Analysis Overview
Threat Level: Likely malicious
The file https://link.elliottscotthr.com/api/redirect.me?track=d2c3582f-61b4-4656-b2d8-ed8ec48a6d13&url=mailto:[email protected] was found to be: Likely malicious.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: [email protected]
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-29 01:25
Signatures
A potential corporate email address has been identified in the URL: [email protected]
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-29 01:25
Reported
2024-05-29 01:28
Platform
win10v2004-20240426-en
Max time kernel
149s
Max time network
148s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133614195529702602" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://link.elliottscotthr.com/api/redirect.me?track=d2c3582f-61b4-4656-b2d8-ed8ec48a6d13&url=mailto:[email protected]
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaef7eab58,0x7ffaef7eab68,0x7ffaef7eab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=272 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2256 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3044 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3056 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4812 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4960 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument mailto:[email protected]
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaef7eab58,0x7ffaef7eab68,0x7ffaef7eab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4960 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4988 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5244 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5380 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5304 --field-trial-handle=1904,i,6060023194962953642,13117941916158021175,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | link.elliottscotthr.com | udp |
| GB | 77.72.7.206:443 | link.elliottscotthr.com | tcp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.7.72.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 216.58.215.36:443 | www.google.com | tcp |
| FR | 216.58.215.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 36.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 172.217.20.174:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 398448af6d6cde36c81da20f62a65fc3 |
| SHA1 | 4ace94835bfb9e2d922a361cb6612127273fd65f |
| SHA256 | 88cacc3cd5463138755e5beb7896e942573bedd7f5a660d807edd85f20cece6f |
| SHA512 | 4e740a364af4a50a730a359e8e1a81a27cb6d4f9933b4cb7855a9baf12928e99bbf4548a5317325b5c2d83606c445899685b603312cb314e29d0e93fa5cd5059 |
\??\pipe\crashpad_1212_UQLNFOSOZJWEDRRL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8b9fc1d1a23a2f7261be625b611dd027 |
| SHA1 | ff869f7d76dcbd2acb91630385ebda1b2093bfbf |
| SHA256 | d1e10097b75e41345ce9f3f6ff98e4534cec04087d2c89e063ea351c676b92cb |
| SHA512 | 3c4e2b4bd38b8386d0b02b5925f5b13c2949d15860a72df5c36684945bf66953edcb065c9625953b6f76c4b2980ddd227046e4dbc71aa6526ad8c02af5dd717f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f7278b3e0c7464633aedbbde72c14259 |
| SHA1 | 34af7f24b9590b70a4cc1b79732d39fe5b7d9f14 |
| SHA256 | 699f8e149cafcd72d25147052691e39ac3b66a7be7eda77396d3dc402503f6c2 |
| SHA512 | aa16c92b68a612c58917918994006f801d5b22fa811c6f39a5ea102e94eebf44f371da3d7d034fee5bab60cd0852317633e1e907351f9ac0c7488d8b07bbd707 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 772424160a740ab46f10d75ee3f72e87 |
| SHA1 | ce1d08ca4145f6a14ce3727642af5a997f73d1e5 |
| SHA256 | 00ee43ab7fd127a5e0b86cb4db053f67544834eac165db5b54f4b1d406952b84 |
| SHA512 | 920600c6e67f96b735a40de5e0c4bc1c585f49dc7e92bb07295bc0fed6b1ec3814f5813690d169d574b7184a6cad67cbf97718c224b0cd95cf7df239ab536d88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 359b67cd645f11452de9696c9625bb03 |
| SHA1 | e8faa37574d4dc279a0c111746cd78387114c96a |
| SHA256 | dc0c48f98e4bbee8a9e869993f8a6d07782f8550a62ccf85c8ffc43e9eeef2de |
| SHA512 | 3097c554e4aedd2d1009c590e8fd614d72d115445ad22c0ad0f67a24d0ba5f4180d5135cd85a0c8d54beb1ea99aa02dd2b6ed47355bdec85be4464c55ff33826 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0ae60d09136a48e80322000e1f84eb20 |
| SHA1 | 13df2cce59677b4bf92dad5647e68f640b9e4456 |
| SHA256 | 39f483d355692b637364ed67781b3240b700e0c000af3a00d9bdd85b96f93d30 |
| SHA512 | 9e14356708a16bb1a6d0a3150f7283de0019deaa61934900c4efe35e7703968af2983c393f267afaa070880606c6ab2d25ec6d37825ffda032437b2299194137 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c6ac6511d65064a7c32d4c133bae30ba |
| SHA1 | bd7cf57d401b81fc81b4b00344494d684befc1db |
| SHA256 | e3cebed989ff92ad066a86a290fff69ebb3d253b12914d513e2badd014b87404 |
| SHA512 | 689004d7377ddb439fe331c405ea13e9e00ceec99881ded6fd401ca85dcc799428d8006b89f7f05f7943c91af5e8629ea28402373efbcb546e00acd579498bfe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5816b0.TMP
| MD5 | f1d045e3005f5e943210270008bd5563 |
| SHA1 | 9b80d9856efb0876242852cfb1302f0abfc85e79 |
| SHA256 | ed83ef13aef876cef0cf189795f20ab0dcdbabcd72063378e951933fd435850f |
| SHA512 | 0eb3c9ac408b4b16cab65f83b2404c8f808db7716fa3f3b604b20b9adbd669be8212ba51b68155f2fb9f5c72c981811645203f5021f5a63e19ec8e9e2a6cf235 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | e653094f39f4dc681380f42e0c125ed7 |
| SHA1 | 8eec86248aa0320e7976f1cf4987dec2d3d1f6f4 |
| SHA256 | fe4d82cf86070891d347a9bff288e2826987d8472ee3ab2dde50d2d76d033e71 |
| SHA512 | e589ff63eb2a5bcbe57de31535e40fca43852cfeb39e862faac5b1e8adbf820d917ed926cf43becbe122302e3d9c674ce2cb80d8947bae90975b156d6542cd70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e885f10303ae2f5d0728d0c363dba108 |
| SHA1 | 8adc042209332e81d5bdf36a19360acf24d1e0e3 |
| SHA256 | ce37e51f7ed6e0c2361c784c367152a9323c167bcfe0c7442cc7d9db65458955 |
| SHA512 | c12f2268d819662aff30ee921c06a621d24a4eb8243cf91b4b970563db7da78e6e0d4b4f35eaa51b8ff613117a2ef6b53f74f6ffd72713e68b90ec91eed08540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 8882a615fff5d83ada2cda30ed73bd2f |
| SHA1 | 0eacbd79c3e66aaa27ee9c2e2b0b980a900d2a6f |
| SHA256 | 9f083c9af0f74bc147e74820fd7751bb072808f45428b2d06065801c34719e01 |
| SHA512 | e6fe8d4559a66b486c33b76cf7299966001e551731333262b15e36fc1b4c96f559e96aad8997466de97dea0d0de71932a28110d09bd3a83810d937e7e5dd0591 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f0c3f2d63c9d8e844340a8c76bb1c043 |
| SHA1 | 256faabad49023aeddc484c3c2b8274d13d92181 |
| SHA256 | 1ed98e59a6236d6abb89154397c537ed777eab1a941a96880e51f63d198989cb |
| SHA512 | 02df2be1aa8f5d3f32546c21353a4f8a9fc9ffd90ee24fd5c06c661d32d07cb0e9935ca0b11904ff71a2d1df0d24c4449d2fde4bdc9b6fad7807b271a5dbd495 |