bbd05de19aa2af1455c0494639215898a15286d9b05073b6c4817fe24b2c36fa

Analysis

max time kernel
139s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
12-08-2024 19:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

42.zip
Size

41KB
MD5

1df9a18b18332f153918030b7b516615
SHA1

6c42c62696616b72bbfc88a4be4ead57aa7bc503
SHA256

bbd05de19aa2af1455c0494639215898a15286d9b05073b6c4817fe24b2c36fa
SHA512

6382ca9c307d66ab7566acf78b1afd44b18b24d766253e1dc1cb3a3c0be96ecf1f2042d6bd3332d49078ffee571cf98869c1284c1d3e5c1c7dc3e4c64f71af80
SSDEEP

768:hzyVr8GSKL6O3QOXk/0u3wqOghrFCezL1VFJdbq2QTJTw02Q:hGx8DKXE//ZhhCirFi2cwK

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133679635783523796"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-945322488-2060912225-3527527000-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
536	chrome.exe
536	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe
Token: SeShutdownPrivilege	536	chrome.exe
Token: SeCreatePagefilePrivilege	536	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe
536	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 536 wrote to memory of 2400	536	chrome.exe	102
PID 536 wrote to memory of 2400	536	chrome.exe	102
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4804	536	chrome.exe	103
PID 536 wrote to memory of 4028	536	chrome.exe	104
PID 536 wrote to memory of 4028	536	chrome.exe	104
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105
PID 536 wrote to memory of 3168	536	chrome.exe	105

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\42.zip
1⤵
PID:4992

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1096

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffba529cc40,0x7ffba529cc4c,0x7ffba529cc58
  2⤵
  PID:2400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2000,i,17927174715872433759,17319463919902094843,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1908 /prefetch:2
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1912,i,17927174715872433759,17319463919902094843,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,17927174715872433759,17319463919902094843,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2532 /prefetch:8
  2⤵
  PID:3168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3156,i,17927174715872433759,17319463919902094843,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3188,i,17927174715872433759,17319463919902094843,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4572,i,17927174715872433759,17319463919902094843,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4560 /prefetch:1
  2⤵
  PID:1108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4856,i,17927174715872433759,17319463919902094843,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4864 /prefetch:8
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5060,i,17927174715872433759,17319463919902094843,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5064 /prefetch:8
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5252,i,17927174715872433759,17319463919902094843,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5208 /prefetch:1
  2⤵
  PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5396,i,17927174715872433759,17319463919902094843,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4656 /prefetch:8
  2⤵
  PID:712

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4344

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4272

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
87e90dac3447a5ddc19b0c00dbb2991d

SHA1
98f383b5e1507141e89c62d784afa03a7af9b700

SHA256
50824b0eab888e7be8cab77a854c1dfd2703c500887b13838ad00d21dd64a34b

SHA512
c6b20836cdc67c1a4a85c967153d6165c8720780ad18b37fab093744015241bdff5bb9a38cbafb0d7930b53fd4d9566f8bbf42f7ec26a8cc54c85fa4d5b447fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
629c32aabe5ee528fa52d2e75d22a1ac

SHA1
b0f1a160de9ff1c34a8b1a6dd973040e8c2070f4

SHA256
c1bc00caab94bf4350106416844e6664da9225f789117e881d34c9709119214b

SHA512
2bd250327a4adbc55befdda4eaae7be2c37a560c6937989dbd3c758cb114e349ad7f2f886b60997dda43bc3234e14c209313f6db69626f5577d94dc1e1e757b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
3c7c8dcf6727964ce01f7f8af27d0ad1

SHA1
cc765a1788b2b26c11edc1fd52817948d82fd87b

SHA256
a27c5af61236b7d19c09322b766f89e78779f748b7525b779af5713b1bd1767b

SHA512
c29eaec2d16ae2ff3ee71ecfb42cf3e7455f5e065fb418f4d15d2a5a66f3c822a078292f86acae9de25bdac8701ab3f1697433f87b291bbaa9f206dcc8d79cdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
dd4be19791194d6e5fbfaaff5a277fa6

