hxxps://global-zone61[.]renaissance-go[.]com/welcomeportal/2145350

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03-06-2024 10:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://global-zone61.renaissance-go.com/welcomeportal/2145350

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133618850272188681"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
644	chrome.exe
644	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
644	chrome.exe
644	chrome.exe
644	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe
Token: SeShutdownPrivilege	644	chrome.exe
Token: SeCreatePagefilePrivilege	644	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe
644	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 644 wrote to memory of 1320	644	chrome.exe	83
PID 644 wrote to memory of 1320	644	chrome.exe	83
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 3368	644	chrome.exe	84
PID 644 wrote to memory of 2652	644	chrome.exe	85
PID 644 wrote to memory of 2652	644	chrome.exe	85
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86
PID 644 wrote to memory of 3944	644	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://global-zone61.renaissance-go.com/welcomeportal/2145350
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd5eb1ab58,0x7ffd5eb1ab68,0x7ffd5eb1ab78
  2⤵
  PID:1320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:2
  2⤵
  PID:3368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1924 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:8
  2⤵
  PID:2652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:8
  2⤵
  PID:3944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3004 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:1
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3016 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:1
  2⤵
  PID:1176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4340 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:8
  2⤵
  PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4500 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:8
  2⤵
  PID:680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4476 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4744 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:8
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4748 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:8
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4168 --field-trial-handle=2036,i,7530433133000528702,4204220614109772876,131072 /prefetch:8
  2⤵
  PID:3740

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3444

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
df4dd2bf38db30e17e53a444ec73a82f

SHA1
8e1ea1bc23882cb6ef0048fe502c263d8cdf40cb

SHA256
a683cad4000aca45aa29941dbbb5add1a769b106ff7e1b942f59d266a7d5ffc5

SHA512
b67f592d4072c2756ec3af50d2d192cd0e737fc76a663fff31f78382f0ec424126699927c6f99c8a35fca78dacca88544187791b3bffe5e177eb04935879113e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
c6d0a73de778d7767f1546828edde510

SHA1
351a7c8cae8ca9992f2dc4bfdc36d50070586163

SHA256
83cdaef103c7e5989ad4d2888e39830f98c1a26ea985385fbbbac35b8e9575ea

SHA512
a89b367edcaf5b953f28ca1d33d2a5a73b8b1884b1e2e9c60d3a5574b65f02bcdf7fae8084dd839abcb5e16071093e89d888235800b31ffaae77855063268f91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
9808eb6beb0bbf96cf235c7955750f8b

SHA1
9b8c005224f103cd9b9de5223b347a38b050739d

SHA256
5d22e46232117587ca84b8fc2d0aa0db63fca2511315c6ad50cb36191b3931a4

SHA512
389401b7664b2e9392eaeee98422f60e67e0b81baadc6f500eb17f550cfad0a215d431e8d4dbe6b427c39a11f03e11c452379d1f826087ae343dafd3788a634e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
426bbdacd5b0c54073ff6a06b9a7a748

SHA1
c21d0cd52e103ef66e07b6915471b52ec89e7497

SHA256
db25978e27c17f4372f5813cfa00bc134319dcfb526fdc9c7aa628a802489bb2

SHA512
6f6d8894632bdafc9ad0efcf1fdfec2eab1904d2ffa4b7971a6cb1771b0964a67a584dca14737b274bd3387cf8d307c6b4b637c19783b5ec410a2f9e54b904be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7d5cea247c9543685454c304d66d4010

SHA1
400401878838587ee25ef227eb9094d8e2f48782

SHA256
3c155e446acaafa2ab3fd6013bf4c0654fb04d857b465804bbdbf0bb0362ed63

SHA512
1de250a3909dcb9ef3ec9914b7dabc4679e6c8e65e0da949ffa4c8aeaac0f98750b9f6dbdfc766658458ce98410da3e2d2d42bd442d53c20f8af53c2b3107907

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
48456747e81e36fe28ad025a321c00c3

SHA1
bc5381e8d3a51eac7e2bf4cb7c3cf50ab01f02c0

SHA256
a88ce18ac523f0109168c45665bd704cf42f806c3c9e2c7dd43897c1217376a5

SHA512
4985b65c2c39e4bed070d4520946db4af83133b637781002f5d0082445c610fe079b32e760ff762cb4f871c08fd43d51a27e31b606b705b6bdaff6c8276c7c96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
00a46e6fe6114c85582a620d81b92232

SHA1
c1a838ffcf41ceb23ee3d64681f9e27d1a643955

SHA256
c2ccce328e168461520565ce8d73b1686187950512d75a3068bdd2474bbc515a

SHA512
b2c6798fcbb5a6b19540b2fcea655737716d79edb0fcc01cf7e95fb1f0ef3c0171e19452eea26c84d05b4c18e83692ebb20361d693b4d8d368dc8c9a293a74ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
7156dfa639218cc3163b23d869f4901a

SHA1
6b9425674720373a9a4aebe3526c6d957dc3a30a

SHA256
efa8ff54c3ee323f8c0b0d07bcab309bc663b48ce46281aa529c49846ee1ec53

SHA512
f6e24ade7f4e52483540a872406cadb616c2d56bfe4ae1286dfe16af7992e6c4aa0695f5de823d3b099f0d08a76600d354d23a44738a759ee6457f1d0b1cd749

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
bce42d6fd9e3ad041250e22dbdde5ece

SHA1
571345aebf7bcfab31b47b3393447070cd4b78d9

SHA256
08943c23cb1811fb7aab83f5468185ebd41343e08b0eb0487a278d1af4ab0303

SHA512
d760b001041461c49efb9a314ca6f9dc8e85eda769518749c9c2c2868c46ac540a4195008bba345e9cd17cecc8d8b2457abf1947720e04e522962f1eec495457

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
834a19eef6767de87922939bbb5c897f

SHA1
6b08412ad08fef82acdd0f611b13af2aceb1431a

SHA256
a023cde9e0db28984361d9aac37b360490c9b6d7c375400570d1c95159b80408

SHA512
4bc27eebfb11bf2380c2d8b0eb858d00bf863498fb7705e963f8cb4c742b6ae09921b929cfb08f387e3c7a37a1df8b9cb52cd0971883f1669b6eb64a8f91ad6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
07d309db6119b8a986ddacd48d70b289

SHA1
4f327b672d2095bb3e7780811da4d6eba7f85dd2

SHA256
5a37dae1a27af74622a5738e623c8e7cce962ceb8c85b258fd08d136fc45fd9b

SHA512
3df54354c177b56c849d799631eeb958539d7c317abac67d90dd6b654ec1a129fa17b91c8793e054b9757d3f78580b654a0b4e56b0327a41bedb7c8856ef0816

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
517ac08b46d496a2e0a7cbb27f0b0246

SHA1
6205407cfea551185ac1d37f9ed6825ebe6bca62

SHA256
35752e3922d023d8acd9269742b998e4a17205158cc5cb4e5417ba8e445c8dd8

SHA512
e12617e9a750ee7d9db20d5467f6ace0c0dd86ee3a7b2afa31a78412b8b011aec02d34172a218d3a65aa6fc66eada82d2d373441458fc759aec31f0c65c7d6e8

Download Submit