hxxps://youareanidiot[.]com

Analysis

max time kernel
104s
max time network
106s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
05/08/2024, 16:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://youareanidiot.com

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133673494241901965"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3288	chrome.exe
3288	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe
Token: SeShutdownPrivilege	3288	chrome.exe
Token: SeCreatePagefilePrivilege	3288	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe
3288	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3288 wrote to memory of 2400	3288	chrome.exe	74
PID 3288 wrote to memory of 2400	3288	chrome.exe	74
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 4724	3288	chrome.exe	76
PID 3288 wrote to memory of 3768	3288	chrome.exe	77
PID 3288 wrote to memory of 3768	3288	chrome.exe	77
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78
PID 3288 wrote to memory of 3960	3288	chrome.exe	78

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://youareanidiot.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff8d7bc9758,0x7ff8d7bc9768,0x7ff8d7bc9778
  2⤵
  PID:2400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1528 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:2
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1888 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:8
  2⤵
  PID:3768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2096 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:8
  2⤵
  PID:3960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2732 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:1
  2⤵
  PID:164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2740 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4600 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:8
  2⤵
  PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4596 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:8
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4784 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:1
  2⤵
  PID:4660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4680 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:1
  2⤵
  PID:4600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4756 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:1
  2⤵
  PID:4964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3540 --field-trial-handle=1872,i,11655038696816716918,15548532103915078558,131072 /prefetch:1
  2⤵
  PID:660

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
4c17997d8f7176aeeb249de516bb2c3c

SHA1
6694a765c672346468823ec39d2c1f4ece928a78

SHA256
09c7cd6003a935cdb36a76e1c8f1a1d0dbc4ba41b60d155af47b0445e7d075e6

SHA512
04b12a22dec24b92fca70b94c9017413f3c7d7caf1b189df622807e80c7babe191206da8822d5869a4fb3f05c4019823f4eb99853ad1fdbd06bdba2a2a33fc21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
fa5e6f0fae19e5371e08d7272b5b0f3f

SHA1
0cae714c881864299d87e2c4aa5fa7c515c040ee

SHA256
7e5ef6cd01aa99db0704eb1c79f490be0c2f8f7d8fa84079baaa992e0198e716

SHA512
b3ffd013929a833411a99f2591e94fd1da7bd4835cb26cffe086edd5e6ca0982264e38755631aa2cb0a674f8825d13ffeaa76ace6214d256dbfb295ebe8d91fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
79536a52750cbb3d88fcbfd7f92ba7a9

SHA1
51bea9c701401cf2385a7223e5c0b71c22d0747a

SHA256
662d2c414e33c9c896af960d92ed3c910fce649cc167d182f6221d43e77c2fda

SHA512
be91049fe72602bf5534ddc62826181b41144ed419c10566086fc5133470ebc3c4045c080cf5c1d8ea65bb38a7e854631b0cf15160336dcd9df7545ae7373745

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6772ac02ccda09d555ee43af7a0ec77d

SHA1
93188bbcd8889433f3b18aff7451e04fd50be7d9

SHA256
e22403e29904b6a93f7fa292032d93d2947b36c9d3c4f620fa2ac4dfadb62422

SHA512
2a3a39b7bce5d1582ff77b4f071de1e8424aaf10a0d00147a0ef0c4259d786614ccd0e5a8929da22dbf61e86099392dcaf1565efface348b6eadef3b66de313c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
605671ee4afe1c52546bf71df5ea0821

SHA1
313f4823b4bf718e79b3d98eafdadb472e4131b4

SHA256
58761f982fce5066ac66c7b8d71026bfe0edf9ff86023bb787e1c88a44910ef8

SHA512
316c51356e1e2cdf1846ad4bdca40b105373c1661885d2afed4429840b446aadecb1a2718991bc7e6cc251e29b20fe8033d4f577f5725dbc3435591433bfecc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
6b52234079f13733a21cd9c217951f7d

SHA1
61f73af036653971d5795480cc12eaf1d5783c9f

SHA256
dbd4b16a53ff591dc9adc81fb1c98d5c2095554053b208f6573c0c4275fac036

SHA512
cd95fdd2d04fd8d3a6a51f5bb096b41e90845dbfe58f543eaf264fe4ed903d0f036561e0108c4549e57c3d298b27d2d5d7f45410f7f827162dd90280f3379a8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
63f7763f8ba72ab417a29fe30a40a1b2

