hxxps://cdn[.]discordapp[.]com/attachments/1274434035317342254/1274434117458464819/OvixBundle[.]zip?ex=66c23cc3&is=66c0eb43&hm=30a326d820ab6f7131b3a0d611036c1fe0dfb3a9521eaefc974d4882431df38e&

Analysis

max time kernel
149s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
17/08/2024, 18:26

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://cdn.discordapp.com/attachments/1274434035317342254/1274434117458464819/OvixBundle.zip?ex=66c23cc3&is=66c0eb43&hm=30a326d820ab6f7131b3a0d611036c1fe0dfb3a9521eaefc974d4882431df38e&

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
3948	OvixGTALauncher.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133683927950857624"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3636	chrome.exe
3636	chrome.exe
3872	chrome.exe
3872	chrome.exe
3872	chrome.exe
3872	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3636	chrome.exe
3636	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeRestorePrivilege	2680	7zG.exe
Token: 35	2680	7zG.exe
Token: SeSecurityPrivilege	2680	7zG.exe
Token: SeSecurityPrivilege	2680	7zG.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe
Token: SeShutdownPrivilege	3636	chrome.exe
Token: SeCreatePagefilePrivilege	3636	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
2680	7zG.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe
3636	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3636 wrote to memory of 2700	3636	chrome.exe	84
PID 3636 wrote to memory of 2700	3636	chrome.exe	84
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 1220	3636	chrome.exe	85
PID 3636 wrote to memory of 2372	3636	chrome.exe	86
PID 3636 wrote to memory of 2372	3636	chrome.exe	86
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87
PID 3636 wrote to memory of 5016	3636	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cdn.discordapp.com/attachments/1274434035317342254/1274434117458464819/OvixBundle.zip?ex=66c23cc3&is=66c0eb43&hm=30a326d820ab6f7131b3a0d611036c1fe0dfb3a9521eaefc974d4882431df38e&
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9687acc40,0x7ff9687acc4c,0x7ff9687acc58
  2⤵
  PID:2700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1848,i,13321411552649378966,3776038592700237123,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1844 /prefetch:2
  2⤵
  PID:1220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2144,i,13321411552649378966,3776038592700237123,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  PID:2372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2220,i,13321411552649378966,3776038592700237123,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2448 /prefetch:8
  2⤵
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,13321411552649378966,3776038592700237123,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3128 /prefetch:1
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,13321411552649378966,3776038592700237123,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:3356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4548,i,13321411552649378966,3776038592700237123,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4792 /prefetch:8
  2⤵
  PID:4252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4468,i,13321411552649378966,3776038592700237123,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4332 /prefetch:8
  2⤵
  PID:1340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1000,i,13321411552649378966,3776038592700237123,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4596 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:3872

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1336

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3676

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3032

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\OvixBundle\" -spe -an -ai#7zMap20124:82:7zEvent26637
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2680

C:\Users\Admin\Downloads\OvixBundle\OvixGTALauncher.exe
"C:\Users\Admin\Downloads\OvixBundle\OvixGTALauncher.exe"
1⤵
- Executes dropped EXE
PID:3948

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
0d398ba503f31c5e7e00f0674f4c5cf6

SHA1
63d9b07059fee1363602ebb247e60220fa1dbf36

SHA256
e1398b5809321856b2d175076aeffdc6f118733f598eee3f181844ff0bccc253

SHA512
29c466ac3d5e4c4d418e1ced9003d2c8636d55be059c95844ff46d71cfa7c9ec4c9fef210a6faaeefb818a68a5e803fb89867ca0d04aff082cd4b65da2ef1d75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
712b2a2c248cd9fa723088ef7511fc48

SHA1
6817ad9de21fcf9387685d55e5e40c7a56b0c5ac

SHA256
0ce71fe72bd1e948f3c8781a352e84dad33c1b5d2c87aaaa3931be6aa073fb29

SHA512
a1d13b6247e6af68b5788139bc43cc2dd28ba8a01ee992a7fdca1ab57185b62b11faf5e4739414ac4bd8ca4cab39ba6cfc29d23fe3afd56479a6298f8735e113

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
aea5d08c76d933a5e345b272e4bc3f44

SHA1
c2ed01188e75bee3ad273ca5c60b1112312f6f68

SHA256
1d23b551929ccebed623a3e928e686bdbf1186c179a085723a6e3204c94ee88a

SHA512
bffce312965477cb4c8fc6835166f6e407799ec05d1e25e7c913590cfd57da3c8bb8617bbdefef6b30ec5292e5f378e475a97159e11088fa156316bdf31f0134

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
49b7bea8db0299029fb2a6133fcf64b6

SHA1
82d1d352c2f57dd964b5be45b86e63b0dbb6f560

SHA256
6206ca4570cace64405fd119ca4e3c85b3669ba1ba066ccb23c8982eb7e06671

SHA512
fa96873e468977fb96acfcaa3ddc4d81af4586a687e0a4c21d90ae349daadbc90277e3b6d7540df125f9a577c7a6c96cc8df63c7c46e9ff40dbf25bf73fad8bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4543e1fb6085afa2b710fb5a92ff189a

