hxxps://brave[.]com/nl/

Analysis

max time kernel
299s
max time network
290s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
06/08/2024, 10:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://brave.com/nl/

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133674145182146322"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
2280	chrome.exe
2280	chrome.exe
2280	chrome.exe
2280	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4796	chrome.exe
4796	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe
Token: SeShutdownPrivilege	4796	chrome.exe
Token: SeCreatePagefilePrivilege	4796	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe
4796	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4796 wrote to memory of 3516	4796	chrome.exe	80
PID 4796 wrote to memory of 3516	4796	chrome.exe	80
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 1700	4796	chrome.exe	81
PID 4796 wrote to memory of 488	4796	chrome.exe	82
PID 4796 wrote to memory of 488	4796	chrome.exe	82
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83
PID 4796 wrote to memory of 3880	4796	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://brave.com/nl/
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee0fdcc40,0x7ffee0fdcc4c,0x7ffee0fdcc58
  2⤵
  PID:3516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1904,i,3088541762276663087,16642756120827269714,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1900 /prefetch:2
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1820,i,3088541762276663087,16642756120827269714,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1936 /prefetch:3
  2⤵
  PID:488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2152,i,3088541762276663087,16642756120827269714,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2208 /prefetch:8
  2⤵
  PID:3880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3056,i,3088541762276663087,16642756120827269714,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3096 /prefetch:1
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3088,i,3088541762276663087,16642756120827269714,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4528,i,3088541762276663087,16642756120827269714,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4540 /prefetch:8
  2⤵
  PID:496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=212,i,3088541762276663087,16642756120827269714,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4752 /prefetch:8
  2⤵
  PID:3652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4828,i,3088541762276663087,16642756120827269714,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4836 /prefetch:8
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4804,i,3088541762276663087,16642756120827269714,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4816 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:2280

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3436

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4104

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
a1a83f3b30dfc310c9248e0ed5c0e3e9

SHA1
0b66964b3407d28d36ae00b92de6285f45d54b67

SHA256
99017cdf4c7e7fa9d057c23e35f92bb6afbb2053d49d5a2511dd5aac2bb237b4

SHA512
a77e305f1131d20f1634152187e751fe05e1633cc08d4d93e985295bea7422a3e182880836ab0531532e49e91c23b2da5e5c4a3b19efdcd944833f8b32c246f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
bdf6a1e8113c90742384e5246f52ec9b

SHA1
e33a1d2f2f95dc4b0f86057759946591baee4bfe

SHA256
c07b2c8bc86f9fba9adc418f4f0b9c0f0f423911850406c42045a7640a44b113

SHA512
fdd30bd6109ca8c23d27b2db89429b94e2bfb4e7e69724bb45a2bcdb331160d8389fecca7b388aad71b44635aa30de29ee5e64b0ec285be455a77d3feb6f6bb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
18f3b33b5af974cfaed406f3b3e8b649

SHA1
e17027a8796293bfef58ad66b32c89fdf5ccf795

SHA256
f874621bb5856131d5ac2d4ae42b5d4c2750c6c3335f8059dd7502951a1e7cad

SHA512
9eafab0315ccd9a9e1d421c50c735207e9b343aa944e8e7938792368e71b53a86e82487de930bfee017361e675fc09d167d8acaa71e4f747307902fafbd96a47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
ccd7cfc902130e14f4585399592c21d3

SHA1
a4725f436616f74d14aa5aec45035280d4c28008

SHA256
e597c22ddb935f60a7351fed62720f9adbfdec80ce4114d167d834afeebefcc1

SHA512
a2ec6606d50307b48175c682fb03043911aac6006959d9701ddd74b40ef2b92e03a7013a4d2f2d9468ee123115eec1720207a7fd54ea78938cf0c2aa3f3fdea6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
879603ae59459f21c8ca6325b5d635da

SHA1
18c8a5215e221ce38a6766464d955ab0596008f3

SHA256
53cbf72c52cb1ff36144d9d791c61799314437b3ecf8b488feb6c0b4aa5a5ea0

SHA512
2f5d9ec3b0ea8521d1d21429e84aa6bb5eed68ee84da13c8cc639ff06c3d12897b00cf9f3e05b238f7898e6644c4760cf0ec3d7ecf217a140c3f6f0acbaaab6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e955e9edb7ffedd19bf47e8d29c5ea0e