SHA1
d600cc806188271a9b61a244774536f8e93003ac

SHA256
12dd75c43191c16dafd0e7a06cd30c6143c1489464dd428e78de1f007f6bdb7f

SHA512
4ab2d1e01eedf756319d61247eede840243279fc3a7150d9cf0e40b9864169cc51a56ebfa8b470bbf713885f603767dc2ad14bfb5ca8b8323a1d145d2739045b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
82e4e2e5b98aa50bbcf3e2041778fd6b

SHA1
2feb197c3a711d12f8b6ad8f59db04e2c30fe655

SHA256
82c3e2833642796c1c384d220991d573c5202e98d27d195436f05801269a5ca3

SHA512
bee75b06a5ac05f3572aa6173175c9192561fd9543c836854c363079096a66af1e3d790af4041682e59b68bedfb75906c565201331ba74977311b3d611488591

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f2d12017be364e1431af7b8c9d5f5652

SHA1
dfc5e2d082cacea6c57001c4654b412be097a125

SHA256
6020266e165cb01eb85abf6f2636e0eeef1aa1a2516198fcf3ba1fd26cd447f6

SHA512
725bfc2666ef413a16bb39bf915645ea15d02b3aecbf8305419aa68c2a386228a83e9a14e606e46cb74facef76b0c79b3e32b90f59d901b7dd05e62c0edb8493

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
16babd7b3ab47dfe0f2a0355549ea925

SHA1
9cc947615e1381e1d1ac7ec65fe3d7af4f1d38bf

SHA256
3dae6db006dbc6344fc0984b1040dc5d679bf572f51a6df26b1c2c17dff3c392

SHA512
e70f857bcfe9dcb7a1a10cab6248c2efe23f891153a779d74713606d54eb467f8034fea6e4ff516cbfb847ed0411c140a8ddaaab70735f4d68d90126ebb5fecc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
aca3d4ae6904d696bdee22afdda6efa7

SHA1
ed56663a4309a1fd7d04133b35560bb4cfa54409

SHA256
23ec75c0845c3a4581b8bfc8fb59139f12ea67fd484e9925318bc3de79193680

SHA512
ab1b7681c39402277db8bcde46a95f0851d6a98aff8e99d7e43733450c53ad0f4b99f6c8707c815b1bc726560e68335b102ff052eae51a9b345807b9a2465a22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
136KB

MD5
78343019bc0c38388ec7d90524839da8

SHA1
fa30e247628aaa932d147b8162de83b84cb0ab1b

SHA256
daa2eed92618f9c2a753b5a2065ae3c127e09d7fdce09ac7eeeb3caa4d2af9b2

SHA512
623061437288c7d3053901357e66df3f645139cc73c2fd3b39cb302f167cbcedf316e399738a3fa39889e170e999916a4576644e7e36ad648d896ee78ba9f083

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
136KB

MD5
b8acca7f9be9d492e7c6a8688bc44897

SHA1
4aa6ba3498cf5b9452ed2b9b62821e380ae5e685

SHA256
cf4b7ca733613df6e6b951a75a07529dd0f81383650b15df43622320b14c1eae

SHA512
faa21d89b0b9d0b043d0a8f0f69840efc61ff21ffdf034d6a7a8a01d3b03e545ad9f6774443f5b8381102788eb993fda8de8f604bae23bb87a7a6503c5c55470

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
136KB

MD5
17ec117de8a39a2c040f7cd27dc3a956

SHA1
afc484cdd1c600419a203adc43cf5fb54536594b

SHA256
368a3e1957eb671c1a762d0a3512b7c80a1a0496e0b5a40da4b0b0dad30bc2b7

SHA512
83c16b145fd388c7caff78feaeb173163ee9c7a13ce50af0456ea7ad27a676d44c03d33b17fa6f3f20bd67fc60ece904b51e485839edc64383b65e3a89535962

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
d87d05907b573d0dc352c634a88aaa66

SHA1
59aedf0766da99919fba3e7cb1e5bef247e3bedf

SHA256
3239061f4f5079f39ca5e4afd503439ebdad3b897054eb54a33f8171d4f93b3b

SHA512
4ecfa4c15e29eebb8940d55f58b39fcf938f82bbe456052cea361678ad5f3e9c4e6a400b8deb63239394a83ae6ff44cc6e316327a125b0b491889da795a5de1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit