hxxps://ddec1-0-en-ctp[.]trendmicro[.]com/wis/clicktime/v1/query?url=http%3a%2f%2fwww[.]dcctech[.]com&umid=0ccaf238-8d5a-491c-878d-70b6aa6b22b2&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-45b1b71c8b6fa3262014e3a114893d1d720e200a

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
11-06-2024 11:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2fwww.dcctech.com&umid=0ccaf238-8d5a-491c-878d-70b6aa6b22b2&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-45b1b71c8b6fa3262014e3a114893d1d720e200a

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133625798117121397"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2308	chrome.exe
2308	chrome.exe
2140	chrome.exe
2140	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2308 wrote to memory of 1064	2308	chrome.exe	80
PID 2308 wrote to memory of 1064	2308	chrome.exe	80
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 4552	2308	chrome.exe	81
PID 2308 wrote to memory of 2472	2308	chrome.exe	82
PID 2308 wrote to memory of 2472	2308	chrome.exe	82
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83
PID 2308 wrote to memory of 4616	2308	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2fwww.dcctech.com&umid=0ccaf238-8d5a-491c-878d-70b6aa6b22b2&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-45b1b71c8b6fa3262014e3a114893d1d720e200a
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa6049ab58,0x7ffa6049ab68,0x7ffa6049ab78
  2⤵
  PID:1064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1680 --field-trial-handle=1912,i,12505363513112849245,14990486825166884636,131072 /prefetch:2
  2⤵
  PID:4552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1912,i,12505363513112849245,14990486825166884636,131072 /prefetch:8
  2⤵
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2092 --field-trial-handle=1912,i,12505363513112849245,14990486825166884636,131072 /prefetch:8
  2⤵
  PID:4616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3016 --field-trial-handle=1912,i,12505363513112849245,14990486825166884636,131072 /prefetch:1
  2⤵
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3024 --field-trial-handle=1912,i,12505363513112849245,14990486825166884636,131072 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4564 --field-trial-handle=1912,i,12505363513112849245,14990486825166884636,131072 /prefetch:8
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4372 --field-trial-handle=1912,i,12505363513112849245,14990486825166884636,131072 /prefetch:8
  2⤵
  PID:3180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4744 --field-trial-handle=1912,i,12505363513112849245,14990486825166884636,131072 /prefetch:1
  2⤵
  PID:1184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4940 --field-trial-handle=1912,i,12505363513112849245,14990486825166884636,131072 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=988 --field-trial-handle=1912,i,12505363513112849245,14990486825166884636,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2140

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4988

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
648B

MD5
b2fb75be8cbcc4b1ce7fd4d012c6d179

SHA1
812eb5a991c3fa22fccc9ea661f028b7aff0cd0e

SHA256
6108c6510dd91dfd5f6b5a9e292fc27bdaff943add8e8f616808cb1b243805af

SHA512
6b6873d289654f2ecd2bc097141f563464d8518d29d0fb64be0a3f4a0356d25be21d7eef07ee1a8859ccbbda156db363ff9758a61f60d2923cae058a6a3e9d8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
75b4006771fcf8452b790cac6bbaf90d

SHA1
2992e453c9e23810aa468ce8092858e79720189f

SHA256
d3d71ed5da8d028dbab7cde6ba2dd210c598d4ac26720f52269ee14f4d6721af

SHA512
df66d2b006ac24630a3fc243d3b55bb832bd43c1f627b945bf2914166d5dae59f54e1956ac4de553804b484a81628434c5ef3e357c836a2c5e7e871b1e37a348

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ae236e69cd794ed6b1ca78d6380724ae

SHA1
af0822e3337034bade8a20599080aee6d6d88065

SHA256
8ad8aaf88dc41a25d700cf3abe80457f1f87f430be11d95e21d7a72ff3be2219

SHA512
2f22a4f00293244c53288352293a42b0bcea64489ac068ce052282a9eaa08c8b07e638913c0c3b18d461b691b2364653115930bc54bc2f2c85076d410e6f3476

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
688B

MD5
59f74809a326f4f969770aafa5bee6d5

SHA1
cad43cf44748837aa56502d85a5e172e3b34a92e

SHA256
75557ce2e204a40a1691d560e5490a47c50c07ff74af6fdea2d5802e37500e00

SHA512
24f5c6223c342e0b662871cb4f3fa8f5bffbeaa8234ac5b1e2a7ae483df958754a3e2e921137e5803976a8564930c11248b9257e7b856ea97cbb0d517ac596e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
855B

MD5
238c8d5df77042b4c45573049783b9a7

SHA1
6c711871b89059f1214cb3c94a60118620d1a139

SHA256
734039f1ee2a7caa8c295597ce03f7b720bcefab5e2ea7a7f4492fee4b15aff6

SHA512
410285c6031ab848abbfc32dd6261d66defff1f6ac9c32726e55578611fea1d1eee6dcdf0a437c2aaa2414d8f74db31a665f75eab9741876d91726422bd1e4a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
bedc8207922dad57e3a1c6dad5803aad

SHA1
5536b7a36933d3f0e2a6df5843f939f69a9c0565

SHA256
948844be80ef4b7e1bcb517fc342b548588551220788dd740fc6d07e7f67babd

SHA512
44a5d42be0e06fdbd5c101ddcd7d83a0a65523f9b7308d7629756002e256533e219b81c7a64d3c5e03baef6e2866c164938e1589f0e426f8f902d3d4c46d61ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
f7ae878c2b0ef3665664bbc7b0c2f069

SHA1
8a96effadeb3f47094b1caa0af87eee43fa6f136

SHA256
d1f614c10014877ea3acee779bb7e0543a0cfa5bcffacd0a277ec88bfaaa2db0

SHA512
e0a1fb8ced405ed243a39441f543ffdb817410dd9fb3ebb891b5f713a3de9a56357087a88480a8104c24412709862f005a384e77a8ac2fe13c2536c79f571cb3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
8f0e1fbea658c287139d378b9997a099

SHA1
052e77bff6873ff41ebc717e4bd49254ea31ceac

SHA256
6f6bf35302febf1e825e9b4719cac4960c997f9bca98009018b4facda40ab207

SHA512
1bc80cdaf966b512ce3aca75e8500a6eea55489ecda70b7e9a10d77dcf3d227dbae195f5a0900828fe3c5611e978dd0484febaf61acf49a93d2db25f1c8c018a

Download Submit