SHA1
685acc46c5fa6dc1b9a58277295705ded69fc0b9

SHA256
56b00fd4b67a12d7f19d0ac89631009e8e45e1cfdb1770eee88813ab6e68acec

SHA512
9e83f45e8a380c963add3396bb68eb3bedf826a01e178518e1cc11ec08625b6a23e41e237e768ee8b65f4db11b9f247283b6139b02273636d941957868d1c33c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
272b485b41387fd0c5bcc2c8697e318e

SHA1
c07571c81042340bf7e8ce7c151c6f9aac955d91

SHA256
8f147c61b8f0d80686cae14028882c27fdd6663f55f57cbb44f92c1c89bb37a4

SHA512
21072fa508346e38da3a8dbbc568795805c0a806e157c16b2ffc48c035d1c192e3412b8c95442ad3ae8c246adaca3e0feaf346180411918a52485038e5c9aa22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
dd6233b10447d206e9248449d283632e

SHA1
23091c96711cd0f9cb9ff3aee68bf8c74feaa9de

SHA256
a1ab34addaf4cdd5939dcc3789b308a22c8fa965eacfa4a6433104843a03b7cb

SHA512
9fa0c2e391c7e823655c3972a061635a21774aa1e5495bbf17ba63fa6800030208661e9c463c532c49745a8e0ab78f27b4f389036fb417a0f7918f9f9cbd597c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
018a941cca2907c8f3c95c9c51e6cfd1

SHA1
40251e2953c1f07c336067e0b290abbec6ec3f5f

SHA256
8ac29a7215e0f05912cc765e6927eca2c228df828be1e8b7f2dbcbae0374fc57

SHA512
e50b2de80764d5861a42eb8d96256062c6db09518167ec32198fb2912f8332b6b96a9d8e27cb343b51893aed585ea633f25202337c53dad5ee5f29034eaf602a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9c668a609bf6192dd450ad36f6a13b90

SHA1
0ad29bd1bfd878f0bdc7407e6c03a8a6b4ad7ae1

SHA256
249b141af5118afb8349ce1da12db36b774e0311dfd2517b16193c72fa9edff0

SHA512
e0bdbda364a0b27f5a9e2f63e63daa52572dd35691dc683c883574ac27bb2a88aade3d4611306a70753ab7194a2cb85a12735733614928579373edf0ae391da1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
17b6315d2dc9237cfbd85078f769cf1e

SHA1
8170c6e33d7487db770edee33e8f75a7c88fe478

SHA256
d582b40fad84416cf4245962880db6b87317c7345be67230f2cfd70e28b410b9

SHA512
0e663212f6adf3cf81c1676e043c6cbc0c6751655f72d69fbab3edf494494efc0d2afcead719fd37b7d2ebeb9ff1c76afeaeccbb19cdf39b94de5d5b354ee2c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6fda15dab93e2cdb2294a77b8cde53d2

SHA1
8f0f3e760029d1dd870f17ff205799f6290f7fa5

SHA256
ba1ab161a2cfbefcdbb17a1fb9a78bbc9c46fff8ed2f0dd18f4a26430067052c

SHA512
02cf4203609afcb8a14120b880f40313a7db9c64ced3f83c22dfb9577e56b4bdb0da9d06a57c5c225dcfd6e4612283f32d8e41c66a91b95b2834159c0d6f985a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
93e413d919dc337e2c04963608b9370e

SHA1
c4fe61c31f2f80b6d7c90c07940a0be41de6bc0f

SHA256
2c4eb66603cfc97e00e6b2511c08c790d5ccc7fba8f3824957416fa0308208cc

SHA512
ef37a9d0d1cf8c358cfe3cd8dcaa1385f409b312424883daad172e83045af6a86671a2d26cafc90a894feed29bfed3b83228e7930efdd5c4ba7dbc785383565c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
129f1215aac26581fe4c33d121a0cbb0

SHA1
bcaf9ec1ad33c5f5c564998ddf4dd8c35269ba7e

SHA256
3b2a28490756ce1076dac10fedb532d7bd327a206d96761e1cf586e0c29ca5bf

SHA512
f7bb3acae85ebe651f3044667c1b11667eb71409675b964f8f20cf5ecf224a7435a965ee5b2ea0a32ce04ed48a1ea715ffc5e0c54ed9eb8b30094fe7e8636a28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a492ed9df6137d056be28605ff208439

SHA1
28ee6e426cdbfd023e2013fac197324d127a4417

SHA256
dd1ea24b185b4c330c03cc0d6d87409f152238e5537a8d75d46412f519b7478f

SHA512
df1ed2f1bf572d281754ff1b6859dceaa76d263cf9cd55a75728934fa9a3cffc4c62839fa5692a42d3edc09d60e1df07f0cd6204145b515c1879175c6b72450c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
87565336952f6dc68585842e03af04c7

