hxxp://enperspectiva[.]uy

Analysis

max time kernel
149s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20240419-en
resource tags

arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
submitted
13/06/2024, 17:06

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://enperspectiva.uy

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133627720378731260"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3396	chrome.exe
3396	chrome.exe
4920	chrome.exe
4920	chrome.exe
4920	chrome.exe
4920	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe
Token: SeShutdownPrivilege	3396	chrome.exe
Token: SeCreatePagefilePrivilege	3396	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe
3396	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3396 wrote to memory of 752	3396	chrome.exe	76
PID 3396 wrote to memory of 752	3396	chrome.exe	76
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 260	3396	chrome.exe	77
PID 3396 wrote to memory of 3336	3396	chrome.exe	78
PID 3396 wrote to memory of 3336	3396	chrome.exe	78
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79
PID 3396 wrote to memory of 4316	3396	chrome.exe	79

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://enperspectiva.uy
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb850fcc40,0x7ffb850fcc4c,0x7ffb850fcc58
  2⤵
  PID:752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1828,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1824 /prefetch:2
  2⤵
  PID:260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2044,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2100 /prefetch:3
  2⤵
  PID:3336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2164,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2180 /prefetch:8
  2⤵
  PID:4316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2992,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3016 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3004,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4500,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4512 /prefetch:8
  2⤵
  PID:644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4580,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4752 /prefetch:1
  2⤵
  PID:2656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3232,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4844,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2976 /prefetch:1
  2⤵
  PID:5008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=1040,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4848,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3332 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=2960,i,15547204234409031639,15102305397508143297,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:1616

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:1616

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2132

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
5d8d97fe4804400586b24fbf0bb2bb2d

SHA1
d55216c7458141013c4d804713fa85159b3b8e72

SHA256
85c2f5112e4e73fcb7e0e60e801795c999daa269d2a73e3c5eed2a61a6085346

SHA512
9c6c1d4fa7ff926f84808f7810ae6e216daaf0833e5eff47242feb2b1684ea9fef0c5a8e52d6543588c3f9a5af6b015c65c380d2adfe5c53eefba93e13f1ffbe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f158e1fb25770e4680b3fea391f8bcf4

SHA1
b6924a435e398cd4813b4a800713d7789ad458f9

SHA256
81b72e42e64e33c4a5f3bac60eeeca7c6bf0f41278c68816fad307876729a360

SHA512
35ac14c0182355f37c921d81ad984cf3efe31817638311f64a60138686054c84ddc65527d4862b43da41aa991aa9e9de9a4f2f752fe7a44cb0f2210bd847a98b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fefff332f1b0f64671737bf7dc21ea4a

SHA1
e60c52bacd2eafd261ff580b3772a3fd010608e7

SHA256
6a4d972c44873d9e7952f171f6a367b844b437d7d0b9b7f5b9bf1179eab9cc31

SHA512
487dc734e7b7352a8747eb7eefa665fba28e9a8b5c6ca294f6d2a8e2e6f83f51cf4f89f55ea72bccd6fb65e41a2164195205677b6ff17e911e48093bbf977050

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8af29a3080222fa90ae6a6ab6f833561

SHA1
cc8f738b8479fab6b30052c64e8725a8559e5757

SHA256
aa994ab55eec77d80811e2d6096f9c614b6a3b43064461d17cda5eb5706e3533

SHA512
4df18fe0a23de54f4ee39e47e5f68f4bbe9872782b753b3b0c23b504e7f877626de3c6f08519674f72baaf6615810e85b7919342d82c8d9130db478379f9db8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3826dd318af9a9fbe8e20613bcfada5c

SHA1
5c9b03311948adb8fc685dec675784f99c6b8996

SHA256
cc5529746d5b330cb5fc76b9c28754d155821db7ebd73f77157d5b3436496c96

SHA512
9d2a0b8ab6e4d226ff406d66ba9990bc138bccfa1fb64b23b7af84af51ec0c7ca7edc2fd2b4e8a7f7267c7d4248f0adbcbacd9fdde35ad5874fc1b5007489ee9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b2bf923cafc6a8858b215e9618c25dd5

SHA1
4afb71eecff54a89accb12ea83bf80179930a004

SHA256
4d6455f9430ade46b9b97813a0b408eb5871f4a73f7367f58f5c5c1857529628

SHA512
f3f0f07d5205f37883240a0d39d6f5e0c54ffcdd4568ccff0f9b00e894fe3bcce455b2f6ded67409e109443ecb069a22b4b22191f334661e1dddf1d4ff37889b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4633993a11a7376b742789fdf90856aa

SHA1
9d4ede86bd590dd0a5c22a76413629c8d4939cc5

SHA256
f23255bc36d056aecfdad9e396a859ff40c31620ef6ed6b47a7cdfdbd7283b39

SHA512
99e093698e85333cbd68e94ef16e9a18275c391e5b7ed7536349c0bea911bc48b39067839186fa8136cb522961b47b667d0df45c6a8746f6a2e3afdd868dbc33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b430587effa48b32c6774fa3af59f95e

SHA1
4b097d7768d48909aa479cae2a6b889d7fd5c221

SHA256
8d6f7f6188ccdbb48e6cdc07a5dcf542e6d476f36e4c91b11520e8cacbdb36b8

SHA512
bb452b62899a4d18017460c043b4305427a043a0063576eb95148030e8440bcb93223b1532fe8e8b5c9e5ed33c794c0f5ef1385dae5e02357c9bfa905a7dba60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
657dd4807a3a5b7133cafa8ca5023c47

SHA1
a3c8ad7e1bd9414798da3c5281803c53fdedc644

SHA256
823d5f2f1346deac39ea9bc23fa9ef6cf5516f0e8dec207e77261427382acfa4

SHA512
d9ff7785192abb217e07f5aadb0da8a7c4785b41e050d4813250e5210fea9c7066a64cae39c44cefd3c06d89a1a15017bbd7e7c858b6bf6368dc67afe787b4e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
481da0d8d1dc172d6e446198cfd6d201

SHA1
5729701922a4426ea7daa9af23f2458201a3a3f7

SHA256
e7e4fae24b9821888a7f47917ea2c448a4783be1599099664f8842f20d8337a6

SHA512
ad802fd0c33589b74ff1af1ffa7ef9e70d78107bf62dd3cf629111c0f8a18cefbe3bfcd86512f6d19621e53e4b7144e854496976648fc69bd432ab47e4988662

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
77KB

MD5
891738a265eb4b4947d5cc14e1dd7ced

SHA1
a842c8fbe25e6e3c7334d115e0da7fa877e81920

SHA256
8cd59480480b4c89d5618acab38d7b471f22a066a56aa011c8d6d63df01bbeec

SHA512
e9314e3d9fefd418efc429f7914d45d803eac256dbc7d16bf35834b826c92acd2451c0ea9127cda01237c7c3eb1c77518c99049ffdda2d7baa3f4b948f5a9fed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
77KB

MD5
35330e28ac5c479b09c101416e2efb14

SHA1
b3023ba90c792829f2f79a8d26239d2300923942

SHA256
dafe5bfb6081f6ae8a3b5186b482aeda4df879869df644c09f3562ab07156f83

SHA512
bf145224dcb98c1bace809658c2fec095975cb668cbe78bce7d034d9775675f8bb31a60f85184333d5f9112cdafeb7d4f6e5126f802cec39d1d15303b5e6d434

Download Submit