8c294a97704d97525dea5ae710a948c74dfbf98fdff3f37fa539d7f970e33e30

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
26-07-2024 01:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

BRUTOFORCE-SEED-V12.6.8/data32.exe
Size

238KB
MD5

4e6a7ee0e286ab61d36c26bd38996821
SHA1

820674b4c75290f8f667764bfb474ca8c1242732
SHA256

f67daf4bf2ad0e774bbd53f243e66806397036e5fde694f3856b27bc0463c0a3
SHA512

f9d99d960afce980421e654d1d541c1fdb81252615c48eed5c4a5c962cb20123d06dbdf383a37a476aa41e4ffabca30e95a8735739c35f66efbaa1dee8a9ba8a
SSDEEP

3072:6sGTNBBPt3lBtx5ebLDCc0p00JakwEn0ZtAq0nHHdNwooe+6t3ieCx9UWPrcFw+z:ID5t3lBrGdkwFi3HHdN1Zt9CxVgeH

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	data32.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133664300432622603"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2676 wrote to memory of 4980	2676	chrome.exe	95
PID 2676 wrote to memory of 4980	2676	chrome.exe	95
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 2108	2676	chrome.exe	96
PID 2676 wrote to memory of 1080	2676	chrome.exe	97
PID 2676 wrote to memory of 1080	2676	chrome.exe	97
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98
PID 2676 wrote to memory of 3992	2676	chrome.exe	98

C:\Users\Admin\AppData\Local\Temp\BRUTOFORCE-SEED-V12.6.8\data32.exe
"C:\Users\Admin\AppData\Local\Temp\BRUTOFORCE-SEED-V12.6.8\data32.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:3656

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7fff523fcc40,0x7fff523fcc4c,0x7fff523fcc58
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1900,i,2644206947275771829,1463518125272339580,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1896 /prefetch:2
  2⤵
  PID:2108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1912,i,2644206947275771829,1463518125272339580,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,2644206947275771829,1463518125272339580,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2260 /prefetch:8
  2⤵
  PID:3992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,2644206947275771829,1463518125272339580,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:4632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3340,i,2644206947275771829,1463518125272339580,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4612,i,2644206947275771829,1463518125272339580,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4600 /prefetch:1
  2⤵
  PID:2844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4772,i,2644206947275771829,1463518125272339580,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4784 /prefetch:8
  2⤵
  PID:4176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5080,i,2644206947275771829,1463518125272339580,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5088 /prefetch:8
  2⤵
  PID:4908

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:4236

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4684

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
d7095b3698638cae22a29edc6c663b34

SHA1
39c3627002dd2864d890ee1f08d82b5d6ca8943b

SHA256
4672010823669c43e9f3c6a009ad36f060429c572480a1723ddcae06ae0fa507

SHA512
919ec43913350b50eba850e077b8bcace7509ce4adfa14ead1179314bae4a01cd682f061fde495c0a6299707a37ca57de8210fa679aeaa5688b0f757f31238c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
fe199939253326b972d933708ace4434

SHA1
64543356c05b74fdd4941b87deed9bbf3b802f0d

SHA256
ab449ef228fd8909a01eb3d3a676127967659fd4f64a5117797925f14e6ff488

SHA512
d8ea003664ade3ce230ddd1a76d69147ff9af06f342548b8eb9da5c03b56cb442c05c2a50dbab0ea36c93318c8fa06c01eb620325c248b14d4a10878e522ae83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
5d3516010230949d4ce35adea5489860

SHA1
feeef59409f20305d1eeaf1d45ba6682e362e4ea

SHA256
48409cfc45d6aa3b93ff8863e9ebf692d444aaf9eaf7716ff6282a48994cad32

SHA512
ae60760de11e1ff173f314345a6bb670accf39307f1b18939a329f0f684711420cbb5fadb20e106aca7f40eeace6d668404cb03f230999efcb53f85b5e44db28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
29e47664ea48f5a7cc772fc6c672cb48

