hxxp://otter[.]ai

Analysis

max time kernel
149s
max time network
150s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
11/06/2024, 14:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://otter.ai

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133625907430863833"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4284	chrome.exe
4284	chrome.exe
2004	chrome.exe
2004	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe
Token: SeShutdownPrivilege	4284	chrome.exe
Token: SeCreatePagefilePrivilege	4284	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe
4284	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4284 wrote to memory of 1864	4284	chrome.exe	76
PID 4284 wrote to memory of 1864	4284	chrome.exe	76
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1904	4284	chrome.exe	77
PID 4284 wrote to memory of 1936	4284	chrome.exe	78
PID 4284 wrote to memory of 1936	4284	chrome.exe	78
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79
PID 4284 wrote to memory of 1832	4284	chrome.exe	79

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://otter.ai
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe140eab58,0x7ffe140eab68,0x7ffe140eab78
  2⤵
  PID:1864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1632 --field-trial-handle=1824,i,5224645970362034929,17947361802404047800,131072 /prefetch:2
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1824,i,5224645970362034929,17947361802404047800,131072 /prefetch:8
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2164 --field-trial-handle=1824,i,5224645970362034929,17947361802404047800,131072 /prefetch:8
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2960 --field-trial-handle=1824,i,5224645970362034929,17947361802404047800,131072 /prefetch:1
  2⤵
  PID:1032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2984 --field-trial-handle=1824,i,5224645970362034929,17947361802404047800,131072 /prefetch:1
  2⤵
  PID:1012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3984 --field-trial-handle=1824,i,5224645970362034929,17947361802404047800,131072 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4456 --field-trial-handle=1824,i,5224645970362034929,17947361802404047800,131072 /prefetch:8
  2⤵
  PID:4092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4616 --field-trial-handle=1824,i,5224645970362034929,17947361802404047800,131072 /prefetch:8
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2392 --field-trial-handle=1824,i,5224645970362034929,17947361802404047800,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2004

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2480

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
589KB

MD5
4d09e8a70f9a239afa347b43006a1570

SHA1
d6167ff88e34bedce16339c7bf57ae8cd025a524

SHA256
7c78e5d678961e9353636c253ff0c51104df90673db97088fbf3b83caadbd1c6

SHA512
50fb721d6b3456e931ad3aaee040f4166eb4880314ddd8cc7afa4429c2a9e8c9652de4606bf580794b0c519f5f3d00bd556cd9b9b5ca906e7e7f677ccd5fd2e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
861KB

MD5
e66bc8bd93c3c0cf70f4a3ee9b443789

SHA1
afd5c4522b1f7abeec78689c90e5bee52466f966

SHA256
1c00f8104af4e0a59f1771242adc23446f83e3ab93fff4478e25aca65ab3648e

SHA512
ea8db5f5cead98b7f23ba855b9acc0203252c37079ce80d9dbe2ea8cfb60feaae306780627fc823940ba2280687c9b880d3cd8df2bdba4279b6d2b2149dd6023

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
9c42127a8712c699a5e507ac75e0dc21

SHA1
f5debf4122d115605f957791e932511827b14019

SHA256
793abeab3fc7dbb1e3d284090dee759faf23818c2a6b89f208ac5912da2a52e7

SHA512
bc880e01ad26b80da9806033dbac822eb6b5c98385966038299ad27ae01c2df4771140fff12fc764e9dd2845878a2d834b0d2d4812435630deb49c0602d1c295

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
4648b86043eed69b8e6b25f5d39f78d0

SHA1
ec9b633ef55953ad0be843a3ecc337bb1439fd51

SHA256
7c22ea0758e649d24db3b03e425b060b6591c3e53ea76adda11c80b9ab0d4a66

SHA512
1415c9688bd92433224775c735a29cc6cd89a39c9b72db0a68022c30e17b562312e33fa2d28fa559b7706ffbc6c96632fde1ba9abdd5aa8fad86bef5806e43db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
b2422a150222ac5d5761ac713023a342

SHA1
3c6ddf652cd6640f1d47cfe3dc12d022e2a04571

SHA256
6163873816a75974638d4679b2676dca5d154c8f4a8d06e23d27c950294ecb36

SHA512
b861cabab9b734cb0b8fb3762d6109dd74350ed5fbb5b92b3d1e5c5da31be081bed374bd0ed2a44a2b46258f901291cda6f8b70939df06d89b0aa14feb07fd54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1023B

MD5
4766df5d39d68049d875b4f1a9564bc8

SHA1
e4914c39254a65cb97142b9a38b2803834068610

SHA256
cad6dd9a16da31243a700dfb582ac5730db01bd8d3e041486f19955b90aff6f7

SHA512
d1c40715bd2ea8051ecb50b90f79e717ad1be15d3b23201e87f9d8d07afa55237711eb172c3eb93d165f0f42d54778303c6183e4aeb1645699d1b02f5a6fb9b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
beab206710d7facab306d58940ffa259

SHA1
7d17636a9c7e55506cba5d114f8887c8d50ed91c

SHA256
b93d21b0dbd2a04ec21d9a05e465c9ee62fe67c55ffdd682b8c1526adf864ccd

SHA512
e854177eae059499ccd8c3fe779a42b1cf24ace0b6d6d4fdd17ef27741bb2d010996137a6eb2d92b4dc92eb8dd1d92cf4ca422654b6afeee832514e2cc81a3ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
790b239c53ca2f92e5306487102115e0

SHA1
e57a8eefb120e0b74239385e1f4e15a7b9820561

SHA256
cc0a871b45ff5715bb088faf35b2fadf446056c4672dd7abad69eda4601c3e11

SHA512
3648c16c21a033f6931dc5d2bb4053e5b83c199f4a7f2acf7e5259d0525c9a388f417d06ace6c33780dafd345c4950f38fd39df2364f198ff902deb3a595d535

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
67c289dc04a79779360459c09173a2f9

SHA1
f562f8f706b753ffc70538b8ef4fac2ea0dc8c89

SHA256
68c70b391e327526c7669f8996d1d81a5c55472d7d5a05f58f8ac449f30edde8

SHA512
60082ed95c0956fdbca39810cc480c6cfc38fc09b6a62e62790ac0092fbc062cc77095c46ed320946c07aaa90e5b2b2f574d699776aed481a6e8e0a49ca19348

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
9dbf86d946f1c9a0a0264d31c2b374f3

SHA1
bece8f60b64e796c7a669d9dea616a6d1e1b6b0f

SHA256
91d358dcd34efbf8fc076183f11cdb0a41993a9427f2d11da2446aebb6e8e640

SHA512
79df5c65de82cbf98e51147e59434afd88dad1147f6535a743c59af675c3357fec39c2453b93bc4dc41e4349f764bb59057a6f3063756b41edfe4dbb0ee408d3

Download Submit