hxxps://osha[.]oregon[.]gov/OSHAPubs/factsheets/fs87sp[.]pdf/1/01010190753902ea-a69d0b70-4563-4f2d-9cf1-8907a0ef2bcb-000000/717-hsZp0zuVMlBoDn5BewX8-x5MDx-w8yKB1cjFbrI=360

Analysis

max time kernel
149s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
09/07/2024, 04:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://osha.oregon.gov/OSHAPubs/factsheets/fs87sp.pdf/1/01010190753902ea-a69d0b70-4563-4f2d-9cf1-8907a0ef2bcb-000000/717-hsZp0zuVMlBoDn5BewX8-x5MDx-w8yKB1cjFbrI=360

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133649737619738353"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4636	chrome.exe
4636	chrome.exe
2296	chrome.exe
2296	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4636	chrome.exe
4636	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4636 wrote to memory of 4852	4636	chrome.exe	84
PID 4636 wrote to memory of 4852	4636	chrome.exe	84
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 1976	4636	chrome.exe	86
PID 4636 wrote to memory of 3956	4636	chrome.exe	87
PID 4636 wrote to memory of 3956	4636	chrome.exe	87
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88
PID 4636 wrote to memory of 512	4636	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://osha.oregon.gov/OSHAPubs/factsheets/fs87sp.pdf/1/01010190753902ea-a69d0b70-4563-4f2d-9cf1-8907a0ef2bcb-000000/717-hsZp0zuVMlBoDn5BewX8-x5MDx-w8yKB1cjFbrI=360
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe7770ab58,0x7ffe7770ab68,0x7ffe7770ab78
  2⤵
  PID:4852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1904,i,6133353050480773241,113886333170145376,131072 /prefetch:2
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1904,i,6133353050480773241,113886333170145376,131072 /prefetch:8
  2⤵
  PID:3956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2200 --field-trial-handle=1904,i,6133353050480773241,113886333170145376,131072 /prefetch:8
  2⤵
  PID:512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2996 --field-trial-handle=1904,i,6133353050480773241,113886333170145376,131072 /prefetch:1
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3004 --field-trial-handle=1904,i,6133353050480773241,113886333170145376,131072 /prefetch:1
  2⤵
  PID:4404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4732 --field-trial-handle=1904,i,6133353050480773241,113886333170145376,131072 /prefetch:8
  2⤵
  PID:2496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4532 --field-trial-handle=1904,i,6133353050480773241,113886333170145376,131072 /prefetch:8
  2⤵
  PID:4084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2408 --field-trial-handle=1904,i,6133353050480773241,113886333170145376,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2296

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:5080

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
720B

MD5
a7a3935eb40fda3ef6b9a84e3c62e003

SHA1
ac03f257caccf91ff9d1e2c4d4576108e864dc85

SHA256
2546fd0e6da3d3c413905971c2bef1775099faee90fe789249889563b7f387b6

SHA512
04d3d48d6a1cf61eeea4197fc78f14e6461a2f1754ea52ab0644c5d3189fa21819335ce422ca3eada00dada82823ab3251527e0ebbf5563a4a2e280b21e25d8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
d411a045ea4009c87ebbd9818fd6abaf

SHA1
1ee9a0edb1fb884d81cde89affc2826bb01d344a

SHA256
476d3e63b7e01fc95118f4383ce6fb83a93178b52b782b6e41a9268dc4f89dc1

SHA512
d9c8408a10d57b2957636b71114078411a0eaa397364594d3efaddbd71bbc1b4b55f6d5550c8e094215aa459bc1ec011b2ab379c8757edccfe6dc688e090f571

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
24dc1c35ca81641db8df425de6e266ee

SHA1
29c6c98d8764159077ed70edbea785852425aa80

SHA256
738f566edc365f88a88c40a045cc253fb5c0fcba385665bc5dbb43117f452ff7

SHA512
67da4d3762761fd1f53994a544fd0bbcaed180ec3ad7a98343d66f8faeb996a8d090b568aeb7be9330d6716d967979c925d4fb09712fa3944043311e5245da81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
079ad454bed42e5088011eae9a82c853

SHA1
18f3f1fc7b3a31f274f5297c685e9a2e026d0916

SHA256
06bd3e353c4615f78d5d40d5971151831b28c1bce9a89c54d41a4acbabb4ab4d

SHA512
e1d9e46f7a54eb0da0c9863340e2e4ab11a2ba02d02ddfe8272a355bd51e453bc82c5010ab9ae1d3a9aba46a4a86b2485c4fda9a35d638dc0444974c8f0d3c66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
25fed0fcf5edf1633d72b0bc027d0d22

SHA1
4f836ce35a08be55e359adc52a532e008868048a

SHA256
a508efe5e363eed753622c2a170ef6dd432ae2e97c9eb19067a96f8630d05239

SHA512
4a786e9e385c1cd84d5d693f26349a21b1abb284991b27c3cfba1ae3496c720ca55637bf3d7f05df0d2bd1594d45ab6a90672b2f506ac126b28317daee51575b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
35911f9ed6db7ec98d15977a96e89493

SHA1
a3d505dccf0ae504dde5556c28103b8084cc7ffc

SHA256
0c618348357df6a20bb732b05f76028accce207475ec16891894724d6366217a

SHA512
2cf7d2e09cebcbef9f0890f127efd6bc0ecb234e7b6d1283b99ee367ca2c33d9d4ff9d5acababd32d133125ddfb2df4708bfbc712fb77ba361beed74e4fa294c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
8d1c59eb8f6b184b0c5e02dc5429230a

SHA1
0dcbc209ec19f725f41b7a16479ee7f83555813f

SHA256
c8c59d425af15e61883611843abc4daf43385b719075d59768efdf92e6248ee8

SHA512
a022bb304d800779afca827d6649475aa8246693d8ce0a97bc24ec815351e279270da96ae0eb8fab45792be6c861abd044e8206696f560e5df58701c0e180d1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e69a2f34-c23d-4c51-9f44-5e64565de1ac.tmp

Filesize
7KB

MD5
d202c410ca703d615648a5523a4f3b4c

SHA1
f03beabd2dee8ed3105ac306c71b9761275ecfb6

SHA256
ffca7f3ea7a53d95050f99a549b27ac2a1d017bb95ed48a0b2b64e9808d59172

SHA512
32a87528e2f12d8022cc6e1173e782495913a08836af31d25587d521d785b0ab1a0bca8639438caf095b9daaf94fdffea4d1831385a5dc17f98dd9e4b44376a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
16b5c99fb2fa1de425a6353619fbc4bd

SHA1
4ecdfa4bce2a4a4a6d41dcc00a6f4af843b46e9f

SHA256
139cf191a7562cecaed2054d47e5d0e208ccb6ef980f56eba4595f2711ceb793

SHA512
5ad5a7f056d00369484f1bcc42f5f4140ffa31ea0588deb76ff64a8ac7715e3ffc1693be1d184424b41073bd4e453a79fdde2d5808b72f2e95510372e3846bf1

Download Submit