SHA1
06b9b24fa136de1974440e02992569e3bfcfea81

SHA256
ca7997eea8ea1a03b353a6c4958bb57fc02d27b293d2cc4d1e8d3ea6a5c69c6a

SHA512
8f2f17ac78dd186a7c315d4abb3fb5446506c6a777e326aac11ed4ab3118c07742c8fc33575f4c9d1b60e719cab8aa0d7a086f59ce5740d3a413072deb3ae1d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
1663bb2de21e12448b2b493eb1a4b435

SHA1
1388651c086ff49e514ec2abe6efc53bcc9f5a8b

SHA256
954fea065fa53951138e184b82e8a52edcac324ace32094a640d1e89193f434a

SHA512
d99b1f870b741e83a693c03fe0d510af5da0fbe6b915d2f9864b87ac8e9a3aed74ddeb86f9e665c4a4107df8f453218c77f77bccdd7bd1793cd52988a1a3cc91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
d4ad08810f87e30d0a687a1434daa06c

SHA1
1429f7256583557cd8699d3faab639965b1bb27a

SHA256
fc1efa062c31214009683daa087cc595ab1820ae3d08ef1db6cc24b852809c95

SHA512
68acc862874ae03b37aa4e835ae58b48c43da041898f06aff8fa5f9d566ec6ff618c59f318bb625735c027c444df505d28e7cb68c1642b81b50ce1dc6ba0d7e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e2552ddc85957344d60aed72192c0903

SHA1
a9b91823661d241060631671b80291b851f497af

SHA256
2ab469ce80acf64041b95bf053b61a34e951d0f7d51410d74855c4349ef7a8ec

SHA512
00c925eac947073985d8a2cac725fc01c350db7d3ad072f071193e93cbe227378c8f34170f7bf07bee187f2214a840e4fbe9e64a441037f4a64eea688d9fd194

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f1c12260dea49204cd2663ad807b33b3

SHA1
a2231b876c1cd678ec0d4b5b37522ac77c570106

SHA256
c065bd9d52da4a31ffab7088afe0fc22493535099c631a2a67dfd844d0ac6741

SHA512
d7a90dd3197b692789e77f9643a7655675df5a9f0220b643289000bb0b102c9996f79fef31239d6f7e0f52bd1bc482bca43fbad20574fad7029da1d4dcf8481b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
78c29ea61a6202bd13727a59e9cd4a55

SHA1
cbee74aba052967349ccbd98e84edc32fe5acfd3

SHA256
a96ddfc759487aa14cf783c47e6aaae8741a49f675134b3329443721210bf200

SHA512
8c01e0678c8b31adcd2a2d2afd4508a6ffa8e390659ca1e795522350188d5f9f0b22f87396656c0565fbc8078fa0068cea02c6b04def961f76d63d6dad4d445b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
3e2b4697561a7fe366651bd0a4615348

SHA1
dbe392c20356e61d33be5c2aebc6efc7288ee024

SHA256
dd12e2d5a92d9f272381eed7e0eb84c41f98dc78e54fce5293d784e9069d20e2

SHA512
b5881cf4cd01e3b59ca672d2fc321b92f5644a32eaf587c48b871bf7691d3d1fc5db92ceb32996bd4540bd2f1f71c415e3563786931acd2e592ea75e496e4bde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
c0347f9db29cb100d54cf41056529c00

SHA1
ce4ec7276fd6aa6551040fe828449e5e0bb3bb72

SHA256
45759738bb9e6771fcde6d8a5b381f4dfe1eadef1cf9a1948ad72b4bc7cad687

SHA512
56667d2c4b94674d02843bbfc90d4fda8eef3897484df7e45d39f3cdb35ee6982ebbe5c1a502f08842b5f714be069407960f8bdda239f7224cd77381a0272a48

Download Submit
C:\Users\Admin\Downloads\OvixBundle.zip.crdownload

Filesize
6.7MB

MD5
c58a76ded266dc5bed79afcac8758ceb

SHA1
348da0896ec9fc4bea695373b85bbd10ee9c8b0b

SHA256
c0705ec2be233ecbb643208b1a027f1d27c75f23fc1edf0ab3c5abed97689520

SHA512
30284ba1383a31778a347022e48568b8195ae2a47ca3f78fd18521dd3043e8d98456c7a75dc6a210fc9a816ea62cbb5eda146a0abbda269f414ab27875b315ba

Download Submit
C:\Users\Admin\Downloads\OvixBundle\OvixGTALauncher.exe

Filesize
1.1MB

MD5
a58fac58a3ba52b880e7db6d67f31cd8

SHA1
918feadacc3334ebfaa3e0e7a69284533d41fde2

SHA256
2430071ea72f7c9f8d1d41bdb6e92d0f07922595e2bd8067dd9f3b817d31f014

SHA512
a2b8b244011390edd6be92fbfb9cac41978385f93f4d7067bfa094d8e3a109ec436741528a96c38ec9ebe6f80fae5d4668b923a7e108a4077f914611593ead34

Download Submit