hxxps://kb[.]netsupportsoftware[.]com/knowledge-base/manually-editing-the-client32u-ini-client32-ini-file

Analysis

max time kernel
149s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
24/05/2024, 20:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://kb.netsupportsoftware.com/knowledge-base/manually-editing-the-client32u-ini-client32-ini-file

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133610563859842733"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
452	chrome.exe
452	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2392	chrome.exe
2392	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe
Token: SeShutdownPrivilege	2392	chrome.exe
Token: SeCreatePagefilePrivilege	2392	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe
2392	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2392 wrote to memory of 3872	2392	chrome.exe	83
PID 2392 wrote to memory of 3872	2392	chrome.exe	83
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4968	2392	chrome.exe	84
PID 2392 wrote to memory of 4588	2392	chrome.exe	85
PID 2392 wrote to memory of 4588	2392	chrome.exe	85
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86
PID 2392 wrote to memory of 1440	2392	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://kb.netsupportsoftware.com/knowledge-base/manually-editing-the-client32u-ini-client32-ini-file
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff80f7fab58,0x7ff80f7fab68,0x7ff80f7fab78
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1616 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:2
  2⤵
  PID:4968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1960 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:8
  2⤵
  PID:4588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2280 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:8
  2⤵
  PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2920 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:1
  2⤵
  PID:3984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2940 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:1
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4392 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:8
  2⤵
  PID:180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4544 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:8
  2⤵
  PID:3392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4560 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:8
  2⤵
  PID:3260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4544 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:8
  2⤵
  PID:4768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4568 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:8
  2⤵
  PID:4376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4588 --field-trial-handle=1944,i,15634964876929016812,16282060988970404681,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:452

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2312

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
cecbb003012035920f608507c0490d4b

SHA1
65f3a543cff0b10f5b37c5769e39602118aa2dd6

SHA256
a00f7fba1d605b2ec78d0fcc1a60288c3d07e2ee1afb820987453e76eeb35e0d

SHA512
0c89042ee1c0aeb0213aed555ab4dde2681d6335fda222610c04cfee6a804c7e1382b638185bf5700963cee10814bcc6cbcd6b540fa303e98b358b8a8059031f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
9319a3bf0c7f065ad1cf734f1d33ed4b

SHA1
aca05757f905e9f3ccbae972403860760dbde643

SHA256
779df03ccb78ea6340d66ba07aa58eb823f035c05d7ada9dafc472d3f766e4a2

SHA512
a322231804b529d6a2b91c37205df8d25cceb3c74f46db38f3bef4b311355b1b6abea34b3576c3f266324213928792d80839094fed05ec8eca7a17f6dbf28f26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
b20ff4b9712802556b7ebd662bb9023f

SHA1
51672b09648747aeb64316dde005fd8ae8019512

SHA256
4103f1e00ff9942ab624b0527c2a627f61a87454e6d2e45d859fb7a519408df6

SHA512
a202e4b3157574e5b92cf82b1c026990a733f23762d35ed88a3a8b3b2d72a19a9fff9d1f2675ed2084a3e9559479c3e3a8ae911cb6630fcdacda45a7f0f769fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ce2b21b89d9987730e89dd5b969d3586

SHA1
dd3467aa7b3a0628af8c6426495a81442461b877

SHA256
e79d81ba35086af8f27f973e1d45912d40df58f92eaa3e9a44a559bd2f99307c

SHA512
c31aa492cc23c63a9fe147c0409d7651c790278ed9ebef32db0a5d067174575a9e324cbcacd6cf6280cf1dacb0a3714154842b65aee6d6ea80eaa8e0541cf85b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
ff5176d860517d386dde4f132653a5f6

SHA1
bb9eb261b7baaca87641beeba026586177bb663c

SHA256
1fc8ffaad677731561c26f0bd5172a18a020b29befdc110b54623e5e388f8dbf

SHA512
4b46f2431c18f8e1c430f490f9a3ca272ab186f5de3fed5f20cc937cf0e9c76733e672089aab3f028caf2fbefb058078fdbb11677e49e40a01a1820519077ee0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
4e4cc51baed01955507f8d20abd10c70

SHA1
07f4678e2f9526bc61707417f2f35d798afd0123

SHA256
a7aba620a398e34faa0ce0aa7a51bc632a034bde499434b3b34937807d7c0d57

SHA512
569a43d46ce00aebec76e4b0c6937c3baf27919c574ebee50c9ed8d0b9cbfaf4e10ab51168672e97e1820df85d4440af32aa2826500aa8162a304b5c4c0da8a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
0e157b61a556a659935d56be21aa5714

SHA1
2d6fae81ae873a0b87327fec8544e6899daa9571

SHA256
94feb8897f5a3e3762cbd3292a4711bbc914bb0c25be408583d891b8172e542d

SHA512
5925d16d508641315e0318355dc686267b3061a7b6a4e926e2ff4aede1498d4245944932ac931aea5d4199be9adbf091425c2ce3381356f265c75d10c134a909

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
277KB

MD5
5c6c05478fb4eaf8778fe7ab8a85a36b

SHA1
d1149c27460410f7665e1a3caa9b1600abf7e1ce

SHA256
5ac4f891a70e8f5137cd5a6400b9b4bdff3d27430316275f7a01697e24dc0124

SHA512
ea94f71d5770eb714be50ffbbd81ae32470312140361201add899af59c14a57d45f05e9bdc357e375076543b4618fcd625df7e6f1adf8f6619a545a343611fff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
e6ccab17ea88407819f079973b59b6a5

SHA1
de6bb9ebce26882c4e7c10715c884d3c8d65937e

SHA256
5141781bdaf62b984616f312ea9f30a16c4425b34a608c1c56b4ed580bc117bf

SHA512
b7c3c2ed6ee387b8105b4bcc6e963f59d015dc44efd5bd10927a5b5ab2560efa420d71c02064bfc131041ac072d65301e8a78d440ed2f94ed284b8a379c8da95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe580b65.TMP

Filesize
88KB

MD5
4e610bdb6967139e97d8a3fb75db537c

SHA1
2567c6d75d13cccf452297013181df4d2ed0bdac

SHA256
cd10e39b9977e9cd874e8994c3a015b0c411b7d5a3b20cc3a967ae4eb01086f9

SHA512
3ee831a84edd55f09a00fc86e880a62503c130b699e270fdf4543e3591f6aa9cb488e09d2c3ff7d46b6762bcf75038934f61781be938d65fc5a870b96d42e654

Download Submit