540caab575ba3985205fc8df1d03742f091840e228a46ad5caad1feb6c26d739

Analysis

max time kernel
1481s
max time network
1497s
platform
windows11-21h2_x64
resource
win11-20240611-en
resource tags

arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
submitted
29/06/2024, 22:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

pixil-frame-0 (2).png
Size

5KB
MD5

cec0707d5c1ab1beb6b2e22f210d3460
SHA1

b1d909aa2d094a6cb75ce923634a6d1a6c189d35
SHA256

540caab575ba3985205fc8df1d03742f091840e228a46ad5caad1feb6c26d739
SHA512

2ca64b640dae93ef1f799f008355cdc3362fba77c4564f84431c150c5a4fcddd96ef2c93e89d92858129c3670a4426cf6573cf89cc7fe8d1aa55bbf2be59efd9
SSDEEP

96:j5KmSlLOAuZsTGJGQxPTf3yF1UxdtcI9qxssdQ8690dnRu1:ImSNOAOsTkGQBfyF1aRqx8ARw

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133641738653327524"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1668	chrome.exe
1668	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe
Token: SeShutdownPrivilege	1668	chrome.exe
Token: SeCreatePagefilePrivilege	1668	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe
1668	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1668 wrote to memory of 2716	1668	chrome.exe	85
PID 1668 wrote to memory of 2716	1668	chrome.exe	85
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 3192	1668	chrome.exe	86
PID 1668 wrote to memory of 716	1668	chrome.exe	87
PID 1668 wrote to memory of 716	1668	chrome.exe	87
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88
PID 1668 wrote to memory of 1956	1668	chrome.exe	88

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\pixil-frame-0 (2).png"
1⤵
PID:1816

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaa9a0ab58,0x7ffaa9a0ab68,0x7ffaa9a0ab78
  2⤵
  PID:2716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:2
  2⤵
  PID:3192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:8
  2⤵
  PID:716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:8
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:1
  2⤵
  PID:2676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:1
  2⤵
  PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3516 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:1
  2⤵
  PID:4584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4460 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:8
  2⤵
  PID:2912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4596 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:8
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4468 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:8
  2⤵
  PID:2600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4776 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:8
  2⤵
  PID:1096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4928 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:8
  2⤵
  PID:3904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2560 --field-trial-handle=1808,i,5603740682098597141,8467085417731455564,131072 /prefetch:1
  2⤵
  PID:2512

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2524

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
0b63fe184a7f884313752530248f390c

SHA1
e21cca8efabcb3e576a80c2ac7edd50770ed934e

SHA256
1aa35c53cd2b1c4083744b4f5976d53cf3cc1ffa4257d4212c273f92df971efb

SHA512
07ba36bca54677de3b20dbe95a19f8fc93fe1a0fc3bffc52568307db288b2a096a1ba4ee41cfa0c866aafc69c111b39daac37827a157a8c6cc06793455d1ee97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
4750ec66f4399565eae9a9fd169ea14c

SHA1
d96661df81805efe32c0b8c8909674a8de736bf2

SHA256
aabeb4111b4065507ba31ee084138de52d27f4f4df9e011a15d0cc3b291ff264

SHA512
a2ba991327f630adb7fb1da35985a41a0705a8298e6eed2fa350847c85a8645d3e0290bb05b13798a86d3a58c2819d461c6286747dd5b0ecdc69fdb59f28a4f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
fe125746a18a7d762bb6dd1db9a9931f

SHA1
a96de21dc6b99977ad78a924cd2ba6370e8cb935

SHA256
f6e79a9f03616da5ac01be92e804790f26c5bee7424b114424b85ed3c9261851

SHA512
51dba2699a2ac42d748c6c6b0069743b11d658349eef89eeeed3205781308c73fc152e5a13099e663ee9ff32ae0b974a800b527c106d45eab1ac41ec5e0444c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
5013f60821943c1cedaa588f789b22f1

SHA1
63d7f36891969e838abe6326d07764567eed66e8

SHA256
2a435ff924ff7d74df1ab46413406e5baa4bc09275dca4d99acda582800a943d

SHA512
5bf295f5b057407e25a0aff02c76beec156633750e4a85ad5b7970dcb458c7221dfd0da7b52f37472fd8c6e562af5dff372f26b11b2e415e836dce3905513814

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
dfbd1cef98661483f21b92f0502d2a6f

SHA1
473bc20f60191593eeef1a370339fcf28228e7df

SHA256
ebe183af970f3b603eafa18733f73cabef50e5b832d26a69dcada403c0f82185

SHA512
96c5f7473ead3a470cc61977755013cdae7420a78edd30c6dc6ebd6dc817cda121195c73b32224bba8e8078d4fe2abacb42a088492583be2dac8d5a19015d4b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
9539e2c5af0542df6b4fb9a1687270c3

SHA1
4f8f07e13202084f11c174adfae1acede22c5ac8

SHA256
3cea1cad27b73e9978f72878b0c58e89b092d9f06f573a22385fce8f87dc1bc2

SHA512
4253939def200befebd1b28deda7da76c8cc4b662d5c9f10d89933ac29012db71d544b1374fa9d592c148a15b0a84e6131090a3a1f60af2af46cf6d4c9c56c21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
281KB

MD5
2868624f43664e50e0442b6bb36c3f06

SHA1
4b1aeb147b210093859de9e2b1735c74e42f178b

SHA256
75525cc4034bd7f269adc668015a22bd6e02e5705bc548aa8dfc309058679209

SHA512
a2b4fc241f8ebb2b73eda2e7730a4caa9c97b9558929f81ef4aa2465138a63be8eb2a179198983b7f7a91d515709e1bb3b9ef0d46d9f7adeada31b8026bb839e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
281KB

MD5
6813e27e6d50a46504a6d6beb4e36241

SHA1
7e54b2490e2139995ce0cae385e6480f21ad823c

SHA256
15951304372c0023cf9565a7bad64132ceae2a11cbbed9c0ebc5ed3f71053ab7

SHA512
50d1ec7f01f6440a181e29678f9395c2fbec3442edde6b9b8ab20367022bb00c642cef9708ca82160bacc3701b84a7d76f570729c9978a8bbd294cff14bb3355

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
051536af092d829bc0982180851486d6

SHA1
23d3e354fc4535c36e257255fbfa16f683d58290

SHA256
23c4afa9a167c32c206ff3174106fe28d3a0594b2ef21fa6d9f143ed6b07913a

SHA512
4ff33a0acf598d86fbee82545e7bd31c4f1f18c94045aca3ded552c180f4a9cc0ac048ec77e8f7fbde5830ee6242cf3d71e1d56aab19b42a8027e4f2c4c9a2b3

Download Submit