial-handle=1852,i,16921789646376765661,16554844276818449531,131072 /prefetch:8
  2⤵
  PID:1348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5076 --field-trial-handle=1852,i,16921789646376765661,16554844276818449531,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5044

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2096

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
156KB

MD5
6cdd096f9e8ce6069181a3c8d6a8d009

SHA1
2772ef3a2f0472c95d0420c93fc8bdb6631ece28

SHA256
06665824b14b18bf7f039424a573747d30adac364dd39e1e713a5fb44b5a1ae3

SHA512
1bf492a6a8079ae026f03057cdcd9ba6f08d2685e98db611e39bffa70c15107ef374b4c26e474c8d316eaf136bb7b230b21bb7c227a86098907508d01dd50d69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
912B

MD5
363049b08e3b97385028e0a8f6f94189

SHA1
9d8688deb11f8ba0bc4a629fdd30adc3e41690be

SHA256
d0f3f2978975d45d21c0a0505556090f38c12178cd92439219bc29b821c45ba7

SHA512
0852f2bb3ca4a8e92a3ee20550f0590ae9fc37ca45357305d44d7a7484ebd72bb1c8d066e51655fcbef5d442da2dd7605eb8749015c05c966f29fa3d0506ed62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8e74ba2cc5f0c4a3b7c6991fcc5266ec

SHA1
3d0db58bda4f0fe82294f559e9a8d492e78995d9

SHA256
1645f040cfddca83dc08ee5c6b7cc7212542b50b748eb92fcff3e77deb66946d

SHA512
3b38144affd314ce8a5bbf8fb7375fb67f437099767df69f146acbc5321f6790f924503489d93e4d3a1fe00ad112db9da360f8ef6d0e43968c958b163ec3bd77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
175f0ae222f8880c1b5b6fff220d353a

SHA1
159218964ff55e638851f63b5bbfa3c53a0cff7b

SHA256
57c59341f1e4caeb07a9dd3897a3fe192a5e793641730748690cdff2c8d683ff

SHA512
ecaae30979d012f6f04689ad7a626b07ac7b36bc35dfad5fc787f1c0a6478161d182dd684bd68140b82b663697d4622be4cd6f02e7a55f5b2d1e3f53875af66b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
eac0c88ce903f628689907f26227ee4a

SHA1
f361e37a5fe1f83edaf1c40da1a6fffe58af2b9f

SHA256
193e53d21754d096770889b22d3c0b5f2180f5c31495e96a8c55ae8c33e766e1

SHA512
fa02be04c201020b416f340e95e81d184ade0216ed154c821bfb2f0a1caa697d4cd93bab35672a25de599486f1c6c4ecc2ac9e05d8319ae2bf9dbb39ffa9ed5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
7b4f8dcff9b838c34a90c6d013f3905e

SHA1
705908e8ad0909641ad3bbfb68e82c86847fe510

SHA256
feb5062b04050ffcdc6274233692e22b95b1f33ebd1cfe65074e61cffc654b0d

SHA512
b76fd563c17d709852fe26178c2522a1a9ea9fe3631c3184994aa9eb59a6e83536603dcb4f3ea6e44ddc398f59842ec472b012dc7b11ddd0a609bfa096026d53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
521B

MD5
25d79b17ef083ece077d0c08854b3505

SHA1
da4fe1f23970e869aeaf0c4e1438d0bcecd34b94

SHA256
e7fb01b9d7dab42a6163b85d1a59a6a1a912213652ee79fef5fa8ac14976b15c

SHA512
ed2b4dde25f3a66e2aae9ee470e65df93e0fcaff6a436267977b12ef94b18b1e0bf8c4a7c0a15f36e3755bd358a63dade4fabbc54b491cdd02c2589671f770c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1022B

MD5
59a499dbfe56a9d8e3eb118b7d64518b

SHA1
60d0761004b0dc3af638e8ff4bb1a6f28f0dc580

SHA256
1edb14f064149b37060c609b40ab482b7ba501d794c1654e4b1771ff352014d6

SHA512
a3bd7c21098586344a7ff96709a14bbc3674f1522424b8177d8d6672dfd80b77ef69ab63c6f609ae7f936d66fe2fe3797c58a9b523827d00177cf11a00cac920

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1022B

MD5
bb640b46f25bd94d09463686432764f4

SHA1
ca9da7a18b4b18b786ccafe8f30e8b58dcac3e1d

SHA256
bd299554d3446109f908c78df315e42174f16a28e412a56713f4a8a7c011252e

SHA512
4d5deeb801e2ea4c640f3a1dbd4824d9634c64e77bfe842c6110b8abffdef9364092a7715ba8d3d6c68f9b8171fe12ce9ac320589fe50888369cd25bd00b2db4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ca6c30d554e2bbd6bb9f4c5bab3b560c

SHA1
b5478bcb8045502b9aad8f33f696683aace8b038

SHA256
04579acd12d04053cdee542a1974b9f8a5996ced20f3836322eed3364c984af0

SHA512
9a1e6c0318b1fad17e59589f4b2bd39f94d474d348aaf90e4cd2674bbe7abd5d305b38ec6db55ea89027b5ca03179a043c3dd39c8af4ef9e9daa2e5b8e9aaf57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
3c35287200ba497e040decfad35975de

SHA1
43862a7cbf76ad108fa33b62efbae909a2a4de0f

SHA256
bfe675980dcd8afb7ce70256a5d4d8c4238e8e89ed7d3e26d729b9b2a2c137e6

SHA512
63c300d88de0743b4c34b07067e750da56e25c7e92ba4597dc394012d3ec06a9f6edeabaff85f293910b407f96bc60158eaa95b6bc1a445d3c129f27ef12b465

Download Submit