a0c992369f8bf35c5856d1fd4930ac72c682bb74d8f6764466e4630b1a6a9347

Analysis

max time kernel
75s
max time network
124s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
19-07-2024 07:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Transformice.exe
Size

139KB
MD5

055a34bd625727d3e1f9fc15e2ff6c3b
SHA1

d9f23f91240c6ebdb6cb88f25b43ac68da40d6be
SHA256

a0c992369f8bf35c5856d1fd4930ac72c682bb74d8f6764466e4630b1a6a9347
SHA512

28afec89c505bc01592774e1a2eb14b4d104a13c2e351cd3c468cec7314be0af86561b8e1684765ef254f776416dd69009b9cdd1a577ce63e2ee5af4d44904ac
SSDEEP

768:YVylW7GYDbayYpcP+zrXYPhyUNH+JQADs/D161C/k95ie3K1+XsJeT9jCjsHOXjQ:OvBeYPEuHG4aZ5r68sJeRzuTKB

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2396	chrome.exe
2396	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe
Token: SeShutdownPrivilege	2396	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
1996	Transformice.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2396 wrote to memory of 1884	2396	chrome.exe	32
PID 2396 wrote to memory of 1884	2396	chrome.exe	32
PID 2396 wrote to memory of 1884	2396	chrome.exe	32
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 1800	2396	chrome.exe	34
PID 2396 wrote to memory of 2744	2396	chrome.exe	35
PID 2396 wrote to memory of 2744	2396	chrome.exe	35
PID 2396 wrote to memory of 2744	2396	chrome.exe	35
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36
PID 2396 wrote to memory of 2760	2396	chrome.exe	36

C:\Users\Admin\AppData\Local\Temp\Transformice.exe
"C:\Users\Admin\AppData\Local\Temp\Transformice.exe"
1⤵
- Suspicious use of FindShellTrayWindow
PID:1996

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6b49758,0x7fef6b49768,0x7fef6b49778
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1332,i,2169520551604534790,3925003287346852287,131072 /prefetch:2
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1536 --field-trial-handle=1332,i,2169520551604534790,3925003287346852287,131072 /prefetch:8
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1332,i,2169520551604534790,3925003287346852287,131072 /prefetch:8
  2⤵
  PID:2760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2296 --field-trial-handle=1332,i,2169520551604534790,3925003287346852287,131072 /prefetch:1
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2324 --field-trial-handle=1332,i,2169520551604534790,3925003287346852287,131072 /prefetch:1
  2⤵
  PID:2440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2620 --field-trial-handle=1332,i,2169520551604534790,3925003287346852287,131072 /prefetch:2
  2⤵
  PID:2832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1416 --field-trial-handle=1332,i,2169520551604534790,3925003287346852287,131072 /prefetch:1
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3672 --field-trial-handle=1332,i,2169520551604534790,3925003287346852287,131072 /prefetch:8
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3696 --field-trial-handle=1332,i,2169520551604534790,3925003287346852287,131072 /prefetch:1
  2⤵
  PID:2616

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\46366968-5e85-4093-86c9-16a139dd33a2.tmp

Filesize
308KB

MD5
bdb65aa90259124fe65993a20a95fbb0

SHA1
b2f09ead53c931715a22369acce82ffb85318b4f

SHA256
e44e2b9c9903bf6cbed00b10d84e15b888050391eaae0f62f2f4f19789db169c

SHA512
51cd0107b044115af20a7257e6889c71f03c87ee9ed844fbae7148c7ffe049fd675907dfe4153876b46cf11884a5f9cbc8dac07cf022ec29b63f6f1e14a7591b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
6a5872d4e0f4e4cdabc0a65686091809

SHA1
93f4d764edb159feff84ac609e6afc66fd48b75d

SHA256
c223142b843e088a84bcb5c9974301fc69c1b8196165ad965755400f48b25a18

SHA512
6e388ca9a859fa0fb382f4facc3633ef75bbdfeefd0ccd56a2d1d3b78f576211d15535918062ad00902036c68a2ca2a933f7114198572f661f70e46db84d9675

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
9cd637f11f5c2b7099f59369b091d298

SHA1
80145011632afbde529ae1d7cea18d08c22c6853

SHA256
5a38b7f683fe647d07ff8298a21ff477c58b2326c8f267e2016950195c67c929

SHA512
fb51468f123e76b6b87a64a6e91bc556086b8da3bd9066736da64b0956c258f3f3e83e4cd22a0f74e4ee93af203bb1a51bd329e1160be8ca86bee6952ecbd183

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
a03e646009175ac62ce4bf181daab7e9

SHA1
89b6f9ca1211286bee8cca20740c348a2d06ade3

SHA256
d39628b1af33b9da812bcee928e25e9dcaf3a20323420171a738a9f7df85c64b

SHA512
bba030e332e77e066a26cbbeeca9ddc273220b331f4820db68755e11ee449c8dd9fc9f2a5d809c3fa09a84f634b2eb5bf8533e6c09e0b010735fae0969718b5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
238287da7299984cd24918480bbb4e06

SHA1
c9d53dcf69a7d733dad52c1a258a458b693457e2

SHA256
4d2fd6e279f5fb456e94a0b2efa65222533aaa9eba9e0aa36d1ec36f1b3d1f79

SHA512
26b45b3a62b32836824bec3385c8ee1efb5f181efd1e0dbe920def6e9be6609124220c27046338e21c418a27772392bca40c65f3cacec1cf6549b7c30f6957cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b709589324e6f3c2910bd84238ae638c

SHA1
b32c5aedb22d7aa8a644755686e59755867f5529

SHA256
625b402ff44a62a10ba68f896438ff9994fdd2afa87a4c54a0822f6458f285f3

SHA512
e44a0a1e507429dedf341a56f07a4f85f62282c778b77119bd1e0214fc701ffc3bff573e763ee6818f261c04d6b06c080cba0829c99fcab7b8eef451023e878e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d1edf38b3afa864f441b210f52237a04

SHA1
4341fcfe3019b771077aad543473946abf86f3e4

SHA256
dea5c871c6d65bdfdcc79161f2b554e704e75bc07008c84056a4893ab48ac8f8

SHA512
ef85becadaf3159799088afca332ae59d86329dda40ec4c6fbaabc52fb545ea98f0ff8e326496f09627d84c8a4a51ba80036fe844b7b956b8f46c10bae5acae5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
1472ea07fe0beb8f7c35015a51f8cd00

SHA1
4ef2b4174cc158c822c00f7eb85118854d85dca6

SHA256
d72b8cd62f34beb716e6ac55aa67fdfc25c26ad26c69101beaa437763cdba192

SHA512
5497b33a672f04604cd4fec5f0bf872f721bdebfd1214991f7f5ad4ec15221c4ff118cf51b18bbbff6336b752333c3e23f2350df8da11b7e79e99079b91ab184

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
308KB

MD5
48f88efb0af1d5845162d4e3d378d092

SHA1
30f4453618e87c2b62e36c2b3c8f9139c581a0a5

SHA256
1d31bfbbc74dba224feffe892be67a54d012ac3229b4c297619c0cff755f22e4

SHA512
afdcbbb522709188d573102f6e4b79320d0e2803633edae720bcf2cead1090b82a066ab8b7456f51bac9cbc51bf92dc7722ae5985924712f99139196f3c4be5c

Download Submit