hxxps://sites1[.]b2vmockups[.]com/pdeb/Untitled/?id=6ftqc8&p=page_1&c=1

Analysis

max time kernel
149s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
09/07/2024, 20:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://sites1.b2vmockups.com/pdeb/Untitled/?id=6ftqc8&p=page_1&c=1

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3352	chrome.exe
3352	chrome.exe
3020	chrome.exe
3020	chrome.exe
3020	chrome.exe
3020	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3352	chrome.exe
3352	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3352 wrote to memory of 1908	3352	chrome.exe	83
PID 3352 wrote to memory of 1908	3352	chrome.exe	83
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 4472	3352	chrome.exe	84
PID 3352 wrote to memory of 3460	3352	chrome.exe	85
PID 3352 wrote to memory of 3460	3352	chrome.exe	85
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86
PID 3352 wrote to memory of 3408	3352	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://sites1.b2vmockups.com/pdeb/Untitled/?id=6ftqc8&p=page_1&c=1
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff4072cc40,0x7fff4072cc4c,0x7fff4072cc58
  2⤵
  PID:1908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1836,i,4568358425574892814,3597708102272879083,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1832 /prefetch:2
  2⤵
  PID:4472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2108,i,4568358425574892814,3597708102272879083,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  PID:3460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2220,i,4568358425574892814,3597708102272879083,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2316 /prefetch:8
  2⤵
  PID:3408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,4568358425574892814,3597708102272879083,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:4712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,4568358425574892814,3597708102272879083,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:3004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4584,i,4568358425574892814,3597708102272879083,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4596 /prefetch:8
  2⤵
  PID:544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4908,i,4568358425574892814,3597708102272879083,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4936 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:3020

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:1164

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1500

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1008B

MD5
ab139baa48a69f34b3f22a2599c5481f

SHA1
756231537b1b9f0c2a72e60af321bcea78c7ec4c

SHA256
920b49cda60f64054d9bfaf6793b507518daccdc6a25cf3c186f0ca8b4366ebd

SHA512
188c9c593e8b4dfad3f5b1fbaff6f1bd35052c7bc99586698fd50e5c9d236ebee86827a13580cb9e393891c9e790ea0d6aace2460ae8c302451d15fa6ff66966

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
f1e6b8477ce34beec8b325eb3654638f

SHA1
9380f2381719bc581cd5da34fca9a16c2f5d17b8

SHA256
8a0a12501fa04f55df366bab6e3e9b0108b3d517d720aa74b68fb055d39ce0d1

SHA512
e58969a46a0fcdb4b517393e3afd9df238061e07176da7ca8aa6782c935d8a80ac2edb1cf53cb3d1da5bda4aed08a914de719219508b8be2a0fe3543a063b0ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
7d9c2460165fa71700fa7acfa8b68e67

SHA1
bf0667bac0f230e338a1e3243fbcd57dfecaac68

SHA256
342a6597b0fe5b5bedfa1d3674ea39d0c754be8d2ab9de40a675871caa1a5fe3

SHA512
80684b3a7475434305ad390bf560a5b3ac3e412ce246ba8055828ea278c808239e02b45a98f724dc56efa6f7071ab2191d987b29216fa3fd8293a07f36ca7818

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
522B

MD5
315d89545a811524d9a2cb55523b3eba

SHA1
54acbe5801a20dc496da0dca00d5ca7939aa2d09

SHA256
b8195d574d3c355d8ac7fe7bed547307f865a4f4c617183865a2e10ece0218c7

SHA512
d86b81cd819cc30c353972d3435185efd2063e1ba7ac0f3cc3fc76e676ef1b631abbdd45f87d0ead7b93d9f5782830338f31ba6802002927b0cf97ed74ab0fde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
80b70024ca477e45d52dfe9149a2892e

SHA1
c2f0da31194493c20877a3a64c62653cda96a4a3

SHA256
abe72ef080320056567684c07cde530d68f34c93796987e85afbf7fe5cbedcfa

SHA512
644f4f7c18ab0b1e5d805e3ab9355ee607e7b86818af9ca0503d10985634fc0d0b81e514a498b96fd46524d3eb767cee1a1cc467e71f30653df5cef9cc1b29cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
7486e4914aa08128c6c680a1ce8e5b1b

SHA1
35a59c366fa99c4c9dedc39fdc371cba68f41d73

SHA256
a0411aedc92204ddcd1da6ff87a6cb4f914653ec6f901140413c164f50b391b1

SHA512
961e9e56426c5b355ae77e99a5cbb7bd83942c1f1cb4fae1b705241612ade1559b066f9dd613d42494a7feea5513832ab503669052012e2a708768e7b751dc94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
2c3534789f7eb84d07108896e1c6e333

SHA1
607ecaf5c3ab77e5355fb4707c478e98e04ca17c

SHA256
e8174c47ae39686a009cc1e2253ee39b592228927e1ae41c267a3d4783ac8d6e

SHA512
f82f7b97bebecc121726f12a5a5e2bc1c5846eeabcf6ee5d79ad3705b3e597eedf01ed7270627369ceaff7da9a235c867157d3f2c31f99f97ce4d1e9c5415f3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
fac51a5860d8f80e75a4ccecff17606f

SHA1
c95f1be71cdfb07e2c74f3c1323fd5939a734254

SHA256
11d3cfac89bd3ce9aee9ef657fdbc02d0a165c9c409342ba167d37d8c26046ec

SHA512
3bc2e1389fb56db5f5fbf5ee353a031a877edf27503076351fcd60f0309680767f923a84b0cf34324a8cc77e8fd2b9cc245627deaa764d83e9cd603f674e0b82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
902d580761ec2ee7577b6bd6ffc97124

SHA1
2dc6f85646f52ebc118192f77b1d366c72f4fbf4

SHA256
5bd823200e7a8ec19b1aae57bf49290f8a47b74936c39e2da95fc1edd4493d99

SHA512
5943f7a39043456d8f3202983fac0f972a1a0e14b33c1e2a31d2f67a7969c5c49284a64a8073a249b5b2fea9dc5c4a3f5a83b819bc6ef90ce021ec4d995be853

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
2e1a13ae87b8803826143391de67e108

SHA1
5c16737d371cdcccd2c3f20ba73b8485b08a18c6

SHA256
a94db3bf5a3e81a5887d0ebdc13006c34a734047adb2b8c35b0980067fd71957

SHA512
a790bb2aae750c17b273e8703ac1c1684a6a9ea69bc850b785ce397b874a829b1405a9ffb1dfec5817e4c5563aee97f0e1ed0ac6373b6d5ea77549b20f735a8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
076d9579ada9ca3777ccf76e477ac6da

SHA1
290d6cc5c60c2bd03c550d07b27e40bf397c30b8

SHA256
1168a1ff94cee1aa5ce43369c29b89ec4182b5ad8e410113129e23bc8a338675

SHA512
04777cbe1919fd87f18860ddbaa0f52dcab51f86b15418b3ad838ddd3116c4f82e8f0a81284a780111a398e4b407ff7c176f505ab527b82aaf26c9a87246efc0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
09836bedb6377df9ea3f2c7f0b7905b4

SHA1
814fd9329e086beb8a33dd7ad573c59d7db6b0ca

SHA256
b5ac7044b8dc5a4dee177ecfd4d4dc7f8d8a9595f1fd3cef35843df17e5d5cc2

SHA512
200a333fd025b35c0aa79c206edb5211307954493ec585797e8a9582e0d9dcd2ac4ecd9ec47b4bb0fb8fb121e452851a3ec8ed768fdaef97c4b76ddf7a86a1e9

Download Submit