hxxps://cdn[.]discordapp[.]com/attachments/1009876524553486400/1253315164015427688/Squadx[.]rar?ex=667b56f4&is=667a0574&hm=2e6adcb5c8857f8f3407f2b8027f103fa07ac22b377fb3d579b969e711965bc6&

Analysis

max time kernel
52s
max time network
60s
platform
windows11-21h2_x64
resource
win11-20240611-en
resource tags

arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
submitted
25-06-2024 09:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cdn.discordapp.com/attachments/1009876524553486400/1253315164015427688/Squadx.rar?ex=667b56f4&is=667a0574&hm=2e6adcb5c8857f8f3407f2b8027f103fa07ac22b377fb3d579b969e711965bc6&

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133637806208602295"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
564	chrome.exe
564	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe
Token: SeShutdownPrivilege	564	chrome.exe
Token: SeCreatePagefilePrivilege	564	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe
564	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 564 wrote to memory of 3176	564	chrome.exe	77
PID 564 wrote to memory of 3176	564	chrome.exe	77
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 4696	564	chrome.exe	78
PID 564 wrote to memory of 236	564	chrome.exe	79
PID 564 wrote to memory of 236	564	chrome.exe	79
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80
PID 564 wrote to memory of 3504	564	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cdn.discordapp.com/attachments/1009876524553486400/1253315164015427688/Squadx.rar?ex=667b56f4&is=667a0574&hm=2e6adcb5c8857f8f3407f2b8027f103fa07ac22b377fb3d579b969e711965bc6&
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffde934ab58,0x7ffde934ab68,0x7ffde934ab78
  2⤵
  PID:3176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1584 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:2
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:8
  2⤵
  PID:236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2156 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:8
  2⤵
  PID:3504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3016 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:1
  2⤵
  PID:764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2088 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:1
  2⤵
  PID:992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4496 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:8
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4760 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:8
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5104 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:1
  2⤵
  PID:3244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3368 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:1
  2⤵
  PID:3076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4496 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4288 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:1
  2⤵
  PID:3240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4228 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:1
  2⤵
  PID:4884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6064 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:1
  2⤵
  PID:3580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4120 --field-trial-handle=1828,i,1516797307953864154,4406099626170005282,131072 /prefetch:1
  2⤵
  PID:2736

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1464

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
1fdda80935a9f6e128f7b4ee9105831b

SHA1
05f39b7dba5ef1acc5b203b509388baa5f725ec2

SHA256
03b8096c7a8723bbf4100df2a88134c649578e3211742a1d43080e319976826e

SHA512
0477614e65aaea412527c5811dc32f13613d4f975a0a9b937c34dfec7a1db67702ed08ba1b22a0f9e97ea595eba0a5a846da12e3fd5b1900fc96f2cc9af96162

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
cfceacca012a010f6b7b3e48825c24cf

SHA1
0c85510b50e85f3fc3d2b0763073d4d3134bb198

SHA256
060f5e8d1443b31e7df58240c6f842ab1620a75e43d16e2b5789dbb5f14b468a

SHA512
a8caa0dcf9f23448610274a3ee2c917f32455d57c03a362702e27621cf5a30909848411ed373243effc21e975e8e8d75cb75c411e9976b9914c2c10c34a507b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d6e8b0a054896839bc7a9954d0ffc691

SHA1
58cbb8b5b5d28914deaf37f8aaa0e85334b6df5a

SHA256
67cf7bdd2d3bed7d19af5e48ef8b2d77c1529e10e99e2da9f7bb02b83f1eb63a

SHA512
336921e1284d511ce50fe5b8834a599062536c4585d53795cb779d89da19ab7529f39c8dad3ae5e356bd535be00b1ee5c8bbf3a16fec5642f953a9e4b029468f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c7d43ca93d7169cb0af103b24d54938e

SHA1
8f6aec71767ce7c89e0f26dff4ab59e1b59f97e4

SHA256
d7e3c717ee371e2cc70cae3aacaaa3636dd09941be2bc478e3b2a86b26f201cb

SHA512
950ce8471a561fbefc448c5a3878d2153fcd4ef86ea1986afa40bc740f6f5b3f795136ee614f230595221313b57c2ebf89716af59ec388d1689a52f731ac243d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
1ae3974db433b9bea01dba8d6a5a76a7

SHA1
feaf129b9b3b90a094a61f9665aa32747ad519ff

SHA256
185cd8efb5c68f29f0792e9d8d401218a468277c996fbea35bc6b566778b649e

SHA512
1bbd33f1514413a85d3dc1e76489274dc5b68ee0f6c421a4f81497611580b3aaa8ca401745729a0c736f802b8168ffbda99ceba6334b3af2d2a93cd8b44f66fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
44c7d2a8899cd9d679e74f60e5c162dc

SHA1
51b0e35aaa919a87b912892771b5ccfe56f92d1b

SHA256
5ab9c7becc867286d0dbf1b8541871ef7cdde2e51d7c8834e3890dc9e7c589e9

SHA512
c2853220a84b7b673ce80df40dc00803711ced4b2a193875fd314a98fabd9aff5d4c08b443c8e0a48ea1c148769baae11ec7c278f743996fc05bd4231400d401

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
13f5a8b7244b28a127d65c39d8bc2895

SHA1
ece0717d1502a37e3b32d7d6e44e6be55214829a

SHA256
4b5c6425bd08dc222f16ce566be2a93b6dd3059de7941266cbe7205b7ed3a510

SHA512
f128d16fc9090f43e6786a6ce9e889121addc04d442fc73a887a45096608980d48909ac3488572f4106096e2079ace429e9799295f3b3dc75d1419b39522c940

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
499f7a9fd400374a37f102aed9dddd9a

SHA1
312514c23f82d2a9e2141667f985b6499469d187

SHA256
af35230e5019b7e762d75c0fca17e537e8b62ecb376f0735cd59380e46bd5d43

SHA512
b963fc0bb86492b67b1cb5d389810c76c25ba3c2040a413fcd5e92acc988665e2b8ed297a4433f7c7537576f0ba8495b67254671c4fede3cb3e8ec25c82e78ae

Download Submit