SHA1
96c2acf38ea561c1d0e056ef5b1c8774eedd1f8f

SHA256
6fc743efe0741d1abdc3f85ed41c4ccfb05797f0d4324de1529dfd0990bf9133

SHA512
83d1c41ea7407affc423bc5cd2009561809704e43c66927624e487da8abf9ee590ad09231d3c9421704ea601ce343df23446922cd1658696110f22100e3db9a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5cc2d6455faeee438ea0eadc47919fb0

SHA1
9454a0af353cb0d07c6ecf3142cd17141214a0df

SHA256
755953657b519ef5a1bc1cb49064610232e1b8113c11558a3f97cae34e4a07ba

SHA512
24ae587ecd8a1ef65e79d1f1b09b7fb73401a301a5a67688e77cfb2b09b6217d729e38065aa4b4a0b7fd1d9c67092586107be2328e35c5527af286c6e0258766

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
08fcfe8b6d38878c039f50319179c8c2

SHA1
30518aa09b523897cff97b2e069d202eaaea8def

SHA256
ccb7993dd7679d5d9052fa49c150cd843fb5724a1704015dce579d98f0170239

SHA512
4c65355e19d297bb80087a7c421b1c1bd350dc24000b531582d97a2918ba298ab70a8f453d003613b9d265ae4d8fb58563a59b94d4ab5425a166f2bf695565c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fd418bcabcf6549106e4d9278ce7ff16

SHA1
5eaea828a286dba6e796474057e71c1176f62c89

SHA256
9bbbfcdcad54edc94a808735bddf70b1ff553f31e9bba659a52b50de5e33446b

SHA512
de363867a5caf8a2821ec68769c332a0c5a27bc202a207652168b7a5664e281399fe833b324840b9d6959e9c9e793bf1d1acf050624bd16c2b3bf3c31e9cd57d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
92814689b8a1f17abc58e61877b98f1c

SHA1
5849cff6750ecbf81c92768e165c66f355f438aa

SHA256
9163d68c493cb9a25e5c5707b070ca5ff176a5c6949078fb3dcf790c4db570e0

SHA512
6d9ff4590ee1b3df6d8aeeab4443e8c1a43769b736c9b808af80a9b4a3a082b0bffdd6429a1143c3bff152cc9ec19589d1a1886c3b0d186ebebb7f320f15c949

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
3c4cb1b70d30aa97350ab7258ea0b198

SHA1
a9bc5eb01ef0570b465a88163e7037a48b95699d

SHA256
4feb861e955806fdfa546e3ff9a056a618b6e401768b71636249cdc0f49d3431

SHA512
d5fc158595904f7d7d0d0e332ef6e46499deaf3f135ab6d87dc7813cd37ea1f13fad4c19b92825f57c52e5702e4309b193b434890a4be0e286c1dd7959f34b93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
2d7f9b3c7ef8ec0190f3c8e1232a6440

SHA1
32091e8b0d22ebfd8882d7d3dc976c23ed96d987

SHA256
6aeedfe58e092e7f265458571b89760cf6e9405b86be927b954d28381708a707

SHA512
97b8a70f917d250fe4d364fe8f2d259d18ec05f7bedf69b651ddd1bf9050aa02c0ece3ce1cbc95fab60f5cc48a20d5466e197ef1a9b5e6f29b33c4c4c3883f8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
5c22fde0a7e29745acd5235f94102f07

SHA1
6ba13b4de56a44c1c94fc2364257d7bb245960a4

SHA256
3afb1864433085be949f10a3ed99797f04a9e3cf3061d801764f0d784aee77e0

SHA512
8e353a441879c9824adacd39383ea42b9bebe587ad90ca09d94b75972be7fb6206fddf0a83dbb414cdf9518721e77391f4a1c9ad7ada0396160befe4c20d47e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ab759a72-264b-4986-a10f-dff40a065242.tmp

Filesize
101KB

MD5
0bd25e433be5fed7eb939766a0aa55a4

SHA1
93f7da0b2def30fb6f43665698b89f4c3d607c44

SHA256
2986eb77bfa46183b9eec2b69539349d7816a358d2bd11ca5765f1a18033ecf6

SHA512
43f03151e28bd054769e7b213f59832acc2276c4db255676474c61691138691ff0aae7aa614fcc87581e01fe1b90816ed2eb22eb9bfdd085595aab6207e8d206

Download Submit