SHA1
23604d8f0366e20685209650de3f948355f4999a

SHA256
9b4363e2692c8051552c86821091830f29fd20d4020f8ecc7a3c19f4171c84cc

SHA512
8994b6bf7d59e29476a755ca698a2a3b1affad165549425ca861cf15602678c3336a568515f71257fe9dccbb10d75b2d4b29ef64492d6112738776f4682b5a75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
04a615291391523e3a59e0ce08b93c2b

SHA1
c10cfff260fee3c01897db61d800d5217d12dfcd

SHA256
fa65ebd82e9c561657e40cc916a496c1b39e5c1c9783e6d5133ed2a19f7d4f3f

SHA512
51ee981282e60e774cfb20f080cde1d120b06db46327cac6060c999b8ca05c0194382757f121834950de9fbc94d48a5219b5709bd68f9da02aaea51cf766f5bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
a5422d9a98b8c3f50062dcdd5d6fb90e

SHA1
e458a8f36129e7d8eebe1f0c1396c02e8838bd00

SHA256
fa19c5585b84e235d29a7d6823218e6609dee4a95607459519d9abe24380f2bb

SHA512
65e6c2532684b2b4c706fa5cac3c4d479f932873e99f58c2cab28874e8d8d98238ddefdb2a9a7fc53900d8be85a777e0e7c6c9764286da4c19060b3117708c37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f4e65c14f15afa0b8b0fabe9180e64c9

SHA1
1a84dbd318293a1e319bfd388104929adac295a8

SHA256
7f7706b02ad46dbf94546229133a53839230d6fe9f0d162bca27b1050cb9a5a4

SHA512
39511664f08c6f5c9e62c0fc1c0851dff6705e364ab889848c2b2d473277f29866c22a9bcb833406fcc2dbeee3241afae3f8d1cf7f144f81725ce696428e13a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
c45b9af60381cd797b6c146489db0326

SHA1
0a6127401c4809da216bd9e85d1a991543f2c145

SHA256
a90a4777e8c9dbfff34e1071777ae264b3d64cd022e775682204db4a42c37692

SHA512
98202922c3e1be527b776adfbd058e4ca6b34cc9307e6a2c1cb26d9fb1bd1aa1e930f5bb1791cd676852e50466c0a57bcb19eabe3983555225b7fd31cf05707e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
193KB

MD5
a40d5dd14662196819f18a93bf95339c

SHA1
77f0686f4c07ebc01c0a595ae47d32f7921ecf4f

SHA256
04d6febbbf95697e9002392f09cb07670a91c6a32b2d3749d66cd4b77ba52091

SHA512
fa0f2dfdc94c9dc2ff3875e214f4c8266010ae325a8be16e9a9c8483420620349ade35510115956803a2ff9326c122c30f1f04c0e792851fb2c501f69ea9fc1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
193KB

MD5
b3c5050c09dc09c3cb4132c729534a48

SHA1
72a2bd2ea5268c70fdef73e6620580e01d2da311

SHA256
5d0094ea9eb257c0492c1ae9f73baa084ae7857c9598a328b2ba59babccb4f3b

SHA512
fc159d289834999d62c6fed1484c02b6f83b8479fa247af7404d271f4d621e93319f34937103b6d124887269410535f678330a21a4ba9d48e2714ba53d5d1b87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
4d488ded1a2d0000591f7ada244b7b33

SHA1
4c09eefa05b897fdc1a3a03f7f26111523df644c

SHA256
5760af8fa05a94b248adf14d39f7e192523fd29779f9c58fc813f0a4a0a666f3

SHA512
6eb2820a71d3aeec89e9d64814a26c58bad8b74104738a5b7cb91354448153e512156412332494aa19e1086126dacc587b2cbe402eb5cfe0100d463d17112016

Download Submit