SHA1
1f1729b0095e4522369b9e830cfd25bd0adc94a0

SHA256
2f30302d4f9882cd99b1c196fabebb1792177958d5be922d8c702cb3e587336a

SHA512
c003ab7253378ce0821ce011e1a0ed5c4cddce6fb82baddc3910051388c9b07062d718f09199f3375a5badc55be6eb0256801bc829ba57f443b9a4b675c293b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
198ca302e2742abc42d4cc996c03b67f

SHA1
38d8451492cdb7620c01bcf5e7e0580f7906c263

SHA256
735f32d0b273b6e7242b4995098797816d97273c9777633f90c0714ca9d1b881

SHA512
e18a97a0c9b702065840b5eb5f5220f6714430abf0ce9566686f709711f522ce313046fc042f2b243fb660b70bf044e3171cf509976b0579736f87d9a71fb100

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
27c7481e1caf828a4b0ce88382e8b40f

SHA1
bfa9cf41bdb954d1cda0f31835555879c3b9b3b2

SHA256
bb0d5cbeb7b97150b07f8fbd64892643ef10134d18233deda2e4710fe9bbc5e9

SHA512
80e8fa2fd4437614d33f3db7c4c2721223eb949db89321ff591fe16dbf7251b16a495603c69e30b3d0fd4bfa3cd84eedb83d205a75ead6fc5a4ca0bfeb0c83d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3ff48bb332d85e5ce37290982a1b3568

SHA1
bf1562a705d779de11959a347f5301e559d5e85c

SHA256
9925a8efa5c460eddbebd55e99fcd49214f1932df4dbdbe948fedf0b92586e09

SHA512
f4dec5e91e130fe02cefc2004c050b811911db9efdc53923da287a3397a8463c08db462050440361a22f6f3cc42d8a1e454d04f943c0561f30c115088bdcacd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
5faf2b6ddbd1d2adc1ecf616c11572e7

SHA1
3d0e5c02f5130fdc9f4151e50ecdfcd6160d20f8

SHA256
76a6fcc2f5c9fd0674ab905a7c5f33ee21b01816c16f27ff93ae062b0de8745f

SHA512
d77682b94218f5202cba306789bc21f60777dc5c5b311c2850d2cf8dd7e27a9d4696cf7f29c4b823bf699fdf5a70868c21b0d411dd844192b1901dd741b555dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
188KB

MD5
092239ace0043a6832dc823de1d46125

SHA1
440ab649a5118774573dc4937aab5b19bf60b26b

SHA256
6c1f9266e84f611acb3fe4eef26e904372a587e7e7fa2f4070d21ce0ac6ea90b

SHA512
6d9a8ffbb7d0660891b65f808ffd8787006f14a92cff4d6362d28942ab8624ba31745bda7e667cb97d96a3ec8e393525dafb3b6caac5dec088d5972141292e46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
188KB

MD5
671209019d5beff54e08aa3c56317a64

SHA1
a4109f3a5dc690064c9c223d3901e95b6d4c7f8c

SHA256
51de34fc77e162ee2e500489166786b318b1a82c71c997b71eb59f1ad2e76d08

SHA512
46caf9c444e47230f42666641a345525ecfba4473c1766a0e788dfea26244452b9051f50ce269d9d13ca05cf21d5ab2ae032ee84d951b1ff824cbcb7cde5355b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
188KB

MD5
a494c0b964acfc352d7912301185eaef

SHA1
4209315cc811723061b20bb1e0d106dab89b23d0

SHA256
983dd4c717843eac4592d1db65b3625d04b36d21afeb064ad5c8bd41ced95de4

SHA512
cc7ec34c5d4364506a6dc2e074a633d52dff0d871fbbc20f87eddee30c2ee1bd7cecdbd67586e9ebf89277948a3239c0aa3d75835a6215e581d6d94224944fcc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f4962817e5d53aabb7d39d2f07dac9f7

SHA1
4caf37546001f601484da7943ad9cc7ce1002dc3

SHA256
61698bb02af26b2b09f68074f47337439efa4656e2af15830769738b17ce94ef

SHA512
d1a8dfbbe7a098bebbb42e190a2f411e8da9c3c2f2d84c04f1d098b536a1ff3c7b20998b538f2c04bf193563134b3ff73456eea520d382b39ee01ce4e61a26bb

Download Submit