hxxps://support[.]qr-code-generator[.]com/hc/en-us

Analysis

max time kernel
120s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
05/08/2024, 08:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://support.qr-code-generator.com/hc/en-us

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133673190532128753"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
5076	chrome.exe
5076	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5076 wrote to memory of 4860	5076	chrome.exe	83
PID 5076 wrote to memory of 4860	5076	chrome.exe	83
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 552	5076	chrome.exe	84
PID 5076 wrote to memory of 1520	5076	chrome.exe	85
PID 5076 wrote to memory of 1520	5076	chrome.exe	85
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86
PID 5076 wrote to memory of 3372	5076	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://support.qr-code-generator.com/hc/en-us
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd49ffcc40,0x7ffd49ffcc4c,0x7ffd49ffcc58
  2⤵
  PID:4860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1928,i,4844498702224400587,1731053714730616790,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1924 /prefetch:2
  2⤵
  PID:552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=300,i,4844498702224400587,1731053714730616790,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2000 /prefetch:3
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2224,i,4844498702224400587,1731053714730616790,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2228 /prefetch:8
  2⤵
  PID:3372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,4844498702224400587,1731053714730616790,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3132 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,4844498702224400587,1731053714730616790,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4440,i,4844498702224400587,1731053714730616790,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4476 /prefetch:1
  2⤵
  PID:3648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4876,i,4844498702224400587,1731053714730616790,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4908 /prefetch:8
  2⤵
  PID:2912

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2712

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:924

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
73690784763fd2dbe6824b39b11b5a2f

SHA1
7aa0ba614a60f4e8c6146f9cbbb8c34efa95fa5e

SHA256
091310740a49343b558db86df66995bdb2aa8b2395fc15c94e972a3f67f3dc19

SHA512
81cea1b64e673a108fbca683075ef0d99399c594620b03f614007deb9ceacc32ea0346d6ba75442beae8b1343e1480855eaee892c749f1c80e52c46245731a4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
178ff11fd115d5dad588b5cecb721adf

SHA1
88ca9a5ddb42432ca213ca29e41f9efddace17bf

SHA256
a91f6d854468b0dfc0807af3fed4d1bcda2fff5fe87ecb5b793412ec03ae126b

SHA512
be5ade1b3e8fe3441f72fd954bea2f951d3ef5b39dbd73bd156d7cd7351a6b1cf816d7223a116ca3e4c3374fc9c0a876585130ea8385ba39ff87cf9d7eb983fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
95f7ac4bcf83ae288b940a1cb40e14f5

SHA1
8fcba5c36bc72fb959cf4205f6ba83ef2317d970

SHA256
2559dedf59a9d39db078384c8935a324022ac39459ee61d2e523af91a9b3dfa9

SHA512
f33039444e2d5da30109367ca1847e79539877926af0020ca41cc95f0bd60dfd0f41ddff5e761262f2f804f044d0645c93f7d8049e2a202d4f24b471078b64c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
0f161064fb7d8a812e3f51d78f7c7b18

SHA1
9e9938ebb47dacd180b7cfcb9507d7c7552b4415

SHA256
0dc6cc56131e18f573135b811e7678dbfa00433f742dcba2577f95897e2ae761

SHA512
2527725ec5a7f1d8e8bc69a9dedf716bcb11d34d8ccbcc977707645e4b1c91bc94ffc1315fb48f0caa43a3f83500b0ef2c1c542055ef9efbbaef1cce87b0b856

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
02ffb83a110612819f05d300f1cc6661

SHA1
e48bd8e892ca891f28a8e9d85fc4ac9f59c25862

SHA256
86f3fcd87e3fa9b11bd8c0b59e372b83f6f2c54f028f7f6511cb8552ff9a4df6

SHA512
55d6f3a4d844bc63c9ea85332a434400017bdd1faffaf7f014c501bf56d80e296e4a7285387ce4a0e14c125f4ea9300f53d2499ea9b1c4607e7386b95b95172f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
08867fafe0b5bc9048cbcad9aa9488fa

SHA1
31292f1aba15c78cf60ae1e906aefc2dee5e0056

SHA256
4b5ed8f1018d35e9d5bb4d857af03d4ef6159ad17a90243dbda982eaa56c5e28

SHA512
e144be40f524f0c2d309ee4df5d26350c3492724e4eb6ebd8d21c85ea0aa16d472cb18238ca7d9c6c6e054b797cd056e43a258212f9f64b1daf15f9e51f41d76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
156968436d4434a774fdb01a99dfce9c

SHA1
a4d0f8c98b07e457e16d96a0969820e5aa3e6367

SHA256
9efe7a17dbd0c9b9634f73302d0db23983178394428beefa676f38fb7759aad1

SHA512
226d4c1e39dcea4b899f1254518ba1fc48c1fd28462c2d39455e1ee3ed1d07b97b943d32dc6b132e0d73c307fc509c9f00bbcda9baf4fceca944a0841916d6c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
171070e7f2b1a787affd9952e07a9a34

SHA1
dc5b823d2b10b948918d1d97fa66619210873832

SHA256
214eed76c2527e47a4aa9d462d8edfdcf065ebb4c5f649a424087fda96aacf3b

SHA512
4a08ca977f2194497f714117d4b3cf58d97ae8199006c718bf53d072400710c18131d18034360e2741f746462c5078c3a7735d1229dfd2d6a2b5e9fef57b7d1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
5a2066ba03de33511650988409cd9a26

SHA1
af4040103fd5e49a16c01e11ee6bf076c6624dff

SHA256
bae2d691408f5d8a38def557e148a494e769666acd4295d6551922f6b11c13c9

SHA512
2feece797ba946f5fb2b5c3861801a3b38af98dd65b03f7b3263fb03e317bdbc18f2c84348ec0f3f28cb32e6fb963b2a2924c8f364d6b007036ba0a5295b6959

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d114cf9b19cb7fc8626ba18cdfa59d48

SHA1
a422e2a20feb8a6054fe1522c90f3a7c5d40de80

SHA256
d4bf94bdd6e879663c6218efa72323f3454854893712c5f3fb2ed31d6b2e7c68

SHA512
fda2bfa9ba1270e7c189bf16951b4db1b225476d6b10b98da485c67d5540bf7ee0f56cbe80117e493aa64c9aacf895b3cb6f44500066c68c8899efdbff09135f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c9420231c171ed5443cf941c2d44db53

SHA1
ece57e47e14911ea4fd374a6cf554dd73912a788

SHA256
77af1c725a2924efe413844003b207a9021c25cea0676c4232a30ce1c055c939

SHA512
a107f1e411d60aa0b3044b1c940f3eb00a036ca6beb5b8355d0f2b0bf2f03f99ece92074eb0e704c6c34544a08faee26bad297461a4de031dc712904e8e41334

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
6daade2bc108de3767ae0561044fb8e5

SHA1
a05bce92dcbe56f07059601fb723c601ec260f38

SHA256
96fb98fbf445501a9f40e2796f992b99d0934d20611d97e003d7a862beb8be3a

SHA512
cd7c4a3085aeb28db84f1707ae167d7240bdc9338128b627f645c386812ade2207490a24f006b06f309342c358c140126bdca73977e7e9fed1fc3e587fceee7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
4d43b55f4f8b722fadd55cd0a62e2e95

SHA1
2844a86dc262d7eef842da7f512bcf51622baaf1

SHA256
c996e76a22695c19685b1a3d1d030b514e557cf38309cad1c55e157c476582cb

SHA512
ae3c16123549d0070b7ea185badeb465240d504b99672641a9364bec2b6221bc7aefa3dc13804806a7e9aff062b86dd91ce1a87a801f661c7274a5c7c8de269a

Download Submit